Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: AoAURL5pMgIlm9G8zD9MDcaNLBFSSwohxlV1ZKExGsw=
Subject key identifier: A8:EF:BF:3B:69:CE:A0:4E:FB:79:FB:91:CE:91:7E:3E:BA:E6:F7:3E
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 01987562A1BA41C546859FDD0CC405C1A31F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 1616
Signing time: Mon 04 Aug 2025 14:00:54 +0000
Manifest this update: Mon 04 Aug 2025 14:00:54 +0000
Manifest next update: Tue 05 Aug 2025 14:00:54 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: 29DxZAy3TrZfiGcRefoSPa0GI4zaEzGVDA3WH4vnqwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:62:a1:ba:41:c5:46:85:9f:dd:0c:c4:05:c1:a3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Aug 4 14:00:54 2025 GMT
Not After : Aug 5 14:00:54 2025 GMT
Subject: CN=a8efbf3b69cea04efb79fb91ce917e3ebae6f73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:f2:17:dd:66:c4:d2:64:29:9a:c9:39:f3:
98:09:e0:57:de:99:75:ca:7b:be:8c:9c:8e:7e:cb:
4f:0c:73:22:21:cd:92:6c:4c:ee:fe:9c:0a:fd:9a:
47:48:30:cb:29:f0:b8:19:8c:69:cf:08:80:4a:0a:
18:eb:03:d1:2f:94:33:cf:d6:27:66:97:69:e9:3a:
bd:d2:49:4d:a6:44:93:68:88:23:87:48:d1:b6:8d:
3d:d8:1f:72:f0:35:67:0b:9b:cb:5b:30:c7:44:27:
d6:22:18:31:88:82:48:8f:63:77:49:ec:40:a7:e5:
20:cb:f6:34:d7:6b:43:42:a7:56:40:65:f8:c4:1c:
a3:b0:f1:06:55:60:69:77:67:84:60:67:1b:29:b5:
58:74:2f:1d:b5:21:d0:4b:0a:c7:63:06:60:13:4d:
bc:44:34:f0:90:6e:77:8f:59:82:74:1b:a9:cb:26:
bd:bc:c6:fb:85:b5:64:88:fb:45:61:14:11:a4:ad:
bb:73:78:bc:8c:02:2a:80:62:6d:52:2b:06:e7:46:
cb:75:8d:e4:61:5f:74:f3:86:e1:37:ef:f1:39:20:
16:f4:53:c5:87:a7:e3:19:44:53:81:00:a6:48:10:
cf:09:ed:73:e7:54:99:a5:24:95:85:8a:74:28:8e:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EF:BF:3B:69:CE:A0:4E:FB:79:FB:91:CE:91:7E:3E:BA:E6:F7:3E
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:27:c1:14:d8:96:89:0a:e4:0d:3e:78:cd:fb:96:e7:00:6f:
c8:58:6a:c5:22:d8:1d:12:8a:1a:a4:15:3b:58:74:67:53:00:
66:ee:f4:96:fa:ec:ae:ea:8b:32:9c:e8:e5:8c:a0:bf:88:b6:
c3:7e:98:6b:5b:d6:59:b4:14:c6:45:84:79:dc:b0:ad:59:d6:
09:20:02:ac:92:3a:46:98:2b:e6:61:9b:08:9e:a9:08:4e:4d:
fa:cc:02:54:63:54:10:ff:bd:ed:29:57:63:11:2d:46:37:92:
5c:bd:72:ce:f0:d1:0a:b5:fa:12:81:82:ce:35:c7:9d:f3:99:
3a:00:88:24:a5:b7:da:72:62:af:17:16:8e:21:24:fb:d9:87:
12:2f:bb:4f:f6:8b:6f:7b:11:9b:2d:21:07:5c:12:0f:42:92:
3d:fd:64:27:76:f6:0f:74:6b:08:40:8e:8b:84:de:ac:73:e6:
68:7c:9f:45:ca:17:06:ca:54:82:73:05:23:ac:87:2b:ae:c9:
ea:d8:8f:ab:52:0c:ec:46:11:56:59:ff:33:c2:67:68:16:2c:
89:ed:ff:58:03:49:59:46:0e:62:7f:96:6d:de:ea:22:b0:d1:
d3:df:50:cc:85:b8:6a:cd:ac:e1:b0:be:02:0e:a5:78:b6:9f:
08:f7:91:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1YqG6QcVGhZ/dDMQFwaMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwODA0MTQwMDU0WhcNMjUwODA1MTQwMDU0WjAzMTEwLwYDVQQD
EyhhOGVmYmYzYjY5Y2VhMDRlZmI3OWZiOTFjZTkxN2UzZWJhZTZmNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ/yF91mxNJkKZrJOfOYCeBX3pl1
ynu+jJyOfstPDHMiIc2SbEzu/pwK/ZpHSDDLKfC4GYxpzwiASgoY6wPRL5Qzz9Yn
Zpdp6Tq90klNpkSTaIgjh0jRto092B9y8DVnC5vLWzDHRCfWIhgxiIJIj2N3SexA
p+Ugy/Y012tDQqdWQGX4xByjsPEGVWBpd2eEYGcbKbVYdC8dtSHQSwrHYwZgE028
RDTwkG53j1mCdBupyya9vMb7hbVkiPtFYRQRpK27c3i8jAIqgGJtUisG50bLdY3k
YV9084bhN+/xOSAW9FPFh6fjGURTgQCmSBDPCe1z51SZpSSVhYp0KI6qkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjvvztpzqBO+3n7kc6Rfj665vc+MB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABSfBFNiW
iQrkDT54zfuW5wBvyFhqxSLYHRKKGqQVO1h0Z1MAZu70lvrsruqLMpzo5Yygv4i2
w36Ya1vWWbQUxkWEedywrVnWCSACrJI6Rpgr5mGbCJ6pCE5N+swCVGNUEP+97SlX
YxEtRjeSXL1yzvDRCrX6EoGCzjXHnfOZOgCIJKW32nJirxcWjiEk+9mHEi+7T/aL
b3sRmy0hB1wSD0KSPf1kJ3b2D3RrCECOi4TerHPmaHyfRcoXBspUgnMFI6yHK67J
6tiPq1IM7EYRVln/M8JnaBYsie3/WANJWUYOYn+Wbd7qIrDR099QzIW4as2s4bC+
Ag6leLafCPeRfw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:01:44 2025 by rpki-client