Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: pCDZhsDo6w/BqU8+CZ1OYOTVcc9jmkjOjTl8Iv7OZZg=
Subject key identifier: F7:0C:72:29:5F:1D:A5:60:47:C2:9D:BB:E6:B8:B8:CB:07:E2:78:28
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 0198D583F4552FFBE8AC75FD16921577D27A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 12DE
Signing time: Sat 23 Aug 2025 06:00:51 +0000
Manifest this update: Sat 23 Aug 2025 06:00:51 +0000
Manifest next update: Sun 24 Aug 2025 06:00:51 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: mpBzr7/JRqs62p6x+LLqtA7vc6zNqNFhRgeQj8B2zWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:f4:55:2f:fb:e8:ac:75:fd:16:92:15:77:d2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Aug 23 06:00:51 2025 GMT
Not After : Aug 24 06:00:51 2025 GMT
Subject: CN=f70c72295f1da56047c29dbbe6b8b8cb07e27828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:e1:c7:ab:7b:ed:64:fb:ab:24:ee:59:85:
87:fc:f3:29:c7:b9:ae:ab:6f:96:ca:45:4e:9f:63:
54:e2:53:6f:5a:08:78:3e:df:9d:42:9b:62:fb:6c:
47:71:cb:00:b0:00:ff:04:41:92:ff:f5:e3:af:82:
97:2c:47:94:ff:50:01:0a:f1:e0:c6:a2:a1:f2:0c:
07:a0:96:eb:ba:e9:6d:d1:c9:23:36:21:79:ab:62:
24:a0:52:4e:5a:31:60:c2:b1:3c:64:7a:e4:33:b4:
7a:a7:5c:a6:16:f5:38:1d:82:49:15:89:c9:1a:7d:
a5:05:c9:57:1e:47:48:96:3d:97:f8:cf:66:22:59:
9c:ee:4b:6f:2e:1d:b1:ac:5a:d2:35:8c:69:eb:49:
72:03:3f:ee:21:93:da:fd:87:19:15:7a:ea:c1:3b:
11:0c:57:84:2a:1b:05:47:c6:2f:95:3c:2b:cb:29:
1a:4c:84:09:28:ee:fa:7c:14:0a:67:11:e8:9e:55:
69:35:1e:e5:3a:98:1e:e8:c3:8f:34:8d:fe:38:37:
c7:99:1e:a4:3e:a0:be:a1:f2:e9:31:a4:66:ff:fd:
2e:d2:f8:7c:63:c9:b6:9b:a9:a2:f1:e8:14:6c:83:
19:da:4c:88:6c:27:c8:c5:b1:26:04:7d:28:11:f5:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0C:72:29:5F:1D:A5:60:47:C2:9D:BB:E6:B8:B8:CB:07:E2:78:28
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:e7:a7:06:95:33:2f:84:83:13:68:ee:98:ee:be:4f:69:71:
a2:91:06:33:9d:ff:33:75:04:27:5c:a4:a1:3c:eb:a6:94:6d:
b5:f4:2f:1e:bb:8d:6a:8f:41:55:ec:75:ab:19:11:02:78:84:
a2:a3:61:e0:28:2a:21:ba:47:03:57:fc:1f:73:34:a2:aa:c6:
75:a7:48:3c:9e:4b:ef:22:3c:2f:d6:62:38:5e:b5:23:f3:89:
8b:99:a3:af:f8:d2:bf:49:9c:f4:a0:1c:9c:e0:cb:33:63:ae:
45:99:52:0a:34:99:e9:a4:2c:a4:14:7f:13:9d:97:81:52:c3:
5d:3b:8a:18:d4:22:f2:a9:eb:ae:b7:60:28:a5:1d:ad:ca:af:
79:52:6b:33:48:3e:62:a9:b9:65:84:d0:e6:5c:68:f8:e7:50:
18:a0:29:16:54:0a:4b:9b:5a:31:90:4b:29:4d:af:34:4f:1e:
9c:f3:cb:2b:2a:5e:bf:ca:ea:a4:1e:fd:cb:a9:b2:95:dd:fb:
1e:fe:8f:96:1e:b9:e4:3e:7c:0c:08:ca:88:7f:5b:00:5a:95:
60:12:f0:b8:48:21:84:eb:e3:34:c9:ee:d1:28:6d:f2:1c:21:
dc:c8:82:68:a8:d9:20:95:67:d2:60:39:2a:81:5d:6e:f8:58:
c9:bb:3e:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg/RVL/vorHX9FpIVd9J6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUwODIzMDYwMDUxWhcNMjUwODI0MDYwMDUxWjAzMTEwLwYDVQQD
EyhmNzBjNzIyOTVmMWRhNTYwNDdjMjlkYmJlNmI4YjhjYjA3ZTI3ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Cbhx6t77WT7qyTuWYWH/PMpx7mu
q2+WykVOn2NU4lNvWgh4Pt+dQpti+2xHccsAsAD/BEGS//Xjr4KXLEeU/1ABCvHg
xqKh8gwHoJbruult0ckjNiF5q2IkoFJOWjFgwrE8ZHrkM7R6p1ymFvU4HYJJFYnJ
Gn2lBclXHkdIlj2X+M9mIlmc7ktvLh2xrFrSNYxp60lyAz/uIZPa/YcZFXrqwTsR
DFeEKhsFR8YvlTwryykaTIQJKO76fBQKZxHonlVpNR7lOpge6MOPNI3+ODfHmR6k
PqC+ofLpMaRm//0u0vh8Y8m2m6mi8egUbIMZ2kyIbCfIxbEmBH0oEfVXkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcMcilfHaVgR8Kdu+a4uMsH4ngoMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+enBpUz
L4SDE2jumO6+T2lxopEGM53/M3UEJ1ykoTzrppRttfQvHruNao9BVex1qxkRAniE
oqNh4CgqIbpHA1f8H3M0oqrGdadIPJ5L7yI8L9ZiOF61I/OJi5mjr/jSv0mc9KAc
nODLM2OuRZlSCjSZ6aQspBR/E52XgVLDXTuKGNQi8qnrrrdgKKUdrcqveVJrM0g+
Yqm5ZYTQ5lxo+OdQGKApFlQKS5taMZBLKU2vNE8enPPLKypev8rqpB79y6myld37
Hv6Plh655D58DAjKiH9bAFqVYBLwuEghhOvjNMnu0Sht8hwh3MiCaKjZIJVn0mA5
KoFdbvhYybs+oQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:42:11 2025 by rpki-client