Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
File: sz3NILWulcFy0y7XKevzBhl7I-c.mft (raw, json)
Hash identifier: FANDXhRydrokvSALlgxePzBdBfVkpPp9Fz16VE2eKFw=
Subject key identifier: 68:E9:A9:FD:68:C0:7D:E1:83:C0:FA:A3:11:B1:76:AA:C9:6B:65:5B
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 0198729862F0CF0EDC9BA44829B5FC58CF4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
Manifest number: 1617
Signing time: Mon 04 Aug 2025 01:00:46 +0000
Manifest this update: Mon 04 Aug 2025 01:00:46 +0000
Manifest next update: Tue 05 Aug 2025 01:00:46 +0000
Files and hashes: 1: CIm7PdRT4tGc0ohUd0vMkXyk2Z4.roa (hash: bKi9ERQ3HDvQWS3A9n+SnlJFymCAx7E6eQcIAFgcP7o=)
2: sz3NILWulcFy0y7XKevzBhl7I-c.crl (hash: HjhZ18U0rzUYvUaPOhuya8/pO6G1xO8zkESzmvgaLQo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:72:98:62:f0:cf:0e:dc:9b:a4:48:29:b5:fc:58:cf:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Aug 4 01:00:46 2025 GMT
Not After : Aug 5 01:00:46 2025 GMT
Subject: CN=68e9a9fd68c07de183c0faa311b176aac96b655b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:00:1c:74:a3:84:33:cb:04:0e:e1:03:e1:7d:
3b:95:2b:49:49:ef:16:80:b5:66:31:4c:72:f9:e6:
b3:5a:64:31:e3:95:dc:7a:8c:cb:a8:ca:70:c9:da:
63:f7:0a:ba:05:5b:bb:81:8a:c8:10:e7:79:a4:0d:
6e:56:70:3b:f6:29:90:cd:78:21:59:80:48:bf:13:
77:50:61:1d:72:dd:a6:33:77:4c:16:4c:fb:f8:b2:
33:6c:1c:fe:79:fe:66:4f:ee:c6:40:5f:3c:2e:55:
7f:fa:0d:be:a5:b3:1a:c3:df:ee:0e:d3:52:a4:3c:
fb:ae:ed:61:30:f0:be:fc:83:04:17:8e:ed:f6:79:
5c:e7:c3:4e:e1:40:e6:dc:0a:a0:48:38:47:3b:65:
28:93:45:67:d8:d9:56:af:79:e6:e0:b6:ff:19:d9:
f3:5b:b1:1c:0e:65:45:6f:ef:48:8b:3a:83:75:97:
43:e9:26:b9:43:70:ad:b4:dc:72:cc:7a:8a:54:d2:
78:a9:95:9e:62:aa:57:81:a7:99:bb:0f:49:2b:b4:
a6:62:a9:ce:fa:d9:97:9c:13:65:40:03:55:0f:67:
ba:2d:22:a4:bb:5f:28:5a:0a:c4:de:c2:61:38:49:
6a:ea:7c:4b:81:41:43:b2:f2:35:1b:30:f3:7c:d7:
fe:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E9:A9:FD:68:C0:7D:E1:83:C0:FA:A3:11:B1:76:AA:C9:6B:65:5B
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:e9:35:e4:a2:01:82:12:76:d5:01:23:6d:ff:a2:9e:e6:f5:
f4:2a:e6:4a:7b:18:c3:16:86:54:8e:18:6a:ef:ee:33:d8:5d:
de:63:33:19:8c:4d:5b:30:06:6e:2d:55:d2:4b:62:9d:c1:cc:
6e:2a:e9:f2:88:84:17:5e:01:c7:73:0f:95:eb:bd:6b:53:8b:
7c:44:83:51:ca:aa:b4:25:1d:ae:27:6f:39:b9:7f:d6:da:ac:
09:dc:d8:71:e6:63:fb:ff:5b:a5:63:d3:0d:74:86:a3:b3:7d:
79:d4:42:b4:6a:93:7d:8d:e5:aa:e2:75:ce:94:01:96:b1:83:
56:98:ca:3b:4c:55:1c:ce:d7:3f:df:04:59:f1:93:71:6b:5a:
d3:50:1d:94:82:1a:d0:1f:29:b9:08:bd:68:74:97:5b:4b:23:
3d:69:26:07:92:18:a1:cf:ed:a3:58:38:19:3e:47:53:80:08:
5e:eb:f8:01:09:29:8d:8c:4c:a7:43:10:f4:40:82:01:dd:ea:
ce:4e:db:2a:a1:0e:3a:33:e5:6e:4b:b3:bc:58:28:af:fa:b0:
1b:e4:b9:73:0d:4b:95:3a:9e:9a:55:08:33:bf:92:d5:5c:3b:
7b:69:36:33:12:c8:21:9b:bc:2a:98:61:63:6c:c0:67:73:41:
49:2f:0a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymGLwzw7cm6RIKbX8WM9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzM2RjZDIwYjVhZTk1YzE3MmQzMmVkNzI5ZWJmMzA2MTk3
YjIzZTcwHhcNMjUwODA0MDEwMDQ2WhcNMjUwODA1MDEwMDQ2WjAzMTEwLwYDVQQD
Eyg2OGU5YTlmZDY4YzA3ZGUxODNjMGZhYTMxMWIxNzZhYWM5NmI2NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AAcdKOEM8sEDuED4X07lStJSe8W
gLVmMUxy+eazWmQx45XceozLqMpwydpj9wq6BVu7gYrIEOd5pA1uVnA79imQzXgh
WYBIvxN3UGEdct2mM3dMFkz7+LIzbBz+ef5mT+7GQF88LlV/+g2+pbMaw9/uDtNS
pDz7ru1hMPC+/IMEF47t9nlc58NO4UDm3AqgSDhHO2Uok0Vn2NlWr3nm4Lb/Gdnz
W7EcDmVFb+9IizqDdZdD6Sa5Q3CttNxyzHqKVNJ4qZWeYqpXgaeZuw9JK7SmYqnO
+tmXnBNlQANVD2e6LSKku18oWgrE3sJhOElq6nxLgUFDsvI1GzDzfNf+YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjpqf1owH3hg8D6oxGxdqrJa2VbMB8GA1UdIwQY
MBaAFLM9zSC1rpXBctMu1ynr8wYZeyPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgt
NTU1YTE5ODMzZDhlLzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgtNTU1YTE5ODMzZDhl
LzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuk15KIB
ghJ21QEjbf+inub19CrmSnsYwxaGVI4Yau/uM9hd3mMzGYxNWzAGbi1V0ktincHM
birp8oiEF14Bx3MPleu9a1OLfESDUcqqtCUdridvObl/1tqsCdzYceZj+/9bpWPT
DXSGo7N9edRCtGqTfY3lquJ1zpQBlrGDVpjKO0xVHM7XP98EWfGTcWta01AdlIIa
0B8puQi9aHSXW0sjPWkmB5IYoc/to1g4GT5HU4AIXuv4AQkpjYxMp0MQ9ECCAd3q
zk7bKqEOOjPlbkuzvFgor/qwG+S5cw1LlTqemlUIM7+S1Vw7e2k2MxLIIZu8Kphh
Y2zAZ3NBSS8KWA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:15:44 2025 by rpki-client