Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
File: M7Zai666T_YhSS6-5vweiK2yGwM.mft (raw, json)
Hash identifier: 22UAm7PfAmrPIftxEQSFucOlwXM0fdplu9/ypmwPfQg=
Subject key identifier: A8:37:AF:FD:10:EA:63:0E:50:E7:A9:14:EE:D5:00:D3:7C:A7:5C:40
Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Certificate serial: 01989712F1BD1AAAD71606F9DAC2ED537B5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
Manifest number: 0241
Signing time: Mon 11 Aug 2025 03:00:57 +0000
Manifest this update: Mon 11 Aug 2025 03:00:57 +0000
Manifest next update: Tue 12 Aug 2025 03:00:57 +0000
Files and hashes: 1: KOqyp8DhhZD3JH6K0j1zl6aQKBk.roa (hash: CehIyyDTNH2XPwU/dxmXRsBi9Cc/OKe00kUQqRs/maU=)
2: M7Zai666T_YhSS6-5vweiK2yGwM.crl (hash: BWhN5fsKAiTIJ8miOZn1ePblE68zrCHip4IaqshIHfc=)
3: YCOxnrJZzRohN18jKfSDMAOgQUI.roa (hash: /PrVwAluwlwegI08mKBtFGWqwyRlaqAj4wNKvuzMcSU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:12:f1:bd:1a:aa:d7:16:06:f9:da:c2:ed:53:7b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Validity
Not Before: Aug 11 03:00:57 2025 GMT
Not After : Aug 12 03:00:57 2025 GMT
Subject: CN=a837affd10ea630e50e7a914eed500d37ca75c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d1:3f:e6:62:73:ca:84:71:7f:46:7b:b0:c2:
75:e1:6b:28:d9:42:56:5b:55:6f:9d:d6:8b:f4:9b:
d9:3b:21:3f:9e:3d:ed:9d:e9:b9:72:62:1a:27:e6:
6c:81:74:1e:46:91:bc:4b:e0:4f:68:cb:5b:4f:a4:
d9:91:1e:9b:56:3b:d0:23:d4:31:fa:36:84:c6:d1:
1f:60:8e:68:c1:5c:eb:45:1f:dc:4e:7b:a5:69:98:
57:f3:78:f2:26:07:25:04:57:72:f7:54:b1:37:43:
35:c1:f9:5b:1d:44:67:56:a1:45:23:ed:d4:38:9d:
b2:85:2e:0c:8f:65:8c:79:71:42:8f:65:b0:17:9e:
5c:af:1c:7c:74:dd:20:69:e2:b1:85:29:a8:8f:e8:
26:e0:af:95:36:9a:57:b4:db:ab:25:bb:e1:17:6b:
8f:b4:df:00:80:12:2a:98:fd:f0:e4:c9:d4:2d:c7:
e5:09:69:0f:61:d2:a5:f4:d7:96:b1:25:c1:49:9c:
48:d5:65:c7:99:ae:f0:c6:e1:30:c6:f4:02:f8:1a:
84:df:df:88:7f:92:e9:f3:a9:b3:70:13:6c:bd:47:
54:f1:42:3d:d5:3d:9b:51:be:cc:32:d4:a6:a1:d4:
a5:d3:97:fd:3f:ed:84:bc:4c:a1:8d:88:cc:df:22:
57:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:37:AF:FD:10:EA:63:0E:50:E7:A9:14:EE:D5:00:D3:7C:A7:5C:40
X509v3 Authority Key Identifier:
keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:9f:7f:ac:18:ab:83:64:0d:d9:b1:4b:66:1b:ed:20:09:f9:
d0:bc:b7:e5:88:98:0e:47:d7:d1:2f:c0:c3:96:87:7c:7b:d2:
66:de:81:80:3c:39:06:22:02:45:b5:4b:d3:4d:07:dd:1a:6d:
db:22:c7:cf:4c:07:fc:93:75:51:ed:d6:5f:81:ee:de:3a:9f:
95:38:ea:1d:09:2b:d5:c0:ae:18:3e:d8:51:e1:d4:ff:3c:a0:
52:b3:19:14:d3:e1:1f:a6:d9:70:7f:1f:43:2d:21:0f:37:90:
03:f1:50:2f:59:a1:6f:db:77:28:f5:73:ab:a1:c2:b2:84:c7:
fe:c2:f6:5f:b7:d6:15:bf:d0:50:5e:1b:e3:f1:a0:82:6c:58:
cc:af:57:d8:98:49:dd:4c:80:a0:3b:06:f0:aa:ea:04:3d:02:
cc:84:5b:7b:d0:44:3f:46:9f:cc:26:51:e8:81:58:9b:d9:25:
25:52:cd:8c:4e:0e:c3:76:c7:09:de:fd:f3:8e:6c:59:bc:2e:
25:d6:08:e8:a9:b1:5b:a7:52:4e:8c:22:c7:5f:0e:6b:82:81:
ca:e6:65:2a:4f:83:0a:15:a9:27:08:17:88:8d:41:df:33:f4:
ce:8e:d5:83:61:fa:53:30:57:c4:68:3f:9e:84:07:95:60:b0:
f5:c4:e5:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXEvG9GqrXFgb52sLtU3tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi
MjFiMDMwHhcNMjUwODExMDMwMDU3WhcNMjUwODEyMDMwMDU3WjAzMTEwLwYDVQQD
EyhhODM3YWZmZDEwZWE2MzBlNTBlN2E5MTRlZWQ1MDBkMzdjYTc1YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNE/5mJzyoRxf0Z7sMJ14Wso2UJW
W1VvndaL9JvZOyE/nj3tnem5cmIaJ+ZsgXQeRpG8S+BPaMtbT6TZkR6bVjvQI9Qx
+jaExtEfYI5owVzrRR/cTnulaZhX83jyJgclBFdy91SxN0M1wflbHURnVqFFI+3U
OJ2yhS4Mj2WMeXFCj2WwF55crxx8dN0gaeKxhSmoj+gm4K+VNppXtNurJbvhF2uP
tN8AgBIqmP3w5MnULcflCWkPYdKl9NeWsSXBSZxI1WXHma7wxuEwxvQC+BqE39+I
f5Lp86mzcBNsvUdU8UI91T2bUb7MMtSmodSl05f9P+2EvEyhjYjM3yJXFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKg3r/0Q6mMOUOepFO7VANN8p1xAMB8GA1UdIwQY
MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt
ZDU0NzE4NTUxMmRlLzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl
LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJ9/rBir
g2QN2bFLZhvtIAn50Ly35YiYDkfX0S/Aw5aHfHvSZt6BgDw5BiICRbVL000H3Rpt
2yLHz0wH/JN1Ue3WX4Hu3jqflTjqHQkr1cCuGD7YUeHU/zygUrMZFNPhH6bZcH8f
Qy0hDzeQA/FQL1mhb9t3KPVzq6HCsoTH/sL2X7fWFb/QUF4b4/GggmxYzK9X2JhJ
3UyAoDsG8KrqBD0CzIRbe9BEP0afzCZR6IFYm9klJVLNjE4Ow3bHCd79845sWbwu
JdYI6KmxW6dSTowix18Oa4KByuZlKk+DChWpJwgXiI1B3zP0zo7Vg2H6UzBXxGg/
noQHlWCw9cTlzw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 05:54:25 2025 by rpki-client