Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: 4Er916jGYrB7IAZoe/WzdHUG5Rgawsdl/oFYyU8EMV0=
Subject key identifier: 11:43:E2:23:6C:19:70:D2:84:30:D9:C5:F2:68:01:B1:8C:FE:00:9C
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 0197B6A15C9AD5045D8B5DB5B73C64B37AE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 0320
Signing time: Sat 28 Jun 2025 13:01:57 +0000
Manifest this update: Sat 28 Jun 2025 13:01:57 +0000
Manifest next update: Sun 29 Jun 2025 13:01:57 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: Sr/UH3/vZUoR5krJe4gBZ/msjzWosQy11APq5tI4Kww=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:5c:9a:d5:04:5d:8b:5d:b5:b7:3c:64:b3:7a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Jun 28 13:01:57 2025 GMT
Not After : Jun 29 13:01:57 2025 GMT
Subject: CN=1143e2236c1970d28430d9c5f26801b18cfe009c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:fa:2d:76:ab:2e:20:aa:b3:7d:2e:cb:96:
40:9f:b3:53:0d:0c:01:0a:f9:24:67:fd:46:2a:2f:
bf:b8:95:17:58:86:5c:47:25:79:85:17:3f:8c:7b:
37:8a:4c:dc:d6:40:a1:de:9d:a8:cf:e6:38:c6:85:
fe:64:8a:ba:05:3c:a0:9e:4f:f6:9f:6d:38:f1:6a:
4e:18:cd:a4:0d:94:66:07:eb:60:8a:9d:a2:17:80:
4c:b4:f8:5a:22:46:bc:b1:6f:9f:dc:c9:9e:6d:c8:
33:90:bc:93:a3:0d:c9:e8:0e:d4:16:5b:53:e7:1f:
f9:6b:f9:ff:af:aa:95:6a:2b:da:ef:d7:12:58:c5:
91:8a:24:91:ec:90:88:da:c6:f9:46:d8:58:6f:dc:
d3:ed:18:38:a0:91:dc:94:cf:dd:dd:97:32:ce:51:
83:01:72:32:58:ac:11:8f:e2:09:be:65:79:b6:5c:
1a:5e:91:9c:a8:63:23:e5:90:e2:11:72:d0:a8:53:
01:1e:c2:7a:19:ef:4c:31:f4:3f:a6:47:b3:13:ad:
3c:01:52:1d:2d:33:02:39:af:5b:81:d1:f4:d1:82:
1a:64:8c:aa:e7:da:d7:c1:9b:d7:fb:20:7c:a1:17:
2e:e6:45:6f:0b:ad:32:9c:bd:5d:ce:34:3e:c6:cb:
85:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:43:E2:23:6C:19:70:D2:84:30:D9:C5:F2:68:01:B1:8C:FE:00:9C
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:a2:98:e1:fc:c1:9d:73:5e:13:41:89:72:57:d4:7a:6e:a1:
d1:db:1f:c0:20:63:36:97:23:ea:2a:f4:9c:39:94:df:d7:98:
5f:45:71:55:5a:ee:bd:b6:e8:64:2e:1d:4f:db:07:6f:3f:c3:
46:b1:94:7a:69:2f:36:d6:fa:9c:15:a9:26:26:80:0f:d4:99:
82:bf:2a:de:f2:46:63:d0:e6:68:5f:d0:80:05:b4:92:5c:aa:
86:7f:d4:40:fc:11:89:5e:b8:0a:68:0d:d9:bb:b3:03:a8:46:
ee:17:a8:8e:ce:ab:a7:1f:f1:07:f6:be:f8:5f:ff:4c:86:ee:
ab:6b:f2:8c:fb:ee:7a:16:74:0c:ae:8e:53:dd:a3:e0:fe:ae:
cb:de:e9:7f:c5:1e:ec:c2:f9:d0:95:a6:dd:91:7b:4f:da:dd:
ad:48:fb:16:30:08:12:05:ea:b1:a7:16:45:60:8c:a1:d3:e7:
ab:70:c7:2f:62:03:23:c1:5c:11:93:de:51:4c:3c:54:33:87:
e5:05:6b:ca:8d:9b:5c:57:a6:5f:1c:68:7d:b0:4c:d2:59:3e:
f9:87:9a:c6:97:c4:e2:7f:75:2d:4f:e3:70:9f:c7:27:1c:30:
b5:38:f1:a0:63:4f:a6:dd:d2:05:7a:51:e6:61:5e:5c:78:02:
0b:56:3d:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oVya1QRdi121tzxks3rjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwNjI4MTMwMTU3WhcNMjUwNjI5MTMwMTU3WjAzMTEwLwYDVQQD
EygxMTQzZTIyMzZjMTk3MGQyODQzMGQ5YzVmMjY4MDFiMThjZmUwMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovb6LXarLiCqs30uy5ZAn7NTDQwB
CvkkZ/1GKi+/uJUXWIZcRyV5hRc/jHs3ikzc1kCh3p2oz+Y4xoX+ZIq6BTygnk/2
n2048WpOGM2kDZRmB+tgip2iF4BMtPhaIka8sW+f3MmebcgzkLyTow3J6A7UFltT
5x/5a/n/r6qVaiva79cSWMWRiiSR7JCI2sb5RthYb9zT7Rg4oJHclM/d3ZcyzlGD
AXIyWKwRj+IJvmV5tlwaXpGcqGMj5ZDiEXLQqFMBHsJ6Ge9MMfQ/pkezE608AVId
LTMCOa9bgdH00YIaZIyq59rXwZvX+yB8oRcu5kVvC60ynL1dzjQ+xsuFQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFD4iNsGXDShDDZxfJoAbGM/gCcMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6KY4fzB
nXNeE0GJclfUem6h0dsfwCBjNpcj6ir0nDmU39eYX0VxVVruvbboZC4dT9sHbz/D
RrGUemkvNtb6nBWpJiaAD9SZgr8q3vJGY9DmaF/QgAW0klyqhn/UQPwRiV64CmgN
2buzA6hG7heojs6rpx/xB/a++F//TIbuq2vyjPvuehZ0DK6OU92j4P6uy97pf8Ue
7ML50JWm3ZF7T9rdrUj7FjAIEgXqsacWRWCModPnq3DHL2IDI8FcEZPeUUw8VDOH
5QVryo2bXFemXxxofbBM0lk++YeaxpfE4n91LU/jcJ/HJxwwtTjxoGNPpt3SBXpR
5mFeXHgCC1Y9gw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:13:00 2025 by rpki-client