Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier: 9fyW6DV+ReFLYgjsGAVSh83I5bzkNBnpqNRSDZ9fm80=
Subject key identifier: FF:8E:EE:90:D7:FD:13:D8:23:29:84:F8:80:A5:E8:70:A1:5B:FA:75
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial: 0198978113524416E8E7C70B174314EB0E84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number: 09FD
Signing time: Mon 11 Aug 2025 05:01:15 +0000
Manifest this update: Mon 11 Aug 2025 05:01:15 +0000
Manifest next update: Tue 12 Aug 2025 05:01:15 +0000
Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: yKAgRTciXYaCYXkxwu0rYQFR6F5LFgIPge75B/hIepA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:81:13:52:44:16:e8:e7:c7:0b:17:43:14:eb:0e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Validity
Not Before: Aug 11 05:01:15 2025 GMT
Not After : Aug 12 05:01:15 2025 GMT
Subject: CN=ff8eee90d7fd13d8232984f880a5e870a15bfa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:5f:e0:64:7e:ca:1b:f1:9d:f2:ec:90:90:
8b:2b:7d:93:6a:01:20:bf:64:36:8c:db:d0:db:ae:
a6:9d:97:e6:d0:59:e7:d4:28:40:c1:1e:59:0d:1b:
b7:01:67:aa:84:ab:ea:1d:f2:e9:11:73:8f:20:c9:
2a:0b:6e:c8:18:1b:98:53:ed:7e:df:dd:43:75:28:
de:d0:e2:fe:62:ee:66:9f:a8:7d:a8:e6:e4:d2:46:
1b:ba:d4:37:38:a7:87:96:5c:9d:56:8f:70:e7:a5:
98:5c:17:0c:3d:f8:90:78:9f:11:e6:59:71:68:99:
53:0a:1c:9f:d3:01:6b:d2:b0:ef:81:a2:1c:e6:ab:
10:8c:da:ba:dd:d8:df:6a:ab:53:29:0d:23:21:52:
9b:06:1b:92:6f:99:4a:95:e2:1c:41:f3:00:f6:fc:
c5:b1:2a:54:ce:cc:9f:ea:fa:d6:f3:b4:df:64:06:
96:17:e6:1d:6b:82:52:bb:2b:3a:d3:ef:6d:00:4c:
4c:e2:a3:2c:54:8e:d4:cc:01:89:77:30:62:37:63:
4d:9a:c3:cc:78:c2:8d:05:d1:5c:c0:d2:0e:e3:5f:
86:3a:92:78:98:cb:4b:e6:0d:3d:d7:51:58:9d:bb:
5f:aa:5c:d7:ed:ef:44:63:7d:82:66:8c:a0:2c:ce:
8a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8E:EE:90:D7:FD:13:D8:23:29:84:F8:80:A5:E8:70:A1:5B:FA:75
X509v3 Authority Key Identifier:
keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:33:e0:99:a5:30:5c:e7:cc:9c:4e:53:ab:c0:d2:74:ea:90:
62:5b:d5:e3:e8:4b:b5:fe:18:dd:d5:84:0b:e6:cb:7d:f7:d0:
b8:fe:b4:98:38:ca:d6:13:93:9d:9e:e7:d6:02:93:30:eb:95:
67:18:ce:1e:99:e1:06:de:3f:af:c1:2a:b2:1d:b5:d8:5f:c9:
9a:78:25:74:a9:23:66:46:a2:a1:b7:a0:cc:c7:40:c0:2d:18:
5d:98:69:cd:15:e6:8b:6b:1c:90:2c:ff:e8:88:19:24:f1:37:
e9:7d:6e:79:e3:0b:9c:ac:95:69:fd:b2:d0:9f:00:af:2c:cb:
3a:7a:68:3a:cc:54:27:2a:da:cd:38:a7:32:f4:27:a2:f7:b9:
48:be:01:29:0e:8e:ec:cb:70:90:bc:0e:e2:37:94:93:31:d1:
0e:17:e5:98:d3:00:0e:9f:b6:15:e9:d3:0d:3c:69:b8:b6:f8:
a5:e2:f7:87:4a:a7:f8:f7:94:4c:de:b9:b5:21:c8:a5:01:ca:
05:50:54:d8:a7:3f:b5:23:10:ca:6f:e0:43:71:93:69:0f:b4:
f0:2c:99:02:57:43:42:27:2e:be:86:1d:07:a8:77:25:7b:d8:
32:8e:ec:da:7a:dd:66:e4:36:22:87:20:bb:d1:8b:ac:64:dd:
4e:7e:26:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXgRNSRBbo58cLF0MU6w6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjUwODExMDUwMTE1WhcNMjUwODEyMDUwMTE1WjAzMTEwLwYDVQQD
EyhmZjhlZWU5MGQ3ZmQxM2Q4MjMyOTg0Zjg4MGE1ZTg3MGExNWJmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuidf4GR+yhvxnfLskJCLK32TagEg
v2Q2jNvQ266mnZfm0Fnn1ChAwR5ZDRu3AWeqhKvqHfLpEXOPIMkqC27IGBuYU+1+
391DdSje0OL+Yu5mn6h9qObk0kYbutQ3OKeHllydVo9w56WYXBcMPfiQeJ8R5llx
aJlTChyf0wFr0rDvgaIc5qsQjNq63djfaqtTKQ0jIVKbBhuSb5lKleIcQfMA9vzF
sSpUzsyf6vrW87TfZAaWF+Yda4JSuys60+9tAExM4qMsVI7UzAGJdzBiN2NNmsPM
eMKNBdFcwNIO41+GOpJ4mMtL5g0911FYnbtfqlzX7e9EY32CZoygLM6K1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+O7pDX/RPYIymE+ICl6HChW/p1MB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgDPgmaUw
XOfMnE5Tq8DSdOqQYlvV4+hLtf4Y3dWEC+bLfffQuP60mDjK1hOTnZ7n1gKTMOuV
ZxjOHpnhBt4/r8Eqsh212F/JmngldKkjZkaiobegzMdAwC0YXZhpzRXmi2sckCz/
6IgZJPE36X1ueeMLnKyVaf2y0J8AryzLOnpoOsxUJyrazTinMvQnove5SL4BKQ6O
7MtwkLwO4jeUkzHRDhflmNMADp+2FenTDTxpuLb4peL3h0qn+PeUTN65tSHIpQHK
BVBU2Kc/tSMQym/gQ3GTaQ+08CyZAldDQicuvoYdB6h3JXvYMo7s2nrdZuQ2Iocg
u9GLrGTdTn4mww==
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:31:42 2025 by rpki-client