Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: qkaEdm1kH47RS9Yl7zSSM+Qti3Ervfg9SywIDKqJKtQ=
Subject key identifier: B4:87:55:A2:D0:9C:80:2A:F5:8D:06:8A:C8:31:B5:5F:96:0D:17:D3
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 0198D66102F782C14711F336BBB38E4D532D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 03B5
Signing time: Sat 23 Aug 2025 10:02:18 +0000
Manifest this update: Sat 23 Aug 2025 10:02:18 +0000
Manifest next update: Sun 24 Aug 2025 10:02:18 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: cM0vJHi+rVX4/aPTbPYnTrQGcEuZR8mWHYDyTLOk8Ek=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:61:02:f7:82:c1:47:11:f3:36:bb:b3:8e:4d:53:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Aug 23 10:02:18 2025 GMT
Not After : Aug 24 10:02:18 2025 GMT
Subject: CN=b48755a2d09c802af58d068ac831b55f960d17d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:fc:d6:78:f1:83:ef:f9:b6:8c:d4:d9:9b:
c7:47:51:1a:85:c1:67:20:0b:9b:3a:96:44:75:3a:
3f:5b:bb:ed:85:c1:9e:f0:9b:d9:3a:31:08:af:9d:
03:57:2c:df:fc:75:5e:03:21:4b:0b:81:52:c1:32:
ab:91:1e:34:aa:2d:35:af:f0:6c:3a:f6:a0:60:a3:
6b:a0:c2:ee:78:b5:af:d4:cf:ca:21:04:ad:85:0d:
33:57:ee:16:c6:8b:1d:ec:01:44:91:da:90:03:92:
75:ab:2a:10:32:b9:5c:59:9e:d7:a8:b1:47:cf:12:
ec:5d:39:95:0e:89:55:9a:df:89:e8:eb:be:73:e3:
4b:df:08:a1:8d:35:b4:51:a0:72:b2:16:ef:0c:d3:
5a:09:39:b6:1c:06:e2:73:e1:d2:4c:04:de:83:67:
f5:3e:df:d8:20:09:64:cb:85:53:cc:81:e8:59:76:
83:ba:1c:4f:75:79:db:ad:cb:b7:f1:f2:88:7d:b6:
54:31:c5:05:71:52:13:27:65:88:5c:3b:13:10:2f:
18:c9:b0:b8:a9:a5:6b:74:65:ef:29:0a:c4:e6:bd:
4b:54:60:e3:29:34:2b:95:b3:93:51:e8:85:35:42:
c6:1b:b3:4d:6d:bf:54:20:59:f6:28:92:1f:88:bd:
20:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:87:55:A2:D0:9C:80:2A:F5:8D:06:8A:C8:31:B5:5F:96:0D:17:D3
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:4c:66:6c:a7:9d:05:3d:e1:88:c1:ea:ad:f9:60:88:0c:a3:
e9:a7:8b:01:52:0d:5b:52:fd:5f:60:92:b5:7b:5f:94:d2:db:
47:b3:a8:97:db:83:c1:c8:35:b1:a7:a9:f0:13:84:a7:22:c4:
56:04:4e:3b:95:44:10:df:91:86:17:fa:7d:3c:40:5e:6e:40:
7a:a6:a9:d9:72:15:86:79:c7:fe:f6:c9:e5:ea:50:e8:ab:17:
44:ac:17:7b:cc:c8:93:91:e0:9b:bc:4f:1d:9a:79:09:28:d7:
56:b2:35:47:57:84:bf:47:fe:70:10:16:89:50:d1:31:c5:a3:
00:18:13:17:5f:66:67:db:ce:9d:39:14:a7:42:3a:5b:3c:d3:
12:23:3b:16:24:e7:84:d5:e9:f9:44:34:d0:ee:7b:5c:9c:f9:
99:a0:9b:f6:da:78:0a:7a:f4:bb:c0:a1:55:ee:3b:e0:b9:95:
82:59:64:21:cd:a5:f3:fd:a9:20:78:73:be:61:f6:71:fc:ab:
86:ce:8e:65:f1:fc:b3:11:c7:b5:cb:56:75:4d:92:33:08:a2:
6f:9f:15:53:6a:de:65:2c:3f:4c:47:27:81:aa:1e:e0:15:d2:
9b:1a:ed:7a:92:6f:6e:23:e9:7e:71:40:df:41:a3:3a:d6:4c:
43:7c:3a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYQL3gsFHEfM2u7OOTVMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwODIzMTAwMjE4WhcNMjUwODI0MTAwMjE4WjAzMTEwLwYDVQQD
EyhiNDg3NTVhMmQwOWM4MDJhZjU4ZDA2OGFjODMxYjU1Zjk2MGQxN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKn81njxg+/5tozU2ZvHR1EahcFn
IAubOpZEdTo/W7vthcGe8JvZOjEIr50DVyzf/HVeAyFLC4FSwTKrkR40qi01r/Bs
OvagYKNroMLueLWv1M/KIQSthQ0zV+4Wxosd7AFEkdqQA5J1qyoQMrlcWZ7XqLFH
zxLsXTmVDolVmt+J6Ou+c+NL3wihjTW0UaByshbvDNNaCTm2HAbic+HSTATeg2f1
Pt/YIAlky4VTzIHoWXaDuhxPdXnbrcu38fKIfbZUMcUFcVITJ2WIXDsTEC8YybC4
qaVrdGXvKQrE5r1LVGDjKTQrlbOTUeiFNULGG7NNbb9UIFn2KJIfiL0giQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSHVaLQnIAq9Y0GisgxtV+WDRfTMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApExmbKed
BT3hiMHqrflgiAyj6aeLAVINW1L9X2CStXtflNLbR7Ool9uDwcg1saep8BOEpyLE
VgROO5VEEN+Rhhf6fTxAXm5Aeqap2XIVhnnH/vbJ5epQ6KsXRKwXe8zIk5Hgm7xP
HZp5CSjXVrI1R1eEv0f+cBAWiVDRMcWjABgTF19mZ9vOnTkUp0I6WzzTEiM7FiTn
hNXp+UQ00O57XJz5maCb9tp4Cnr0u8ChVe474LmVgllkIc2l8/2pIHhzvmH2cfyr
hs6OZfH8sxHHtctWdU2SMwiib58VU2reZSw/TEcngaoe4BXSmxrtepJvbiPpfnFA
30GjOtZMQ3w6jQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:05:15 2025 by rpki-client