Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
File: 8u5baEnIyB9adjWVWIprpoIedns.mft (raw, json)
Hash identifier: geP5ZKJ32fedfu1scCkHg0IcUErj/DE/qHffvbC6j1o=
Subject key identifier: 37:FA:FF:2E:7B:81:98:E8:F5:C3:9C:52:A7:48:15:E8:EF:11:00:33
Authority key identifier: F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
Certificate issuer: /CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Certificate serial: 019883FA63890BBF6D6FAADCF13FD85AA3DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
Manifest number: 0624
Signing time: Thu 07 Aug 2025 10:01:21 +0000
Manifest this update: Thu 07 Aug 2025 10:01:21 +0000
Manifest next update: Fri 08 Aug 2025 10:01:21 +0000
Files and hashes: 1: 8u5baEnIyB9adjWVWIprpoIedns.crl (hash: mGY7fXaRexR3OgMu58Ou4FAVGHUbGCqRUEkXrPmZU5M=)
2: Di0vSgAmdtxn2ZM7Al8L8Zr3oIU.roa (hash: 0Bf0l0DWLnoKx593QVoGlu2x+BD1lYWYH448tSVbn0U=)
3: Tb-8GP8qcCsPrA2Xrleo-iet2HM.roa (hash: yyhoDt89y5+7nL9lVvf4sdS/dAeJY+OT1BrhoMFwMME=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:fa:63:89:0b:bf:6d:6f:aa:dc:f1:3f:d8:5a:a3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Validity
Not Before: Aug 7 10:01:21 2025 GMT
Not After : Aug 8 10:01:21 2025 GMT
Subject: CN=37faff2e7b8198e8f5c39c52a74815e8ef110033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:98:13:6d:14:db:ef:ed:61:a3:5f:fc:ab:
5c:e4:5c:16:df:b9:14:e2:ea:06:77:6c:45:19:7b:
51:ec:0b:c5:90:fe:52:55:57:10:ad:ad:94:9b:08:
a1:e0:bf:ef:cf:45:28:40:b9:c7:ce:30:5e:38:2c:
70:49:31:fd:a4:1b:ed:52:47:e0:6b:54:02:83:22:
5f:10:2d:0a:e8:e1:0b:eb:95:59:4a:b5:b7:e3:8f:
25:ce:2f:25:e5:3d:64:a2:e0:1a:3d:c3:48:32:e4:
57:58:b1:83:1e:56:cb:35:36:8a:f3:0d:38:d9:99:
1b:20:71:c6:57:6b:0f:03:bd:9d:e1:69:72:73:6e:
b0:3a:36:43:e2:72:57:2a:a7:7d:8c:84:75:10:16:
52:13:ce:99:63:05:13:4f:ce:94:15:1a:67:1e:42:
b5:73:fc:ed:92:bf:b1:9a:6f:2b:0a:f1:6e:04:e3:
95:41:9b:05:21:86:51:78:5c:3b:69:2c:b3:f9:ac:
b4:16:44:11:14:5e:c0:3b:07:48:6b:b5:1d:2a:52:
b4:55:8b:23:9d:03:53:a1:67:b7:7a:cd:50:fb:92:
32:0c:a2:89:5c:20:52:db:a2:03:87:7c:2c:5b:79:
48:de:34:5b:a5:be:00:8c:f2:c6:39:32:be:29:80:
95:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FA:FF:2E:7B:81:98:E8:F5:C3:9C:52:A7:48:15:E8:EF:11:00:33
X509v3 Authority Key Identifier:
keyid:F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:3f:15:cd:e1:c2:60:29:04:cd:86:34:3d:80:f0:26:aa:3b:
17:70:91:55:19:a5:8f:aa:f0:ec:6e:f9:c4:75:a3:e7:ea:01:
5c:b3:21:87:ad:ab:36:9c:91:7d:a1:98:86:c3:ea:e9:56:c5:
1a:f1:cb:8a:d5:e4:87:03:f5:10:76:9c:d1:25:85:32:89:14:
cd:e0:8e:e2:ce:b8:ec:af:87:9e:e4:8f:85:fb:95:3e:e9:e8:
d2:1f:b3:60:c0:f4:5d:c6:96:32:e5:30:ba:46:6a:79:e2:d4:
ca:ab:f4:f7:34:d4:29:eb:24:58:bc:a1:76:c1:73:64:4a:f3:
6b:45:f1:89:55:35:19:31:77:da:f1:7a:7b:fe:fa:3f:5c:93:
87:74:2a:2b:76:58:35:96:32:c3:e2:32:2c:7e:9b:f6:8c:ca:
64:8d:dc:0a:b5:9a:96:2f:0b:06:96:de:c3:51:da:8c:92:ad:
8c:df:4d:ba:1a:72:e7:3c:06:1d:43:98:7b:60:5f:39:87:0d:
26:7f:c0:ee:ca:fc:69:64:b9:34:de:df:48:2e:fa:e5:19:ee:
6e:ce:28:4d:9e:ef:1a:b6:1e:38:66:3d:45:0b:23:a7:76:02:
04:de:cc:d3:b3:8f:67:ce:d2:f3:49:f2:f9:7f:3b:27:8a:99:
ab:e4:10:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiD+mOJC79tb6rc8T/YWqPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZWU1YjY4NDljOGM4MWY1YTc2MzU5NTU4OGE2YmE2ODIx
ZTc2N2IwHhcNMjUwODA3MTAwMTIxWhcNMjUwODA4MTAwMTIxWjAzMTEwLwYDVQQD
EygzN2ZhZmYyZTdiODE5OGU4ZjVjMzljNTJhNzQ4MTVlOGVmMTEwMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRyYE20U2+/tYaNf/Ktc5FwW37kU
4uoGd2xFGXtR7AvFkP5SVVcQra2Umwih4L/vz0UoQLnHzjBeOCxwSTH9pBvtUkfg
a1QCgyJfEC0K6OEL65VZSrW3448lzi8l5T1kouAaPcNIMuRXWLGDHlbLNTaK8w04
2ZkbIHHGV2sPA72d4Wlyc26wOjZD4nJXKqd9jIR1EBZSE86ZYwUTT86UFRpnHkK1
c/ztkr+xmm8rCvFuBOOVQZsFIYZReFw7aSyz+ay0FkQRFF7AOwdIa7UdKlK0VYsj
nQNToWe3es1Q+5IyDKKJXCBS26IDh3wsW3lI3jRbpb4AjPLGOTK+KYCV3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDf6/y57gZjo9cOcUqdIFejvEQAzMB8GA1UdIwQY
MBaAFPLuW2hJyMgfWnY1lViKa6aCHnZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTIt
NjBhMDM5ZGQxYmNhLzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTItNjBhMDM5ZGQxYmNh
LzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvj8VzeHC
YCkEzYY0PYDwJqo7F3CRVRmlj6rw7G75xHWj5+oBXLMhh62rNpyRfaGYhsPq6VbF
GvHLitXkhwP1EHac0SWFMokUzeCO4s647K+HnuSPhfuVPuno0h+zYMD0XcaWMuUw
ukZqeeLUyqv09zTUKeskWLyhdsFzZErza0XxiVU1GTF32vF6e/76P1yTh3QqK3ZY
NZYyw+IyLH6b9ozKZI3cCrWali8LBpbew1HajJKtjN9Nuhpy5zwGHUOYe2BfOYcN
Jn/A7sr8aWS5NN7fSC765Rnubs4oTZ7vGrYeOGY9RQsjp3YCBN7M07OPZ87S80ny
+X87J4qZq+QQ4w==
-----END CERTIFICATE-----
Generated at Thu Aug 7 14:45:57 2025 by rpki-client