Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: Yj/LKYOSxPOlcIhzqD0ya9yH95z0HBiI3HShywtKD20=
Subject key identifier: 74:78:6E:EB:F1:CF:72:25:A7:29:60:88:AC:D1:C1:EE:1F:A2:35:CB
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 01988D6B87153FF048F0D287379364B67078
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 0667
Signing time: Sat 09 Aug 2025 06:01:30 +0000
Manifest this update: Sat 09 Aug 2025 06:01:30 +0000
Manifest next update: Sun 10 Aug 2025 06:01:30 +0000
Files and hashes: 1: 1-zGyc8-sNFoNd9jrRwy0ohv-lr8.roa (hash: X6damPmptp3XphV2HfGbEnZgUQ5Ok8UVDdDjwWdsAA0=)
2: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: sYl3rLvEZwhaBB6Ugs81dP8ijPrN15RUx8ud6hbiecc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8d:6b:87:15:3f:f0:48:f0:d2:87:37:93:64:b6:70:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Aug 9 06:01:30 2025 GMT
Not After : Aug 10 06:01:30 2025 GMT
Subject: CN=74786eebf1cf7225a7296088acd1c1ee1fa235cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:d7:5d:57:f8:66:e2:df:62:d8:82:c8:2c:
03:2f:1b:6c:03:1d:f4:2b:83:7a:b7:ed:8b:b3:79:
da:cf:48:ec:1b:e8:ca:8d:4a:73:cd:fa:50:db:61:
d8:f7:8e:ba:de:cb:78:e8:22:c5:b5:03:01:3e:07:
ee:d7:e1:1b:76:f1:92:91:b3:b0:2e:9c:61:9e:b3:
fc:a1:49:27:f0:50:16:ac:1a:0d:79:df:99:51:b1:
d0:14:22:80:c0:c8:52:ef:34:06:8a:d1:e7:e8:5c:
61:6a:4c:e6:61:f0:2b:0a:4f:98:b4:47:60:56:57:
09:5d:48:e9:37:6a:4a:ff:9e:b6:88:e4:08:d4:2e:
fb:cb:54:d0:fd:da:ce:28:98:6b:a8:da:38:19:70:
d3:08:e5:b6:89:85:62:53:bd:59:18:42:d6:7a:b8:
1b:33:8b:51:2e:ae:03:cb:a2:87:59:c8:12:de:66:
60:aa:44:4e:07:9f:70:05:ac:79:cd:90:0d:d5:97:
15:cb:82:17:ad:d6:02:65:12:69:9f:1b:09:04:b5:
b9:44:85:b1:2d:43:c0:e0:f0:11:34:89:65:0f:f7:
c2:33:9b:8c:c0:bb:c9:e0:a4:f6:b0:7b:83:42:ab:
8b:26:d4:3f:40:8b:9f:c3:6f:57:b9:ab:f1:8d:77:
7e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:78:6E:EB:F1:CF:72:25:A7:29:60:88:AC:D1:C1:EE:1F:A2:35:CB
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:10:11:ef:f8:f0:5d:94:58:83:e1:20:49:56:af:51:22:dc:
74:e5:a9:48:fb:c0:13:4d:a3:5e:34:bb:69:9c:ca:9a:48:37:
a1:ff:c7:e6:2d:29:98:2e:66:d7:a2:a3:19:df:a2:81:3b:4e:
70:d1:64:fc:49:65:bf:21:cf:58:1d:49:38:4c:ff:79:5b:2c:
05:a0:04:47:8c:e2:6c:c8:43:ff:ab:6e:d8:2b:e0:81:43:92:
5d:8f:43:70:bf:3d:b0:7b:58:75:5b:b4:a9:85:d4:1b:92:e1:
66:09:24:a9:c1:2f:f1:69:a0:79:e2:d8:85:50:1f:df:78:f2:
bb:75:f8:95:7f:6b:03:74:52:7d:4f:82:68:5f:bf:0c:e3:a7:
6d:23:9a:46:5f:df:0a:2f:af:03:68:5a:af:f8:39:86:85:9a:
08:66:e7:6a:58:8c:66:7c:ae:c1:2d:2c:a4:8b:56:eb:ff:90:
22:56:18:e7:45:76:6d:48:9e:4b:f2:4a:83:de:af:a1:d9:fa:
47:b1:d9:ef:8e:5f:83:8a:fa:42:67:57:14:ff:d9:d3:e8:a4:
98:5e:fb:d1:3a:cc:63:0e:5f:3c:bc:72:09:99:cc:97:ba:36:
d0:ab:24:52:53:cc:c9:eb:f6:28:52:41:c2:bb:b8:a2:58:16:
05:45:23:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiNa4cVP/BI8NKHN5NktnB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjUwODA5MDYwMTMwWhcNMjUwODEwMDYwMTMwWjAzMTEwLwYDVQQD
Eyg3NDc4NmVlYmYxY2Y3MjI1YTcyOTYwODhhY2QxYzFlZTFmYTIzNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArELXXVf4ZuLfYtiCyCwDLxtsAx30
K4N6t+2Ls3naz0jsG+jKjUpzzfpQ22HY94663st46CLFtQMBPgfu1+EbdvGSkbOw
LpxhnrP8oUkn8FAWrBoNed+ZUbHQFCKAwMhS7zQGitHn6FxhakzmYfArCk+YtEdg
VlcJXUjpN2pK/562iOQI1C77y1TQ/drOKJhrqNo4GXDTCOW2iYViU71ZGELWergb
M4tRLq4Dy6KHWcgS3mZgqkROB59wBax5zZAN1ZcVy4IXrdYCZRJpnxsJBLW5RIWx
LUPA4PARNIllD/fCM5uMwLvJ4KT2sHuDQquLJtQ/QIufw29XuavxjXd+HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHR4buvxz3IlpylgiKzRwe4fojXLMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjhAR7/jw
XZRYg+EgSVavUSLcdOWpSPvAE02jXjS7aZzKmkg3of/H5i0pmC5m16KjGd+igTtO
cNFk/EllvyHPWB1JOEz/eVssBaAER4zibMhD/6tu2CvggUOSXY9DcL89sHtYdVu0
qYXUG5LhZgkkqcEv8WmgeeLYhVAf33jyu3X4lX9rA3RSfU+CaF+/DOOnbSOaRl/f
Ci+vA2har/g5hoWaCGbnaliMZnyuwS0spItW6/+QIlYY50V2bUieS/JKg96vodn6
R7HZ745fg4r6QmdXFP/Z0+ikmF770TrMYw5fPLxyCZnMl7o20KskUlPMyev2KFJB
wru4olgWBUUjoQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:35:51 2025 by rpki-client