Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
File: aesALwAL1CbkpkDHHWwCAbUFDjQ.mft (raw, json)
Hash identifier: Pe8ibQt8kguNEMguHat9nuuwI6GZ1nxeCbOwvC5+Llk=
Subject key identifier: B6:71:B8:53:68:7C:58:25:FA:62:FE:8D:D4:FC:82:1B:EC:3D:25:DB
Authority key identifier: 69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
Certificate issuer: /CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Certificate serial: 0197B6A1012650C429B21CC1C487E046D059
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
Manifest number: 14FA
Signing time: Sat 28 Jun 2025 13:01:34 +0000
Manifest this update: Sat 28 Jun 2025 13:01:34 +0000
Manifest next update: Sun 29 Jun 2025 13:01:34 +0000
Files and hashes: 1: aesALwAL1CbkpkDHHWwCAbUFDjQ.crl (hash: tgtUfDXMquceDMLAT7ylMasjA3m+eikpqBqqwjqotE4=)
2: iGWnAlCFQ6pmXTyPhSirCP5UB4U.roa (hash: 4zG8JsxyxdWf4j+Yjdv8Dm4ymHITRyxtThA4racm63s=)
3: rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa (hash: T51bFQ1LTlcOohBY3SvkvA3KStpNAaU7OZJJkLrtQ5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:01:26:50:c4:29:b2:1c:c1:c4:87:e0:46:d0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Validity
Not Before: Jun 28 13:01:34 2025 GMT
Not After : Jun 29 13:01:34 2025 GMT
Subject: CN=b671b853687c5825fa62fe8dd4fc821bec3d25db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f3:2d:11:2a:09:da:a7:87:3c:e5:78:59:a5:
60:32:3e:eb:72:4e:d3:e5:a3:3f:ad:41:0a:70:f5:
55:bc:3c:d5:eb:55:ef:34:e8:dc:50:d3:6b:6a:c5:
7d:75:a6:56:94:2f:8c:3b:91:6f:34:0c:fd:1a:af:
24:90:90:73:8a:6b:d3:93:2a:ab:aa:8d:74:98:6c:
c4:e4:97:13:ca:d9:3c:4d:8f:d7:fd:9d:6f:04:32:
69:07:b5:3f:4e:a4:ed:74:9a:cf:8e:5a:6d:92:49:
27:0e:74:d0:2d:8a:1a:22:c0:e6:db:af:11:8b:11:
e6:52:e7:b8:6b:a8:d9:af:a2:b7:ed:55:90:6f:5b:
41:06:b1:c6:4d:e7:d8:a2:bd:4c:01:ec:13:b0:f8:
0b:85:7a:01:99:1f:20:93:da:47:26:bd:48:f8:3a:
2d:76:cd:29:d9:c1:5f:58:50:64:eb:55:91:bc:56:
1b:8d:ac:85:9c:7e:b5:4c:65:77:f9:20:11:06:8d:
95:bb:86:03:13:5b:db:2b:e2:f9:5d:7a:b6:f3:60:
c5:0e:87:e9:52:cd:a5:55:1c:1b:fd:8f:63:3b:08:
58:68:0c:32:a2:b3:e8:e6:93:cb:aa:53:c4:17:a6:
6d:8e:0c:8a:fc:da:16:06:69:4b:87:7c:16:43:04:
43:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:B8:53:68:7C:58:25:FA:62:FE:8D:D4:FC:82:1B:EC:3D:25:DB
X509v3 Authority Key Identifier:
keyid:69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:83:70:e8:0e:fa:54:d9:fd:95:cf:51:71:01:81:2a:c0:4f:
d6:0c:52:57:4d:c2:b9:a2:58:ff:fe:97:bc:06:e3:eb:78:dd:
78:82:15:5f:61:47:bf:76:2c:51:b0:45:08:bf:2e:8b:42:46:
29:51:5f:02:01:01:20:ac:a9:4e:ef:1b:fd:77:41:2a:81:00:
b9:b2:73:76:2b:e9:7f:0a:bf:79:a5:6b:0a:90:95:af:ee:91:
bf:c5:47:7b:0a:70:41:0d:02:05:3f:e4:23:52:76:59:fb:42:
df:17:03:f6:b1:93:f9:c5:5d:4d:7c:e1:48:6f:57:89:b0:79:
83:aa:c7:dd:af:9d:dc:ee:0e:df:e3:d8:fb:2d:fc:c8:dd:fe:
2d:00:76:fb:7b:fa:9b:95:31:6b:1a:9d:2e:f7:ab:26:56:35:
9d:b2:0e:94:e9:2b:a6:9d:7c:6e:c2:dd:5c:c3:57:02:b4:88:
3c:ed:09:99:4a:ea:77:2e:95:ae:0a:4d:1d:bb:3b:e6:6e:8e:
c8:3b:03:cb:37:b5:6a:f7:f9:82:d7:9c:06:9f:8e:c4:b5:22:
53:7c:fa:96:d3:80:75:66:87:13:93:85:82:fc:76:24:54:ff:
de:1c:aa:ec:fe:55:c6:82:3d:3d:bf:90:9d:58:c3:ff:c8:d9:
38:3e:a0:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQEmUMQpshzBxIfgRtBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwMDJmMDAwYmQ0MjZlNGE2NDBjNzFkNmMwMjAxYjUw
NTBlMzQwHhcNMjUwNjI4MTMwMTM0WhcNMjUwNjI5MTMwMTM0WjAzMTEwLwYDVQQD
EyhiNjcxYjg1MzY4N2M1ODI1ZmE2MmZlOGRkNGZjODIxYmVjM2QyNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfMtESoJ2qeHPOV4WaVgMj7rck7T
5aM/rUEKcPVVvDzV61XvNOjcUNNrasV9daZWlC+MO5FvNAz9Gq8kkJBzimvTkyqr
qo10mGzE5JcTytk8TY/X/Z1vBDJpB7U/TqTtdJrPjlptkkknDnTQLYoaIsDm268R
ixHmUue4a6jZr6K37VWQb1tBBrHGTefYor1MAewTsPgLhXoBmR8gk9pHJr1I+Dot
ds0p2cFfWFBk61WRvFYbjayFnH61TGV3+SARBo2Vu4YDE1vbK+L5XXq282DFDofp
Us2lVRwb/Y9jOwhYaAwyorPo5pPLqlPEF6ZtjgyK/NoWBmlLh3wWQwRDjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZxuFNofFgl+mL+jdT8ghvsPSXbMB8GA1UdIwQY
MBaAFGnrAC8AC9Qm5KZAxx1sAgG1BQ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0Mzct
Nzg1NDc1YzIyYzliLzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0MzctNzg1NDc1YzIyYzli
LzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt4Nw6A76
VNn9lc9RcQGBKsBP1gxSV03CuaJY//6XvAbj63jdeIIVX2FHv3YsUbBFCL8ui0JG
KVFfAgEBIKypTu8b/XdBKoEAubJzdivpfwq/eaVrCpCVr+6Rv8VHewpwQQ0CBT/k
I1J2WftC3xcD9rGT+cVdTXzhSG9XibB5g6rH3a+d3O4O3+PY+y38yN3+LQB2+3v6
m5UxaxqdLverJlY1nbIOlOkrpp18bsLdXMNXArSIPO0JmUrqdy6VrgpNHbs75m6O
yDsDyze1avf5gtecBp+OxLUiU3z6ltOAdWaHE5OFgvx2JFT/3hyq7P5VxoI9Pb+Q
nVjD/8jZOD6g2A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:27:40 2025 by rpki-client