Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
File: v8qNbiIJkMc424yExmshnwNFVgw.mft (raw, json)
Hash identifier: BSza46qvQZg8VNNqeAXf+PXCHyECTjhfng9dFG8gawA=
Subject key identifier: 5F:55:69:B5:31:3A:48:7C:EF:12:A5:DF:50:13:F8:57:A6:D2:62:EC
Authority key identifier: BF:CA:8D:6E:22:09:90:C7:38:DB:8C:84:C6:6B:21:9F:03:45:56:0C
Certificate issuer: /CN=bfca8d6e220990c738db8c84c66b219f0345560c
Certificate serial: 01977308B12D602DD00A56E1991A352EC980
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
Manifest number: 0F8A
Signing time: Sun 15 Jun 2025 10:00:38 +0000
Manifest this update: Sun 15 Jun 2025 10:00:38 +0000
Manifest next update: Mon 16 Jun 2025 10:00:38 +0000
Files and hashes: 1: v8qNbiIJkMc424yExmshnwNFVgw.crl (hash: Xhzbo+3JcrVZOcDOLgdba4V+5kZJJcu6Eo3SUShxMsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:08:b1:2d:60:2d:d0:0a:56:e1:99:1a:35:2e:c9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfca8d6e220990c738db8c84c66b219f0345560c
Validity
Not Before: Jun 15 10:00:38 2025 GMT
Not After : Jun 16 10:00:38 2025 GMT
Subject: CN=5f5569b5313a487cef12a5df5013f857a6d262ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ca:8e:58:12:06:7c:fc:1e:fc:92:95:e2:cd:
8c:b4:49:0e:16:c8:58:fe:7e:5a:e5:e9:21:b2:3a:
47:84:fb:c3:e9:b2:6a:a4:91:dd:1b:08:8a:b1:58:
68:81:db:75:36:75:b3:3c:5c:7b:2d:10:27:f0:1e:
6c:f9:21:46:40:64:a5:d5:61:2d:b0:f5:9f:46:8a:
1d:57:22:10:54:c4:36:e4:1f:7f:4a:67:50:e4:ab:
88:3b:de:7f:66:8f:b0:bc:00:1b:f7:9a:c1:22:5e:
1d:ab:98:3d:76:3c:d8:49:53:cc:9c:02:7f:ae:a8:
85:e0:fd:af:49:7e:b9:45:b8:70:d4:7e:88:eb:5a:
4a:4d:7d:d6:71:b1:45:19:3f:d7:6a:9e:69:45:d5:
92:07:b8:43:c4:fc:a0:20:a0:a5:07:2b:fd:f6:a1:
f5:ab:ea:f9:b8:14:5d:e1:41:27:2a:b6:a5:dc:11:
ed:f0:7d:25:2a:5c:fb:69:03:32:65:53:e7:cd:ee:
9d:49:cf:77:14:cf:76:a8:0b:0e:a3:4c:85:0c:54:
6d:a7:a6:8e:2d:39:39:be:17:59:32:c3:be:e4:3d:
81:1d:c9:81:ff:af:4a:3b:51:43:90:93:13:ce:81:
68:5c:23:b1:97:e0:dc:c9:3f:50:8b:23:04:35:fe:
cc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:55:69:B5:31:3A:48:7C:EF:12:A5:DF:50:13:F8:57:A6:D2:62:EC
X509v3 Authority Key Identifier:
keyid:BF:CA:8D:6E:22:09:90:C7:38:DB:8C:84:C6:6B:21:9F:03:45:56:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8qNbiIJkMc424yExmshnwNFVgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e43194-c37b-4e7a-9150-20e27f879ae7/1/v8qNbiIJkMc424yExmshnwNFVgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:71:8a:f4:35:1d:4f:09:fc:44:af:d4:c1:8c:f6:64:91:ad:
1e:39:66:4b:ba:ce:78:e7:d9:44:14:b7:f8:0c:28:33:b9:83:
e0:91:2b:bf:c7:8a:d2:ac:f6:91:1e:5e:46:ec:0a:f8:60:65:
e0:f1:a6:34:af:a0:e7:b1:77:99:3b:60:21:50:c5:f6:6d:10:
67:bd:f0:28:9e:fc:fb:4c:55:1e:c4:91:3e:d8:b0:c4:d0:70:
5d:c6:1e:d3:84:3f:e3:a0:31:31:fe:1d:59:31:90:55:4c:2f:
a3:3a:65:cf:c3:c1:5e:ba:62:a9:f6:3c:35:59:da:e5:f2:f6:
64:2b:5d:e2:68:71:78:d7:5e:a2:27:9d:a4:6f:10:89:1a:2d:
5e:74:55:59:d6:80:1b:29:77:91:51:b1:c7:e8:a0:b9:ae:9c:
ce:d4:72:6b:63:84:57:bf:df:7b:6e:fd:0d:06:af:bb:28:7b:
69:4a:de:fe:e0:73:f8:0d:5b:02:0e:09:e9:3e:66:30:b3:b1:
4f:69:dd:cf:61:ad:93:d2:df:03:ba:2e:72:22:7e:2c:48:69:
31:88:b0:47:5e:bb:e7:62:7b:8b:e4:f0:74:db:b4:ad:48:5e:
de:07:99:84:03:ee:cd:a6:8f:ad:ed:14:c4:07:a1:eb:0e:16:
b7:39:ad:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCLEtYC3QClbhmRo1LsmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmY2E4ZDZlMjIwOTkwYzczOGRiOGM4NGM2NmIyMTlmMDM0
NTU2MGMwHhcNMjUwNjE1MTAwMDM4WhcNMjUwNjE2MTAwMDM4WjAzMTEwLwYDVQQD
Eyg1ZjU1NjliNTMxM2E0ODdjZWYxMmE1ZGY1MDEzZjg1N2E2ZDI2MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcqOWBIGfPwe/JKV4s2MtEkOFshY
/n5a5ekhsjpHhPvD6bJqpJHdGwiKsVhogdt1NnWzPFx7LRAn8B5s+SFGQGSl1WEt
sPWfRoodVyIQVMQ25B9/SmdQ5KuIO95/Zo+wvAAb95rBIl4dq5g9djzYSVPMnAJ/
rqiF4P2vSX65Rbhw1H6I61pKTX3WcbFFGT/Xap5pRdWSB7hDxPygIKClByv99qH1
q+r5uBRd4UEnKral3BHt8H0lKlz7aQMyZVPnze6dSc93FM92qAsOo0yFDFRtp6aO
LTk5vhdZMsO+5D2BHcmB/69KO1FDkJMTzoFoXCOxl+DcyT9QiyMENf7MoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9VabUxOkh87xKl31AT+Fem0mLsMB8GA1UdIwQY
MBaAFL/KjW4iCZDHONuMhMZrIZ8DRVYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lNDMxOTQtYzM3Yi00ZTdhLTkxNTAt
MjBlMjdmODc5YWU3LzEvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lNDMxOTQtYzM3Yi00ZTdhLTkxNTAtMjBlMjdmODc5YWU3
LzEvdjhxTmJpSUprTWM0MjR5RXhtc2hud05GVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHGK9DUd
Twn8RK/UwYz2ZJGtHjlmS7rOeOfZRBS3+AwoM7mD4JErv8eK0qz2kR5eRuwK+GBl
4PGmNK+g57F3mTtgIVDF9m0QZ73wKJ78+0xVHsSRPtiwxNBwXcYe04Q/46AxMf4d
WTGQVUwvozplz8PBXrpiqfY8NVna5fL2ZCtd4mhxeNdeoiedpG8QiRotXnRVWdaA
Gyl3kVGxx+igua6cztRya2OEV7/fe279DQavuyh7aUre/uBz+A1bAg4J6T5mMLOx
T2ndz2Gtk9LfA7ouciJ+LEhpMYiwR16752J7i+TwdNu0rUhe3geZhAPuzaaPre0U
xAeh6w4Wtzmthw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:20:10 2025 by rpki-client