Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: qSzvzgGRbNAChYV4AygOoFWSIXaR8DH8wcfAl1apd8U=
Subject key identifier: 12:10:AC:B6:03:0E:00:3E:30:8F:69:1D:B4:5A:0D:0F:2A:CB:8C:A3
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 0197B5FC02FC52D50214F2BAC84C6BE0C6A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 15B7
Signing time: Sat 28 Jun 2025 10:01:21 +0000
Manifest this update: Sat 28 Jun 2025 10:01:21 +0000
Manifest next update: Sun 29 Jun 2025 10:01:21 +0000
Files and hashes: 1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: /h2phHhUr4n0eeMXkFc3cMAOrW04/3lZVqc/G7J9rzI=)
3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:fc:02:fc:52:d5:02:14:f2:ba:c8:4c:6b:e0:c6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Jun 28 10:01:21 2025 GMT
Not After : Jun 29 10:01:21 2025 GMT
Subject: CN=1210acb6030e003e308f691db45a0d0f2acb8ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ff:48:13:e1:ef:ef:6f:9c:ee:24:fb:3b:02:
c5:8c:b7:71:79:84:21:58:bb:ad:8f:b9:f6:38:ae:
1c:68:92:ed:e8:d2:a4:db:8d:dd:bc:55:6f:b1:7f:
d6:2d:f6:55:c5:01:18:fd:23:e4:da:53:f1:80:97:
63:f2:a6:5f:5b:9f:d6:c8:c6:1d:c1:6d:f6:13:2a:
d6:50:1b:22:af:e0:88:e8:16:d8:55:90:b2:4d:ea:
f7:61:51:8a:4f:b3:70:97:da:3d:ee:cd:81:5d:c6:
fb:e3:a3:99:73:0f:6e:b7:01:9e:4e:66:06:aa:f8:
15:a5:dc:84:ca:0a:63:a6:f1:34:16:55:92:e0:8f:
78:16:d5:93:4c:e5:9d:69:6b:78:29:fe:bb:27:27:
ba:10:b6:99:7f:2e:1e:f4:3e:f3:78:47:8c:40:f2:
91:c7:30:34:19:e3:42:6f:eb:1b:01:7e:87:df:bb:
09:a0:c2:92:71:68:29:9f:5e:dd:34:c1:a3:8e:4d:
cb:c3:07:16:01:0c:7f:65:5b:73:d8:1d:8b:ff:7b:
24:ee:84:0b:2b:1b:50:7e:0d:f9:95:c0:38:5a:b8:
3f:c9:5c:5a:7a:c5:b7:ff:4a:a0:8f:b8:48:c9:76:
88:4f:a3:ed:9d:11:e0:64:c1:c0:72:6d:94:83:df:
07:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:10:AC:B6:03:0E:00:3E:30:8F:69:1D:B4:5A:0D:0F:2A:CB:8C:A3
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:b0:fa:ec:83:7b:54:08:8c:da:f0:7c:5d:59:8b:4d:fa:34:
17:2f:06:06:68:7d:bc:99:73:0c:b3:fa:3b:5f:8d:40:cd:25:
99:c4:28:eb:1e:60:d5:5d:ae:af:2e:15:dc:89:e2:5f:51:54:
27:12:ac:9d:98:00:39:2c:ae:aa:51:5a:2a:d8:92:ca:b2:c2:
df:8d:f7:58:0d:ea:d4:0f:f5:0d:87:46:d1:2f:1b:2d:d0:bf:
fc:1a:09:ec:b5:22:b4:d9:e5:fc:5a:2e:af:88:f7:2d:78:52:
0f:da:b2:6a:b3:b4:ee:d7:c4:32:d1:c5:db:b2:bb:11:49:90:
9f:fd:da:3f:2a:ef:60:ad:97:1a:26:77:79:b1:ac:e2:11:35:
f4:f7:9f:26:0a:25:0e:25:3b:4a:be:e8:52:e0:d7:62:d4:9c:
32:9b:6b:e7:fc:0c:3b:71:0f:fa:7f:d9:31:c0:a9:e6:38:53:
ca:92:b0:32:89:84:c3:59:86:88:a3:9d:05:6d:49:c5:de:eb:
f0:11:a6:02:f1:a5:bd:01:e7:74:80:cf:e6:58:27:39:de:34:
43:79:15:f8:94:af:6d:40:86:01:15:ba:43:bb:c6:2f:c3:77:
f2:ca:c3:b0:61:a0:79:2c:04:00:a3:d7:84:e0:d6:7d:89:d7:
95:22:19:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/AL8UtUCFPK6yExr4MapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUwNjI4MTAwMTIxWhcNMjUwNjI5MTAwMTIxWjAzMTEwLwYDVQQD
EygxMjEwYWNiNjAzMGUwMDNlMzA4ZjY5MWRiNDVhMGQwZjJhY2I4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/9IE+Hv72+c7iT7OwLFjLdxeYQh
WLutj7n2OK4caJLt6NKk243dvFVvsX/WLfZVxQEY/SPk2lPxgJdj8qZfW5/WyMYd
wW32EyrWUBsir+CI6BbYVZCyTer3YVGKT7Nwl9o97s2BXcb746OZcw9utwGeTmYG
qvgVpdyEygpjpvE0FlWS4I94FtWTTOWdaWt4Kf67Jye6ELaZfy4e9D7zeEeMQPKR
xzA0GeNCb+sbAX6H37sJoMKScWgpn17dNMGjjk3LwwcWAQx/ZVtz2B2L/3sk7oQL
KxtQfg35lcA4Wrg/yVxaesW3/0qgj7hIyXaIT6PtnRHgZMHAcm2Ug98HOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIQrLYDDgA+MI9pHbRaDQ8qy4yjMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeLD67IN7
VAiM2vB8XVmLTfo0Fy8GBmh9vJlzDLP6O1+NQM0lmcQo6x5g1V2ury4V3IniX1FU
JxKsnZgAOSyuqlFaKtiSyrLC3433WA3q1A/1DYdG0S8bLdC//BoJ7LUitNnl/Fou
r4j3LXhSD9qyarO07tfEMtHF27K7EUmQn/3aPyrvYK2XGiZ3ebGs4hE19PefJgol
DiU7Sr7oUuDXYtScMptr5/wMO3EP+n/ZMcCp5jhTypKwMomEw1mGiKOdBW1Jxd7r
8BGmAvGlvQHndIDP5lgnOd40Q3kV+JSvbUCGARW6Q7vGL8N38srDsGGgeSwEAKPX
hODWfYnXlSIZQg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:26:17 2025 by rpki-client