Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: ba7/PDtthgXknn2AZMdlhLb0YXywlZuqUtq7txrt7FQ=
Subject key identifier: BF:A5:C4:31:22:D2:B8:5A:D7:04:04:AA:2D:32:1D:E2:41:AD:95:35
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 0196BAED98F3546D3BA19A36203F65D68DFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 1535
Signing time: Sat 10 May 2025 16:00:55 +0000
Manifest this update: Sat 10 May 2025 16:00:55 +0000
Manifest next update: Sun 11 May 2025 16:00:55 +0000
Files and hashes: 1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: qGZwDZzFCtWg0ip2ritCle5ZDwo4a/b2YZk7HoxftcA=)
3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:ed:98:f3:54:6d:3b:a1:9a:36:20:3f:65:d6:8d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: May 10 16:00:55 2025 GMT
Not After : May 11 16:00:55 2025 GMT
Subject: CN=bfa5c43122d2b85ad70404aa2d321de241ad9535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:73:8e:ef:e4:73:06:47:6d:e0:af:9a:8e:8b:
71:bd:98:22:ad:e2:b8:63:02:cd:95:fb:d4:c6:4a:
61:d5:b4:00:fa:f1:b6:67:44:5a:d7:0f:a7:bf:3d:
96:d0:95:f7:a8:34:47:7e:d5:ff:29:0f:1f:81:4f:
a7:c6:bb:dc:70:db:79:ed:4e:53:94:1d:df:67:d0:
ad:5b:40:63:49:8c:7c:94:12:41:f5:9d:3a:14:92:
79:27:08:bd:a1:24:c0:00:b8:a5:b0:af:b0:07:c5:
0e:76:09:8b:95:8e:97:a1:c8:7f:18:72:5d:a3:89:
ba:6c:73:cb:b5:21:ec:c6:95:89:34:29:10:5d:aa:
f2:6e:1f:b1:bd:77:7f:19:e0:6d:94:9d:a2:1e:e0:
60:fa:dd:ef:0d:ff:b5:3d:03:04:d9:39:d7:24:51:
75:f9:25:dd:47:68:d3:71:98:98:0f:a9:78:a6:b1:
14:44:f0:31:e0:93:97:75:91:63:a2:3e:95:f4:cc:
e2:73:1d:1b:8a:03:37:34:f9:5d:08:7b:b5:76:d4:
54:2c:de:03:dd:5e:8d:0f:53:bf:3d:91:78:18:cf:
33:74:41:bc:5b:34:80:3b:ee:5b:10:f5:26:5d:73:
82:e8:85:62:12:d1:3a:03:c4:54:09:f0:7f:b2:d9:
e3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A5:C4:31:22:D2:B8:5A:D7:04:04:AA:2D:32:1D:E2:41:AD:95:35
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:10:a4:d7:58:d0:b0:d0:d5:07:4b:c5:9b:ff:17:36:55:5b:
ca:a8:2a:de:e4:13:c0:49:08:f9:33:43:bd:6c:95:9e:05:a7:
60:07:e3:16:4d:5f:01:46:71:5a:86:76:41:94:92:54:45:13:
1b:08:70:dd:6d:db:1c:54:a1:99:62:6e:6e:54:6f:4b:5b:3a:
6f:b5:61:42:70:b9:03:eb:ad:e4:fe:ae:4e:7f:33:10:7a:1f:
c2:d1:e4:28:e3:ce:6c:a2:2e:02:83:15:d2:1d:a8:bd:39:6b:
bf:97:59:50:29:a5:ed:74:0c:5a:b7:24:a6:4e:99:96:a9:a4:
56:56:f1:2f:7b:27:14:5a:dc:4f:bb:f0:bb:9b:db:24:c0:ad:
43:1b:ed:ad:c8:da:3a:94:d4:ab:e4:bd:a2:e6:74:55:c4:66:
57:19:f2:b2:de:d8:2f:89:2b:ea:6e:8e:85:aa:0d:9a:72:58:
2c:4b:4e:db:b4:70:11:5f:cb:3b:27:09:ea:11:0b:1e:b1:62:
75:fc:c2:e5:f2:35:1f:bc:99:b9:93:4d:88:ca:cb:ba:75:9f:
a0:c3:ed:9c:de:c6:4b:30:be:7e:d7:40:75:7b:59:5b:ec:db:
b4:62:77:d1:1c:f1:f4:4c:70:fc:6f:79:84:9c:b6:cf:14:8e:
4d:fb:bf:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa67ZjzVG07oZo2ID9l1o39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUwNTEwMTYwMDU1WhcNMjUwNTExMTYwMDU1WjAzMTEwLwYDVQQD
EyhiZmE1YzQzMTIyZDJiODVhZDcwNDA0YWEyZDMyMWRlMjQxYWQ5NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3OO7+RzBkdt4K+ajotxvZgireK4
YwLNlfvUxkph1bQA+vG2Z0Ra1w+nvz2W0JX3qDRHftX/KQ8fgU+nxrvccNt57U5T
lB3fZ9CtW0BjSYx8lBJB9Z06FJJ5Jwi9oSTAALilsK+wB8UOdgmLlY6Xoch/GHJd
o4m6bHPLtSHsxpWJNCkQXarybh+xvXd/GeBtlJ2iHuBg+t3vDf+1PQME2TnXJFF1
+SXdR2jTcZiYD6l4prEURPAx4JOXdZFjoj6V9Mzicx0bigM3NPldCHu1dtRULN4D
3V6ND1O/PZF4GM8zdEG8WzSAO+5bEPUmXXOC6IViEtE6A8RUCfB/stnj/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+lxDEi0rha1wQEqi0yHeJBrZU1MB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMRCk11jQ
sNDVB0vFm/8XNlVbyqgq3uQTwEkI+TNDvWyVngWnYAfjFk1fAUZxWoZ2QZSSVEUT
Gwhw3W3bHFShmWJublRvS1s6b7VhQnC5A+ut5P6uTn8zEHofwtHkKOPObKIuAoMV
0h2ovTlrv5dZUCml7XQMWrckpk6ZlqmkVlbxL3snFFrcT7vwu5vbJMCtQxvtrcja
OpTUq+S9ouZ0VcRmVxnyst7YL4kr6m6OhaoNmnJYLEtO27RwEV/LOycJ6hELHrFi
dfzC5fI1H7yZuZNNiMrLunWfoMPtnN7GSzC+ftdAdXtZW+zbtGJ30Rzx9Exw/G95
hJy2zxSOTfu/YA==
-----END CERTIFICATE-----
Generated at Sat May 10 19:59:55 2025 by rpki-client