Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: VmAGMMPNecFTw+mxlk2j8ev/TrrKZPR7dtPFNebklzA=
Subject key identifier: 37:F1:A4:FF:E5:EE:0D:60:6F:88:24:81:C7:96:5F:74:C5:CE:D5:97
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0198D65F1FB85386769475EE68FD8FE70EAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 164C
Signing time: Sat 23 Aug 2025 10:00:14 +0000
Manifest this update: Sat 23 Aug 2025 10:00:14 +0000
Manifest next update: Sun 24 Aug 2025 10:00:14 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: qzubIg+RMQrVd1YSmp5/V97ZKaMd3kyda5SwF/Q1jVA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:1f:b8:53:86:76:94:75:ee:68:fd:8f:e7:0e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Aug 23 10:00:14 2025 GMT
Not After : Aug 24 10:00:14 2025 GMT
Subject: CN=37f1a4ffe5ee0d606f882481c7965f74c5ced597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:84:60:c3:52:79:a0:4a:49:8e:dc:09:f4:75:
1c:66:5a:dc:de:78:0b:57:56:36:f4:6a:35:2e:63:
b4:dd:e8:83:5d:ff:2e:a7:4c:a2:5e:ca:b2:d0:57:
06:b5:36:be:02:02:56:a3:99:6e:51:7d:b2:77:5a:
f8:c9:15:06:0d:65:04:2c:ed:cc:5b:72:1c:e4:09:
7a:6f:b2:89:03:1d:fe:01:48:f2:2d:e4:39:2a:c2:
66:a5:f1:46:76:58:a9:10:01:83:17:59:11:8d:7e:
98:34:45:a6:84:a0:98:a2:42:5b:39:59:a5:c4:86:
8e:15:95:c5:49:42:bd:15:fb:dd:bf:25:c4:38:0d:
f6:3d:f4:b2:37:df:ef:f4:68:67:b6:fe:de:42:c0:
48:53:9e:23:7d:55:95:e2:22:28:d8:25:6e:22:19:
02:d0:06:a9:83:03:cc:c4:1f:2e:8e:b6:af:7a:1d:
d0:9e:9e:17:64:07:d5:b7:82:a9:44:09:32:9c:9d:
80:38:f0:83:78:90:e4:75:97:dc:e1:bb:4c:21:f2:
1c:0d:1c:7b:55:24:43:9a:17:e6:08:ee:22:60:ad:
3e:55:a7:6d:20:b3:24:cc:69:4a:a9:a9:cd:d6:a7:
64:fd:8b:ee:96:07:e2:09:05:90:46:8a:88:28:f3:
11:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F1:A4:FF:E5:EE:0D:60:6F:88:24:81:C7:96:5F:74:C5:CE:D5:97
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:8f:ed:d3:98:0d:06:f4:4a:a0:39:9e:6f:17:b1:09:99:e5:
72:d0:5a:7f:7d:19:b2:bc:10:0a:7c:05:ed:85:58:fe:d3:ca:
e6:cd:0d:cf:a2:9d:40:82:fd:89:0e:3c:c6:b6:59:fa:0d:65:
03:d1:80:e0:a8:43:f7:49:11:e5:78:4c:31:d6:e2:ee:51:dd:
0e:8b:6a:6e:57:42:ae:c8:8d:fc:da:ea:f7:e2:10:a1:f1:d4:
56:30:b7:16:48:14:2b:4a:ba:6a:fd:58:18:f0:fc:22:9e:ab:
a4:64:ad:07:57:20:39:e2:d5:18:59:12:81:ed:7c:42:b7:16:
1f:9d:e5:32:74:98:66:eb:85:75:51:03:1d:55:81:94:e7:72:
a5:c0:5b:58:3d:ca:a4:2a:e2:4a:c8:5e:63:4c:1d:96:96:2c:
c1:54:fa:d1:2f:ec:b2:6e:15:da:db:92:00:a6:92:72:2e:ee:
05:0b:8c:cc:6f:27:ed:e7:90:60:5c:23:a5:82:a1:0e:84:8e:
7d:35:c0:44:8e:9d:33:d8:38:56:d8:fa:1b:be:36:29:0a:6c:
7e:59:b8:b6:f6:9e:99:24:4a:a2:a8:32:52:6e:fb:85:70:97:
19:22:62:22:0b:f3:95:bd:81:48:5c:5b:18:fd:49:c6:ca:df:
f2:8c:6a:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXx+4U4Z2lHXuaP2P5w6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUwODIzMTAwMDE0WhcNMjUwODI0MTAwMDE0WjAzMTEwLwYDVQQD
EygzN2YxYTRmZmU1ZWUwZDYwNmY4ODI0ODFjNzk2NWY3NGM1Y2VkNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IRgw1J5oEpJjtwJ9HUcZlrc3ngL
V1Y29Go1LmO03eiDXf8up0yiXsqy0FcGtTa+AgJWo5luUX2yd1r4yRUGDWUELO3M
W3Ic5Al6b7KJAx3+AUjyLeQ5KsJmpfFGdlipEAGDF1kRjX6YNEWmhKCYokJbOVml
xIaOFZXFSUK9FfvdvyXEOA32PfSyN9/v9Ghntv7eQsBIU54jfVWV4iIo2CVuIhkC
0AapgwPMxB8ujraveh3Qnp4XZAfVt4KpRAkynJ2AOPCDeJDkdZfc4btMIfIcDRx7
VSRDmhfmCO4iYK0+VadtILMkzGlKqanN1qdk/YvulgfiCQWQRoqIKPMRLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfxpP/l7g1gb4gkgceWX3TFztWXMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOI/t05gN
BvRKoDmebxexCZnlctBaf30ZsrwQCnwF7YVY/tPK5s0Nz6KdQIL9iQ48xrZZ+g1l
A9GA4KhD90kR5XhMMdbi7lHdDotqbldCrsiN/Nrq9+IQofHUVjC3FkgUK0q6av1Y
GPD8Ip6rpGStB1cgOeLVGFkSge18QrcWH53lMnSYZuuFdVEDHVWBlOdypcBbWD3K
pCriSsheY0wdlpYswVT60S/ssm4V2tuSAKaSci7uBQuMzG8n7eeQYFwjpYKhDoSO
fTXARI6dM9g4Vtj6G742KQpsflm4tvaemSRKoqgyUm77hXCXGSJiIgvzlb2BSFxb
GP1Jxsrf8oxq9w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:07:53 2025 by rpki-client