Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
File: aesALwAL1CbkpkDHHWwCAbUFDjQ.mft (raw, json)
Hash identifier: 9nYNdabwvfVZNcYnC9KVsdZ11yv3W+b78jiuGsvqWBU=
Subject key identifier: F9:D8:A0:E4:29:95:D3:E4:18:05:70:DC:3A:65:60:DC:94:7D:10:27
Authority key identifier: 69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
Certificate issuer: /CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Certificate serial: 0198D660589ECEA2DA844B96C65F7B29E5EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
Manifest number: 158F
Signing time: Sat 23 Aug 2025 10:01:35 +0000
Manifest this update: Sat 23 Aug 2025 10:01:35 +0000
Manifest next update: Sun 24 Aug 2025 10:01:35 +0000
Files and hashes: 1: aesALwAL1CbkpkDHHWwCAbUFDjQ.crl (hash: yLV4pfbp4qxDCl7eWUmpZPGKTMKKU6FJQyZZYmypfjQ=)
2: iGWnAlCFQ6pmXTyPhSirCP5UB4U.roa (hash: 4zG8JsxyxdWf4j+Yjdv8Dm4ymHITRyxtThA4racm63s=)
3: rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa (hash: T51bFQ1LTlcOohBY3SvkvA3KStpNAaU7OZJJkLrtQ5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:58:9e:ce:a2:da:84:4b:96:c6:5f:7b:29:e5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Validity
Not Before: Aug 23 10:01:35 2025 GMT
Not After : Aug 24 10:01:35 2025 GMT
Subject: CN=f9d8a0e42995d3e4180570dc3a6560dc947d1027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bf:ef:a0:55:01:80:41:65:63:2b:2c:25:ee:
a1:1d:ef:4a:31:9b:95:7d:0e:ca:69:b2:80:8c:a9:
ac:82:b3:da:89:e6:46:b1:06:8c:5b:f9:65:02:ee:
16:ef:a0:15:e8:20:f2:c4:fe:a0:86:1d:bb:c6:d3:
1f:b2:c8:e1:fc:c5:41:78:02:dc:ed:2b:37:ae:0d:
e9:06:6f:de:56:31:81:5f:d0:53:8c:8e:76:23:f4:
66:f4:90:c9:f6:48:68:d8:94:47:83:41:64:87:9a:
06:61:3f:2b:1e:3a:12:5e:7d:d1:8f:3e:e5:75:de:
a1:be:c6:10:83:52:c3:18:13:63:35:ba:b1:86:1d:
3c:88:0c:ac:10:69:a4:de:6f:0e:5f:9d:83:38:92:
d3:59:c3:09:42:5c:6f:2a:51:ae:8e:f3:ef:79:ec:
82:e5:7b:11:44:02:ec:d1:63:20:08:8a:72:40:40:
fe:be:0f:ad:a5:a9:a3:e9:5e:bf:d6:ff:77:51:26:
e3:19:d6:38:98:81:93:41:5c:57:da:c1:59:aa:cc:
e2:a4:6a:1b:1e:f5:cd:56:59:9d:a3:34:f1:7d:e8:
5a:21:11:a0:55:8c:ba:53:4d:7f:bd:32:1c:06:6b:
26:dd:d1:ca:65:28:db:19:9d:8b:ce:88:ca:0f:11:
e6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D8:A0:E4:29:95:D3:E4:18:05:70:DC:3A:65:60:DC:94:7D:10:27
X509v3 Authority Key Identifier:
keyid:69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:5a:4b:96:5c:56:63:3a:76:84:c3:62:27:77:96:e4:23:a4:
60:a3:d5:08:49:71:d1:2e:dd:29:d1:c0:30:db:4f:d3:1a:f6:
23:e1:12:26:bd:c0:b0:ad:61:0c:46:59:1d:cc:01:94:19:46:
e9:93:41:9d:9b:2f:e0:f4:5d:0a:c8:d4:29:59:1d:2f:9f:b2:
d4:e2:8f:5e:22:ac:ca:9d:a4:13:b4:d7:bb:b9:90:70:a9:59:
7e:12:c7:3b:44:1e:21:fa:15:42:9e:b8:c4:36:54:e8:65:9c:
d9:65:69:12:84:75:88:f7:e0:11:0b:2c:e2:d5:78:48:e1:ff:
98:bc:73:a3:7b:65:dd:14:60:68:60:a3:9f:17:dd:1c:98:68:
21:65:7b:fb:89:a2:76:ca:db:7c:3a:56:7f:78:67:5f:8f:8b:
cb:38:ec:29:05:10:a4:bf:56:a0:92:79:34:ae:f3:b1:b2:ab:
58:a7:da:5b:52:c2:35:98:a7:4f:15:a1:e2:e8:45:3f:04:70:
2f:ea:64:45:35:85:70:06:97:62:36:c6:de:1d:40:19:3f:ac:
83:3d:56:d7:3c:6c:9a:aa:1f:51:99:85:0f:f6:31:0e:bd:0d:
31:35:5c:d7:66:31:68:3e:1d:e7:fc:3a:c2:a8:c2:a1:d0:dc:
87:23:63:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYFiezqLahEuWxl97KeXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwMDJmMDAwYmQ0MjZlNGE2NDBjNzFkNmMwMjAxYjUw
NTBlMzQwHhcNMjUwODIzMTAwMTM1WhcNMjUwODI0MTAwMTM1WjAzMTEwLwYDVQQD
EyhmOWQ4YTBlNDI5OTVkM2U0MTgwNTcwZGMzYTY1NjBkYzk0N2QxMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxL/voFUBgEFlYyssJe6hHe9KMZuV
fQ7KabKAjKmsgrPaieZGsQaMW/llAu4W76AV6CDyxP6ghh27xtMfssjh/MVBeALc
7Ss3rg3pBm/eVjGBX9BTjI52I/Rm9JDJ9kho2JRHg0Fkh5oGYT8rHjoSXn3Rjz7l
dd6hvsYQg1LDGBNjNbqxhh08iAysEGmk3m8OX52DOJLTWcMJQlxvKlGujvPveeyC
5XsRRALs0WMgCIpyQED+vg+tpamj6V6/1v93USbjGdY4mIGTQVxX2sFZqszipGob
HvXNVlmdozTxfehaIRGgVYy6U01/vTIcBmsm3dHKZSjbGZ2LzojKDxHmjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnYoOQpldPkGAVw3DplYNyUfRAnMB8GA1UdIwQY
MBaAFGnrAC8AC9Qm5KZAxx1sAgG1BQ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0Mzct
Nzg1NDc1YzIyYzliLzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0MzctNzg1NDc1YzIyYzli
LzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnVpLllxW
Yzp2hMNiJ3eW5COkYKPVCElx0S7dKdHAMNtP0xr2I+ESJr3AsK1hDEZZHcwBlBlG
6ZNBnZsv4PRdCsjUKVkdL5+y1OKPXiKsyp2kE7TXu7mQcKlZfhLHO0QeIfoVQp64
xDZU6GWc2WVpEoR1iPfgEQss4tV4SOH/mLxzo3tl3RRgaGCjnxfdHJhoIWV7+4mi
dsrbfDpWf3hnX4+LyzjsKQUQpL9WoJJ5NK7zsbKrWKfaW1LCNZinTxWh4uhFPwRw
L+pkRTWFcAaXYjbG3h1AGT+sgz1W1zxsmqofUZmFD/YxDr0NMTVc12YxaD4d5/w6
wqjCodDchyNj7w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:53:54 2025 by rpki-client