Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: jlGAdY6UXdKJ60sIOhMz16PnIHaSNo4w4rsqweN1tvk=
Subject key identifier: 2D:B3:07:DA:28:B5:85:73:0E:9A:EF:3F:19:6E:5A:19:11:42:A3:52
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0197B88FD56718BA79FCB95DDC60016566C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 15B8
Signing time: Sat 28 Jun 2025 22:02:03 +0000
Manifest this update: Sat 28 Jun 2025 22:02:03 +0000
Manifest next update: Sun 29 Jun 2025 22:02:03 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: BTKj7DkJcTCC7e38XIkJaDihOPVxzD7XwrKPpviNLmI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:8f:d5:67:18:ba:79:fc:b9:5d:dc:60:01:65:66:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Jun 28 22:02:03 2025 GMT
Not After : Jun 29 22:02:03 2025 GMT
Subject: CN=2db307da28b585730e9aef3f196e5a191142a352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:73:be:aa:78:8c:d4:37:4a:45:a6:cc:c9:da:
c8:8e:f4:ba:13:64:2c:80:a4:a0:b0:74:ee:ca:64:
81:41:a6:15:23:0b:22:80:c7:3e:68:c1:47:5e:53:
45:d6:a5:51:6d:9d:e6:a7:43:a6:ca:f8:22:3b:98:
ce:ee:03:33:66:7c:dc:91:17:7d:25:7f:a2:45:7f:
1b:67:d2:94:db:85:ec:a8:aa:39:c8:8c:00:ba:52:
77:80:13:4d:9c:62:89:07:5e:91:81:00:0a:3b:d6:
be:f8:75:fb:f0:e6:85:82:09:40:cd:6a:88:25:cf:
b4:bf:70:d2:21:80:bd:a2:81:d4:0b:db:78:ec:a2:
01:66:49:4b:4b:5b:89:8f:a3:96:a0:05:0c:25:db:
25:0e:4a:7c:79:b6:f8:ac:cf:9a:2a:fe:08:a7:04:
bd:05:bb:1f:c8:09:44:69:64:bf:e8:d6:cf:45:e5:
29:3d:f3:d4:ee:19:80:00:71:87:12:9f:67:07:cd:
26:be:85:ef:f3:ac:f0:c7:e1:43:50:0b:a2:fd:8e:
b3:24:77:94:bc:d2:a5:e5:bb:64:e7:5e:ad:8e:de:
4d:ba:28:13:30:84:6b:3c:13:2e:01:85:36:02:9b:
13:db:e2:2b:42:b1:81:18:c2:fd:20:ed:a2:41:94:
57:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B3:07:DA:28:B5:85:73:0E:9A:EF:3F:19:6E:5A:19:11:42:A3:52
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:a5:2b:40:16:ca:7c:42:88:9f:5e:a5:3b:cf:38:00:50:8e:
7f:1f:0b:8b:8b:5b:b2:e4:75:90:8a:8b:c9:bd:01:5d:3c:81:
5d:7c:33:ef:d2:d1:5c:95:36:9d:4e:db:6e:7a:ec:21:a7:61:
42:1a:fb:be:f6:d9:b8:42:af:7e:4a:05:f9:de:a0:fb:03:1c:
0e:3f:ca:39:8e:51:14:06:cd:86:98:56:cf:f8:f9:ff:3d:3a:
bb:ab:ae:c8:28:d1:2f:cc:4a:08:4c:c5:d9:39:be:c4:1c:3e:
92:0d:47:c4:af:5d:a3:6d:d4:5c:ac:9c:38:fc:ed:ba:f8:66:
30:90:af:28:e4:8f:1e:35:8c:c9:7d:d5:df:cb:8b:0c:79:8d:
3a:fb:48:dd:68:31:49:9e:e2:bd:ac:32:a1:96:2e:cb:f6:ac:
03:7b:3a:1e:dd:c7:97:2d:a5:e5:54:d3:d5:69:66:53:69:19:
d5:16:4f:ce:23:6e:a6:84:0e:35:99:a5:fd:cc:07:89:09:55:
a8:65:00:3a:fc:13:4b:ff:d9:e1:9f:2b:7c:ac:21:a6:1a:2e:
78:8e:e2:ff:2d:b4:a1:13:9a:ec:e2:25:c0:01:38:cd:af:54:
5f:24:76:32:16:2d:62:8d:41:f0:ef:c6:3b:5b:fe:98:a6:51:
9f:94:bb:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j9VnGLp5/Lld3GABZWbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUwNjI4MjIwMjAzWhcNMjUwNjI5MjIwMjAzWjAzMTEwLwYDVQQD
EygyZGIzMDdkYTI4YjU4NTczMGU5YWVmM2YxOTZlNWExOTExNDJhMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnO+qniM1DdKRabMydrIjvS6E2Qs
gKSgsHTuymSBQaYVIwsigMc+aMFHXlNF1qVRbZ3mp0OmyvgiO5jO7gMzZnzckRd9
JX+iRX8bZ9KU24XsqKo5yIwAulJ3gBNNnGKJB16RgQAKO9a++HX78OaFgglAzWqI
Jc+0v3DSIYC9ooHUC9t47KIBZklLS1uJj6OWoAUMJdslDkp8ebb4rM+aKv4IpwS9
BbsfyAlEaWS/6NbPReUpPfPU7hmAAHGHEp9nB80mvoXv86zwx+FDUAui/Y6zJHeU
vNKl5btk516tjt5NuigTMIRrPBMuAYU2ApsT2+IrQrGBGML9IO2iQZRX3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2zB9ootYVzDprvPxluWhkRQqNSMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6UrQBbK
fEKIn16lO884AFCOfx8Li4tbsuR1kIqLyb0BXTyBXXwz79LRXJU2nU7bbnrsIadh
Qhr7vvbZuEKvfkoF+d6g+wMcDj/KOY5RFAbNhphWz/j5/z06u6uuyCjRL8xKCEzF
2Tm+xBw+kg1HxK9do23UXKycOPztuvhmMJCvKOSPHjWMyX3V38uLDHmNOvtI3Wgx
SZ7ivawyoZYuy/asA3s6Ht3Hly2l5VTT1WlmU2kZ1RZPziNupoQONZml/cwHiQlV
qGUAOvwTS//Z4Z8rfKwhphoueI7i/y20oROa7OIlwAE4za9UXyR2MhYtYo1B8O/G
O1v+mKZRn5S7iQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:33:48 2025 by rpki-client