Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier: QmrIqrwxHon05BkipW7jO7VLuzpFzUhN+5o3+8YyNfk=
Subject key identifier: 89:65:CD:68:1C:C5:A2:E6:BB:D8:D5:CB:60:85:2A:90:F8:C1:D3:65
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial: 01988DA173827B94E8893D2E6CDE3D5814C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number: 0709
Signing time: Sat 09 Aug 2025 07:00:24 +0000
Manifest this update: Sat 09 Aug 2025 07:00:24 +0000
Manifest next update: Sun 10 Aug 2025 07:00:24 +0000
Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: JEJqMhYkgsm2i1Cl7uBpsAaBc+ulOhlj+47iKHdF8yI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8d:a1:73:82:7b:94:e8:89:3d:2e:6c:de:3d:58:14:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Validity
Not Before: Aug 9 07:00:24 2025 GMT
Not After : Aug 10 07:00:24 2025 GMT
Subject: CN=8965cd681cc5a2e6bbd8d5cb60852a90f8c1d365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:a5:dd:c3:01:a7:21:63:75:cd:b6:f7:a4:
96:01:ee:51:56:0c:19:9d:53:c8:ab:f0:8b:61:8a:
9f:db:e2:e3:6c:57:8a:d4:d9:b4:83:1f:50:9e:d8:
04:51:a7:54:d5:35:0e:0d:d4:54:e6:e1:5f:7a:21:
03:ff:ea:b4:b6:b7:18:d1:0a:dd:68:85:da:92:a6:
44:d9:b0:34:fc:2c:3b:51:04:59:6b:de:02:8c:c8:
8f:61:a2:90:08:eb:15:b3:8c:b2:59:d3:6d:fd:89:
b4:74:52:87:06:81:88:65:1a:db:89:66:8b:ce:81:
42:6e:6d:7d:fc:92:d9:13:25:91:93:3a:58:6f:8d:
0b:6a:53:e5:4a:39:12:bb:9e:02:b1:7c:d9:c6:a6:
22:e3:d0:bf:53:d3:91:32:ed:cc:77:65:42:a1:fa:
08:30:a2:02:87:99:cb:d9:b4:0e:ba:d9:20:12:99:
d9:63:ba:47:11:ba:8f:73:5d:37:e2:18:ef:6b:d1:
2a:98:bf:85:4d:85:16:d7:a0:78:cc:63:66:06:68:
13:82:8d:77:cc:1c:b7:86:a7:f2:d2:7a:d5:66:7c:
f0:65:73:5d:a1:b0:d9:35:a8:e6:f2:07:a1:8b:99:
78:9a:2a:3d:78:e1:c6:fb:bf:ec:66:53:93:c0:75:
03:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:65:CD:68:1C:C5:A2:E6:BB:D8:D5:CB:60:85:2A:90:F8:C1:D3:65
X509v3 Authority Key Identifier:
keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:b1:ae:fa:4d:51:5b:1f:9b:f2:22:b1:12:95:7b:7b:a7:a9:
8e:92:de:73:fc:81:00:63:01:ba:cf:78:ff:49:04:0c:73:06:
f4:dc:6a:ed:67:81:60:a8:3c:dd:9a:dd:88:72:be:72:6b:3c:
e3:cf:3b:62:8c:06:23:b2:73:96:a7:11:33:1d:0d:f3:e2:25:
be:0c:1f:fb:fd:bb:85:8b:d9:03:88:e3:16:dc:ea:06:ed:0f:
4e:af:78:96:0c:84:b0:e0:dd:75:19:8e:92:75:59:ec:85:1e:
cc:df:1d:f7:9d:41:71:61:87:5b:09:2e:ec:16:09:19:fc:82:
0e:35:d9:0c:53:f6:7d:ac:57:fc:93:9b:d5:06:bd:fc:9d:d5:
17:31:0b:3c:55:4c:8f:60:e4:b2:36:1e:84:df:1d:3a:77:62:
cc:4b:e8:9a:c9:1f:0c:cb:2f:6b:6e:e9:8d:83:a8:bd:44:8a:
5c:12:0b:3d:7f:90:74:c6:1d:40:93:cb:b3:e3:4a:f6:ae:59:
1a:e1:3c:8f:28:d3:79:88:1a:70:e2:99:4a:4a:12:e7:d3:f6:
61:df:27:eb:5c:de:3c:05:c6:4b:65:82:2d:69:0c:be:c2:10:
57:67:2b:ac:c7:61:8a:c1:6c:c3:84:c9:31:89:34:17:34:8c:
46:50:a1:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiNoXOCe5ToiT0ubN49WBTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjUwODA5MDcwMDI0WhcNMjUwODEwMDcwMDI0WjAzMTEwLwYDVQQD
Eyg4OTY1Y2Q2ODFjYzVhMmU2YmJkOGQ1Y2I2MDg1MmE5MGY4YzFkMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngOl3cMBpyFjdc2296SWAe5RVgwZ
nVPIq/CLYYqf2+LjbFeK1Nm0gx9QntgEUadU1TUODdRU5uFfeiED/+q0trcY0Qrd
aIXakqZE2bA0/Cw7UQRZa94CjMiPYaKQCOsVs4yyWdNt/Ym0dFKHBoGIZRrbiWaL
zoFCbm19/JLZEyWRkzpYb40LalPlSjkSu54CsXzZxqYi49C/U9ORMu3Md2VCofoI
MKICh5nL2bQOutkgEpnZY7pHEbqPc1034hjva9EqmL+FTYUW16B4zGNmBmgTgo13
zBy3hqfy0nrVZnzwZXNdobDZNajm8gehi5l4mio9eOHG+7/sZlOTwHUD5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIllzWgcxaLmu9jVy2CFKpD4wdNlMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7Gu+k1R
Wx+b8iKxEpV7e6epjpLec/yBAGMBus94/0kEDHMG9Nxq7WeBYKg83ZrdiHK+cms8
4887YowGI7JzlqcRMx0N8+Ilvgwf+/27hYvZA4jjFtzqBu0PTq94lgyEsODddRmO
knVZ7IUezN8d951BcWGHWwku7BYJGfyCDjXZDFP2faxX/JOb1Qa9/J3VFzELPFVM
j2DksjYehN8dOndizEvomskfDMsva27pjYOovUSKXBILPX+QdMYdQJPLs+NK9q5Z
GuE8jyjTeYgacOKZSkoS59P2Yd8n61zePAXGS2WCLWkMvsIQV2crrMdhisFsw4TJ
MYk0FzSMRlChZA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:17:11 2025 by rpki-client