Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
File: CZoxZcQAepQBMaMnzHfMIhzBadk.mft (raw, json)
Hash identifier: ReeV/qjmZdKwyR1o8Izp9EdG/d6GyzELk+al+C++TBM=
Subject key identifier: D6:D0:CB:97:2D:36:43:DB:FE:7F:B3:19:00:15:B3:DD:BA:BB:B1:F6
Authority key identifier: 09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9
Certificate issuer: /CN=099a3165c4007a940131a327cc77cc221cc169d9
Certificate serial: 01988CFDE6A61E96689E6E4322718A0D6CB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
Manifest number: 1620
Signing time: Sat 09 Aug 2025 04:01:46 +0000
Manifest this update: Sat 09 Aug 2025 04:01:46 +0000
Manifest next update: Sun 10 Aug 2025 04:01:46 +0000
Files and hashes: 1: CZoxZcQAepQBMaMnzHfMIhzBadk.crl (hash: jpwqH23cAb11Ema2cNgQdoXOoojGXEr9UamDtg9IIs4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 04:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8c:fd:e6:a6:1e:96:68:9e:6e:43:22:71:8a:0d:6c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a3165c4007a940131a327cc77cc221cc169d9
Validity
Not Before: Aug 9 04:01:46 2025 GMT
Not After : Aug 10 04:01:46 2025 GMT
Subject: CN=d6d0cb972d3643dbfe7fb3190015b3ddbabbb1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:c5:81:ab:7d:bf:48:20:33:21:fa:e1:6a:
7d:b0:ca:10:0e:a5:ed:f2:f6:de:b7:e1:5d:85:fe:
13:eb:48:85:30:4a:b8:cc:1f:dc:df:b5:a6:40:17:
46:96:8e:e3:c1:ae:88:8f:87:49:d6:9c:93:95:39:
a3:a8:52:9a:a0:6f:79:b2:3a:71:95:40:8e:00:93:
03:85:19:5b:84:a3:3d:66:a2:47:87:00:67:62:76:
54:6f:40:cb:47:96:96:bb:44:54:e5:19:7c:9b:0f:
0e:cb:72:87:91:0f:2f:59:f8:07:6c:82:6b:f9:fc:
82:b9:41:51:7a:2a:89:a2:ee:df:e3:18:b7:73:bc:
2d:79:32:a6:dd:7b:de:72:d3:19:3c:89:d3:8f:e7:
7d:46:c8:02:6c:88:5f:cc:7b:cd:fc:75:cf:17:d5:
eb:25:95:d9:4f:e0:d1:d2:03:d9:f4:e2:30:59:e8:
88:8f:f2:c2:8d:71:6c:3a:6d:c9:70:de:39:91:1b:
e7:b9:8b:9d:55:bf:53:f0:82:22:6e:85:de:d7:5b:
8f:82:d2:29:57:9b:66:98:fc:76:f4:e4:26:34:44:
03:06:ec:8f:27:27:e4:7d:c8:3d:33:da:f9:ae:8c:
ea:44:72:58:4d:52:a4:8a:5b:33:0d:d6:ee:24:48:
1a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D0:CB:97:2D:36:43:DB:FE:7F:B3:19:00:15:B3:DD:BA:BB:B1:F6
X509v3 Authority Key Identifier:
keyid:09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:c2:af:d3:f6:3e:fb:b6:c9:07:e7:5e:17:43:64:da:90:fd:
5f:7c:d9:a7:73:01:29:4d:98:5e:e3:74:4f:3e:91:13:8e:37:
27:55:80:1b:d9:52:41:72:7b:32:23:21:ad:7f:6f:66:d1:32:
74:a5:a4:03:42:6f:27:dc:3b:c0:7b:4b:70:e5:a3:9f:bd:b9:
77:3f:43:3b:38:95:76:c9:79:29:19:fe:87:f2:81:84:86:17:
ee:42:19:11:53:1d:e1:0b:e7:16:cd:4a:1a:35:ea:3a:df:fb:
bb:b0:1f:2b:d7:10:72:fc:25:0c:e2:89:10:bf:91:10:2d:76:
1a:d4:b5:81:14:c9:16:f3:20:cc:a8:92:1e:38:0d:84:95:31:
7d:de:dd:89:bd:6c:06:ff:5b:e4:d7:a1:b1:e7:54:80:61:48:
ef:b9:06:f1:3c:7e:8f:36:21:40:71:e4:f3:c5:6d:90:33:fc:
f6:6c:6c:0a:51:db:6d:b8:4a:e9:6d:09:9b:98:30:b0:9c:08:
bb:88:fa:7e:0e:31:86:57:0f:82:f3:53:e7:e1:8e:62:a0:d6:
47:ca:bf:d8:2b:4c:24:48:2a:c9:06:86:ae:1a:66:d0:5d:bf:
40:20:02:c9:78:e5:70:0f:e5:3f:2b:c5:d0:62:fe:41:87:86:
85:f3:3a:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/eamHpZonm5DInGKDWy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWEzMTY1YzQwMDdhOTQwMTMxYTMyN2NjNzdjYzIyMWNj
MTY5ZDkwHhcNMjUwODA5MDQwMTQ2WhcNMjUwODEwMDQwMTQ2WjAzMTEwLwYDVQQD
EyhkNmQwY2I5NzJkMzY0M2RiZmU3ZmIzMTkwMDE1YjNkZGJhYmJiMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrjFgat9v0ggMyH64Wp9sMoQDqXt
8vbet+Fdhf4T60iFMEq4zB/c37WmQBdGlo7jwa6Ij4dJ1pyTlTmjqFKaoG95sjpx
lUCOAJMDhRlbhKM9ZqJHhwBnYnZUb0DLR5aWu0RU5Rl8mw8Oy3KHkQ8vWfgHbIJr
+fyCuUFReiqJou7f4xi3c7wteTKm3XvectMZPInTj+d9RsgCbIhfzHvN/HXPF9Xr
JZXZT+DR0gPZ9OIwWeiIj/LCjXFsOm3JcN45kRvnuYudVb9T8IIiboXe11uPgtIp
V5tmmPx29OQmNEQDBuyPJyfkfcg9M9r5rozqRHJYTVKkilszDdbuJEganQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbQy5ctNkPb/n+zGQAVs926u7H2MB8GA1UdIwQY
MBaAFAmaMWXEAHqUATGjJ8x3zCIcwWnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2Mzgt
NTA2NjcyNzY5ZDljLzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2MzgtNTA2NjcyNzY5ZDlj
LzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMKv0/Y+
+7bJB+deF0Nk2pD9X3zZp3MBKU2YXuN0Tz6RE443J1WAG9lSQXJ7MiMhrX9vZtEy
dKWkA0JvJ9w7wHtLcOWjn725dz9DOziVdsl5KRn+h/KBhIYX7kIZEVMd4QvnFs1K
GjXqOt/7u7AfK9cQcvwlDOKJEL+REC12GtS1gRTJFvMgzKiSHjgNhJUxfd7dib1s
Bv9b5NehsedUgGFI77kG8Tx+jzYhQHHk88VtkDP89mxsClHbbbhK6W0Jm5gwsJwI
u4j6fg4xhlcPgvNT5+GOYqDWR8q/2CtMJEgqyQaGrhpm0F2/QCACyXjlcA/lPyvF
0GL+QYeGhfM6Ew==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:16:00 2025 by rpki-client