Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: P9VmeUDsdIe01E/XeeFcHlcxmAsl6Ajtu0OgxvpyFEI=
Subject key identifier: C1:F0:B3:9C:9E:FE:02:1B:06:BE:20:DD:19:7A:E7:2E:50:FB:F9:18
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 0198D698660998FEC9524CCE6CA55243240F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1656
Signing time: Sat 23 Aug 2025 11:02:48 +0000
Manifest this update: Sat 23 Aug 2025 11:02:48 +0000
Manifest next update: Sun 24 Aug 2025 11:02:48 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: ftW5N/kzsbQQa+RXsuujqgHNC3uAlSwq20XnSlHALGM=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:98:66:09:98:fe:c9:52:4c:ce:6c:a5:52:43:24:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Aug 23 11:02:48 2025 GMT
Not After : Aug 24 11:02:48 2025 GMT
Subject: CN=c1f0b39c9efe021b06be20dd197ae72e50fbf918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:28:af:2a:50:11:07:8f:23:9a:49:a0:2c:67:
16:e2:e8:47:1f:9c:17:d5:f6:10:34:50:3e:44:42:
1f:82:28:2e:d0:56:5b:ca:e3:8f:70:00:0f:cd:85:
ca:10:06:9d:1d:0d:0b:ce:5f:76:65:02:11:6f:0e:
82:38:45:2f:80:ee:b5:28:17:06:d5:c2:93:c6:7e:
7c:58:10:cf:ac:94:29:e1:5d:04:06:9e:8f:3a:aa:
72:7a:38:01:a7:98:22:29:ef:c8:94:e7:d6:57:f4:
1d:55:ee:6a:1d:54:58:2d:dd:ca:c1:ad:f0:33:97:
4f:2c:1d:b7:f7:86:47:fa:5a:4e:c0:24:08:44:45:
c9:08:02:33:5f:37:c8:1a:43:88:6b:4d:29:85:71:
bf:91:01:2f:9d:d4:7f:2f:c7:d0:58:de:e4:47:44:
fc:cd:f9:56:5c:b6:7a:15:83:fe:64:dd:cc:94:90:
eb:8b:7e:13:12:7b:8c:82:9f:14:73:55:87:9b:65:
65:4c:eb:30:14:6e:e0:14:7c:e4:c4:67:5d:a3:36:
03:47:09:3c:18:89:c6:27:84:3b:64:66:68:0b:31:
9c:b2:f9:d8:0f:84:48:a4:92:ff:4b:e7:67:8f:a3:
f3:ae:db:fe:c4:11:02:2a:ad:44:29:8d:f5:ac:91:
85:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F0:B3:9C:9E:FE:02:1B:06:BE:20:DD:19:7A:E7:2E:50:FB:F9:18
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:5b:c4:33:86:e2:ff:ee:e4:69:62:20:df:1e:de:62:c0:7d:
19:d0:89:0b:be:ab:ba:e0:a3:66:f1:a2:7e:c9:8c:38:45:a0:
70:f4:b9:83:9c:4f:51:d7:61:4f:52:8c:9e:27:22:8e:a6:07:
aa:8b:0a:d7:08:6d:7b:af:65:7c:e5:28:6e:95:67:3b:30:d1:
4d:0c:7c:a3:54:23:62:16:e5:a4:18:69:ff:81:97:0d:64:14:
88:2f:fc:13:1a:5f:80:29:b5:f2:7f:b1:8f:73:41:7f:76:87:
d0:05:d1:15:d5:8b:98:30:a8:b8:ad:63:31:75:64:c7:e8:98:
e9:36:1a:19:95:d1:2c:20:bb:13:72:73:79:63:03:47:a1:fa:
52:68:c4:91:db:03:16:2f:97:92:e0:af:a4:d1:0c:79:0a:94:
91:1b:48:31:77:59:b2:65:83:ae:63:ee:f1:d6:38:65:d1:a7:
5d:91:19:21:77:f4:dd:d2:29:b7:9f:31:2a:b1:3c:c0:47:5b:
a0:e7:06:81:69:76:8d:bf:6c:3a:35:0f:b5:8c:59:d5:78:38:
37:06:1c:68:0c:36:25:91:88:e4:da:ae:06:a4:14:42:84:e9:
0b:a5:8d:4c:46:8e:b3:77:88:07:cf:a8:00:24:c3:ce:9f:85:
6a:6b:21:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmGYJmP7JUkzObKVSQyQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUwODIzMTEwMjQ4WhcNMjUwODI0MTEwMjQ4WjAzMTEwLwYDVQQD
EyhjMWYwYjM5YzllZmUwMjFiMDZiZTIwZGQxOTdhZTcyZTUwZmJmOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSivKlARB48jmkmgLGcW4uhHH5wX
1fYQNFA+REIfgigu0FZbyuOPcAAPzYXKEAadHQ0Lzl92ZQIRbw6COEUvgO61KBcG
1cKTxn58WBDPrJQp4V0EBp6POqpyejgBp5giKe/IlOfWV/QdVe5qHVRYLd3Kwa3w
M5dPLB2394ZH+lpOwCQIREXJCAIzXzfIGkOIa00phXG/kQEvndR/L8fQWN7kR0T8
zflWXLZ6FYP+ZN3MlJDri34TEnuMgp8Uc1WHm2VlTOswFG7gFHzkxGddozYDRwk8
GInGJ4Q7ZGZoCzGcsvnYD4RIpJL/S+dnj6Pzrtv+xBECKq1EKY31rJGFCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHws5ye/gIbBr4g3Rl65y5Q+/kYMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMlvEM4bi
/+7kaWIg3x7eYsB9GdCJC76ruuCjZvGifsmMOEWgcPS5g5xPUddhT1KMnicijqYH
qosK1whte69lfOUobpVnOzDRTQx8o1QjYhblpBhp/4GXDWQUiC/8ExpfgCm18n+x
j3NBf3aH0AXRFdWLmDCouK1jMXVkx+iY6TYaGZXRLCC7E3JzeWMDR6H6UmjEkdsD
Fi+XkuCvpNEMeQqUkRtIMXdZsmWDrmPu8dY4ZdGnXZEZIXf03dIpt58xKrE8wEdb
oOcGgWl2jb9sOjUPtYxZ1Xg4NwYcaAw2JZGI5NquBqQUQoTpC6WNTEaOs3eIB8+o
ACTDzp+Famshgw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:24:13 2025 by rpki-client