Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: v6Ob2EgU23GxzzVd/rWWmli4PTot+5OktEnzkmIWj6Y=
Subject key identifier: 3F:46:A1:91:9A:0F:39:49:00:4D:A3:49:BF:F5:F2:5D:29:5F:38:3C
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 0197B82110718482EA61603048CBE32BC34A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 1209
Signing time: Sat 28 Jun 2025 20:01:04 +0000
Manifest this update: Sat 28 Jun 2025 20:01:04 +0000
Manifest next update: Sun 29 Jun 2025 20:01:04 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: FJBGgMmYFwL5FfEVL39GGCRzgz+hLbTlmzcyKNIea1A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:10:71:84:82:ea:61:60:30:48:cb:e3:2b:c3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Jun 28 20:01:04 2025 GMT
Not After : Jun 29 20:01:04 2025 GMT
Subject: CN=3f46a1919a0f3949004da349bff5f25d295f383c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:fb:91:b0:5b:eb:2b:19:3a:31:da:d7:e9:
10:b1:0c:d4:11:97:83:20:bc:10:41:57:97:83:a8:
36:4a:c9:98:ba:62:b3:be:e0:bb:c0:08:59:ce:de:
f8:24:e4:34:5c:32:e8:8c:aa:0e:c5:c8:37:98:fd:
ac:3d:e3:46:66:22:f7:64:3c:f9:c6:2c:bb:4d:6d:
00:64:40:a6:63:e7:ec:ff:b4:e3:83:3e:8f:d1:5f:
f5:af:bc:54:ab:c4:cc:e9:78:25:26:e2:de:b4:31:
3b:e2:90:a6:4d:76:4b:ad:1d:1d:b9:82:a6:ee:db:
f3:c3:bb:14:85:a0:a2:56:ea:71:b7:3a:b3:ca:61:
39:71:28:9e:47:82:6c:22:7c:3a:ba:d5:31:fe:c6:
79:3f:ab:41:3c:91:7e:0f:24:b5:4c:c7:29:32:7a:
b8:04:a5:49:6c:93:50:f2:d9:31:42:4f:5d:f2:7e:
42:ac:6c:bc:b3:9c:14:d7:ed:9a:c0:78:a8:8d:0c:
ec:15:eb:10:7f:70:87:05:73:3a:21:81:ed:23:d9:
32:26:93:74:42:3d:51:4b:5d:ec:1f:c9:89:05:e7:
92:3b:46:b7:da:a8:b5:5b:0b:f9:61:fa:85:d9:55:
9c:c3:d2:f4:1b:7d:cd:ec:a6:22:b5:5e:66:c5:f4:
93:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:46:A1:91:9A:0F:39:49:00:4D:A3:49:BF:F5:F2:5D:29:5F:38:3C
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:9e:98:51:f9:38:63:a8:42:73:19:a5:a3:98:f6:8d:b5:df:
c3:83:9c:e3:13:f2:b3:0a:35:e4:af:cb:20:78:0e:b3:a3:6e:
81:85:23:37:62:9a:9c:97:0d:c8:9f:fa:64:9f:c4:f7:e5:64:
ff:18:83:8f:21:eb:b4:1a:a8:40:54:25:56:d5:fe:a3:fc:25:
03:59:cd:71:5b:ec:f3:3e:37:95:75:c0:97:7b:e7:1d:7a:ad:
4c:d7:60:12:6e:bb:d3:18:cc:8d:e6:07:00:8d:f3:59:64:a7:
bd:71:6f:01:e4:56:bd:ee:d9:c7:d1:3d:21:94:a4:7f:53:ae:
2b:e6:8f:61:38:6d:8a:05:37:72:9b:d0:9c:49:cd:48:d8:68:
cc:27:09:68:3a:e0:66:1a:02:91:d2:db:64:62:91:7a:5c:7d:
12:6b:f5:da:08:9c:5b:7c:17:88:ab:53:ef:52:6c:c7:0b:75:
11:13:30:b8:c8:43:8a:bb:d2:c6:35:a8:43:7c:39:b2:c8:77:
aa:ec:d5:31:50:e2:3c:c7:4e:28:65:ed:14:58:c3:a2:d6:16:
a8:8a:62:b1:f1:e8:12:0f:60:b0:e0:28:55:09:9d:27:27:90:
e3:d1:7c:99:97:99:4b:85:76:2b:4d:f5:36:e4:bd:e0:9e:95:
10:74:48:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IRBxhILqYWAwSMvjK8NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUwNjI4MjAwMTA0WhcNMjUwNjI5MjAwMTA0WjAzMTEwLwYDVQQD
EygzZjQ2YTE5MTlhMGYzOTQ5MDA0ZGEzNDliZmY1ZjI1ZDI5NWYzODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H/7kbBb6ysZOjHa1+kQsQzUEZeD
ILwQQVeXg6g2SsmYumKzvuC7wAhZzt74JOQ0XDLojKoOxcg3mP2sPeNGZiL3ZDz5
xiy7TW0AZECmY+fs/7Tjgz6P0V/1r7xUq8TM6XglJuLetDE74pCmTXZLrR0duYKm
7tvzw7sUhaCiVupxtzqzymE5cSieR4JsInw6utUx/sZ5P6tBPJF+DyS1TMcpMnq4
BKVJbJNQ8tkxQk9d8n5CrGy8s5wU1+2awHiojQzsFesQf3CHBXM6IYHtI9kyJpN0
Qj1RS13sH8mJBeeSO0a32qi1Wwv5YfqF2VWcw9L0G33N7KYitV5mxfSTzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9GoZGaDzlJAE2jSb/18l0pXzg8MB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZ6YUfk4
Y6hCcxmlo5j2jbXfw4Oc4xPyswo15K/LIHgOs6NugYUjN2KanJcNyJ/6ZJ/E9+Vk
/xiDjyHrtBqoQFQlVtX+o/wlA1nNcVvs8z43lXXAl3vnHXqtTNdgEm670xjMjeYH
AI3zWWSnvXFvAeRWve7Zx9E9IZSkf1OuK+aPYThtigU3cpvQnEnNSNhozCcJaDrg
ZhoCkdLbZGKRelx9Emv12gicW3wXiKtT71Jsxwt1ERMwuMhDirvSxjWoQ3w5ssh3
quzVMVDiPMdOKGXtFFjDotYWqIpisfHoEg9gsOAoVQmdJyeQ49F8mZeZS4V2K031
NuS94J6VEHRIMw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:24:34 2025 by rpki-client