Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: d0Z7DVBysIZVAI01UupUihyFt4Iy4PWQ8Seyt7Zs5Ko=
Subject key identifier: A4:37:C0:84:CA:3E:8A:76:FD:62:CC:93:E7:4A:2E:70:F9:40:23:2D
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 0197B7B32BC3C486BACDDB1E03A2D80FA4F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 124A
Signing time: Sat 28 Jun 2025 18:01:01 +0000
Manifest this update: Sat 28 Jun 2025 18:01:01 +0000
Manifest next update: Sun 29 Jun 2025 18:01:01 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: 8rNfqGPeUUr8sSHsixtU7JXHZwvT9q9vNzPX5AArWEY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:2b:c3:c4:86:ba:cd:db:1e:03:a2:d8:0f:a4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Jun 28 18:01:01 2025 GMT
Not After : Jun 29 18:01:01 2025 GMT
Subject: CN=a437c084ca3e8a76fd62cc93e74a2e70f940232d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:e3:3c:53:17:b9:5e:5e:02:c4:0f:bd:89:
35:08:5d:61:54:e6:99:94:12:a8:9f:d3:6f:e2:a6:
38:4d:99:5a:fd:fb:76:b2:46:ac:ee:ef:58:4b:ce:
36:54:11:02:c8:a9:76:61:0a:0d:32:6c:08:cc:21:
ed:1f:a4:80:47:5d:70:64:f9:b6:60:61:6c:2f:67:
0e:a4:87:6e:a0:87:4f:f7:42:42:b1:7d:4c:bf:24:
06:85:12:0b:42:5d:30:80:03:f3:c5:95:60:5a:bd:
c2:d2:78:82:c0:e8:9e:83:9f:16:87:7b:f2:2e:ef:
67:90:4e:b8:3c:a7:2a:a9:98:be:56:f8:5c:a7:c2:
6a:73:9a:95:37:81:d7:c8:5a:d6:e5:8f:8b:4f:4d:
33:dc:27:00:10:1c:69:cc:04:d6:d5:a1:da:e7:99:
02:01:c9:d3:44:b8:60:f1:7b:e1:f3:7a:d0:3a:76:
f5:1f:60:52:d0:e2:7e:15:14:f8:a5:4d:ca:61:6a:
f3:10:bc:8b:49:08:3b:3c:11:ef:e5:6f:f1:e2:3a:
8c:f6:66:e5:d1:41:ac:27:0a:68:51:3d:23:9b:e2:
e9:4c:6e:58:af:b5:75:22:fd:c0:cc:31:77:13:7c:
5d:a0:cf:cb:3d:a7:b4:ba:c1:bc:c6:f3:4a:88:32:
b4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:37:C0:84:CA:3E:8A:76:FD:62:CC:93:E7:4A:2E:70:F9:40:23:2D
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:be:ed:9f:eb:58:ec:02:de:46:8f:1f:60:ac:ce:c9:05:1e:
a9:9d:9c:7b:05:d6:a4:bd:3e:2d:66:57:90:2d:b6:11:b7:56:
2d:96:d4:2f:e3:76:c5:f2:58:8c:39:2e:be:19:66:5c:64:00:
4a:36:71:43:a7:a2:06:62:cb:0f:8c:ee:15:26:65:ee:5c:94:
54:61:81:d0:46:fe:66:97:9c:2d:5d:07:d2:83:f9:59:04:68:
cf:73:7a:75:b5:0b:22:ae:d5:a7:29:78:69:45:c5:78:bc:22:
bd:c2:91:57:c3:09:8a:c2:6c:3b:0e:42:69:af:6a:a4:3d:72:
9a:e4:d6:a0:df:1a:21:49:e8:31:64:57:e5:22:2d:65:2f:3a:
3a:27:ad:83:f5:3a:54:4c:79:47:99:50:ce:8c:c1:50:be:31:
2a:44:95:d0:a5:fc:a4:aa:53:fb:14:cc:73:1d:8f:ae:f5:bc:
2d:a2:37:ca:72:12:1a:ae:c1:38:32:96:34:8c:4a:ce:0d:cc:
92:eb:df:39:e8:f0:ea:4d:1e:b7:39:47:7f:4b:f3:cc:14:b0:
b4:c6:96:6d:3d:b8:2e:d4:65:f2:af:48:7a:21:73:7d:e0:b7:
86:99:7c:db:dc:08:d2:0c:1c:68:e2:bc:83:25:62:43:67:28:
75:a9:26:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3syvDxIa6zdseA6LYD6T1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUwNjI4MTgwMTAxWhcNMjUwNjI5MTgwMTAxWjAzMTEwLwYDVQQD
EyhhNDM3YzA4NGNhM2U4YTc2ZmQ2MmNjOTNlNzRhMmU3MGY5NDAyMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtbjPFMXuV5eAsQPvYk1CF1hVOaZ
lBKon9Nv4qY4TZla/ft2skas7u9YS842VBECyKl2YQoNMmwIzCHtH6SAR11wZPm2
YGFsL2cOpIduoIdP90JCsX1MvyQGhRILQl0wgAPzxZVgWr3C0niCwOieg58Wh3vy
Lu9nkE64PKcqqZi+Vvhcp8Jqc5qVN4HXyFrW5Y+LT00z3CcAEBxpzATW1aHa55kC
AcnTRLhg8Xvh83rQOnb1H2BS0OJ+FRT4pU3KYWrzELyLSQg7PBHv5W/x4jqM9mbl
0UGsJwpoUT0jm+LpTG5Yr7V1Iv3AzDF3E3xdoM/LPae0usG8xvNKiDK0bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQ3wITKPop2/WLMk+dKLnD5QCMtMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATr7tn+tY
7ALeRo8fYKzOyQUeqZ2cewXWpL0+LWZXkC22EbdWLZbUL+N2xfJYjDkuvhlmXGQA
SjZxQ6eiBmLLD4zuFSZl7lyUVGGB0Eb+ZpecLV0H0oP5WQRoz3N6dbULIq7Vpyl4
aUXFeLwivcKRV8MJisJsOw5Caa9qpD1ymuTWoN8aIUnoMWRX5SItZS86Oietg/U6
VEx5R5lQzozBUL4xKkSV0KX8pKpT+xTMcx2PrvW8LaI3ynISGq7BODKWNIxKzg3M
kuvfOejw6k0etzlHf0vzzBSwtMaWbT24LtRl8q9IeiFzfeC3hpl829wI0gwcaOK8
gyViQ2codakmHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:20:24 2025 by rpki-client