Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
File: AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft (raw, json)
Hash identifier: qd9xHfDfZC0w+zLi6rl89Q9wYlM+fSyfDgN2/jQ+yvg=
Subject key identifier: 28:56:DA:4B:8F:25:D0:42:D6:5D:38:2B:D3:E0:C8:C0:F8:53:82:F7
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Certificate issuer: /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial: 0197B7EA8D6EBC3B367187931B47D1CB36DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
Manifest number: 15B8
Signing time: Sat 28 Jun 2025 19:01:31 +0000
Manifest this update: Sat 28 Jun 2025 19:01:31 +0000
Manifest next update: Sun 29 Jun 2025 19:01:31 +0000
Files and hashes: 1: AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl (hash: RsR4djzyQ3AC6+wO01JqiysAjVjO+zyAGpYPIWqO2rs=)
2: qen-QoIAAGwgpqx4OQAF6M4rR_M.roa (hash: Pfgs1o9qvVrkxz8on7jtYneDypFRD7JuU2XED3GEHk4=)
3: sJjIi8LxyBaapUPztypafiGazB4.roa (hash: snoS7xcNMuCgLXX7PRPXvmr0bu9uS7kTUSsVN0SedsA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:8d:6e:bc:3b:36:71:87:93:1b:47:d1:cb:36:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Validity
Not Before: Jun 28 19:01:31 2025 GMT
Not After : Jun 29 19:01:31 2025 GMT
Subject: CN=2856da4b8f25d042d65d382bd3e0c8c0f85382f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:a2:c3:55:ce:03:25:f4:e1:81:0c:cb:a0:
30:70:70:d8:52:3c:2c:8d:c6:80:2d:41:04:1c:0a:
f7:ba:29:07:77:2f:17:da:f0:b6:e9:98:7e:ec:9e:
4d:e8:1a:74:d8:aa:79:4e:ba:bc:01:98:68:64:2e:
d6:43:7b:38:94:00:c4:04:11:c4:e3:98:cf:48:19:
f8:18:77:5c:0d:f5:3d:70:9a:93:03:43:94:78:b5:
f8:14:f1:cf:3c:7b:05:93:0e:5c:0a:5f:2a:c2:0f:
89:7b:bf:4a:6f:27:af:a8:53:47:8b:8b:c9:69:ab:
ea:70:5a:0c:6f:e5:18:24:23:5a:62:36:75:f3:62:
17:a1:22:2d:c9:8f:13:1c:c5:78:b0:6d:83:97:19:
e0:be:dd:91:96:26:c2:ad:c4:9a:10:d1:d6:09:0d:
b2:c5:3a:f5:3d:7b:05:b4:35:89:c7:fa:42:d1:82:
b6:f3:89:f9:cc:79:29:a5:46:ae:fd:7b:8c:f4:33:
1c:7d:69:a1:9d:85:f0:bc:61:97:3d:9f:7f:8f:88:
92:dd:a8:51:3c:85:02:e5:ec:0c:96:26:dc:eb:fa:
3c:6d:61:d7:73:aa:fb:82:04:d9:2a:23:70:ed:06:
8b:ec:5f:60:4d:48:8c:30:37:7b:f0:99:12:b2:0a:
bb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:56:DA:4B:8F:25:D0:42:D6:5D:38:2B:D3:E0:C8:C0:F8:53:82:F7
X509v3 Authority Key Identifier:
keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:0e:66:02:81:a0:b2:39:19:68:7d:b7:fd:cf:c3:77:b9:d7:
e1:ff:19:29:11:f9:33:fd:26:e6:56:68:ec:82:66:3b:f9:4b:
1d:af:d3:2f:02:15:16:de:15:9e:59:de:90:d9:7d:2a:c9:8c:
a1:84:b9:f2:85:e4:ac:e0:80:21:c2:83:af:d7:63:cf:18:97:
c5:19:db:94:83:fd:f5:63:d3:22:02:1c:50:59:f1:a2:ca:f9:
06:4b:5f:7b:f6:0a:ec:ba:d2:e3:c5:9c:64:c0:6d:97:28:c2:
aa:d2:54:ee:9a:28:b0:87:65:99:6e:20:f2:7a:57:e3:66:e9:
8f:fe:09:02:c9:8d:f7:09:f4:63:8a:ee:b4:28:13:44:e8:42:
ef:45:df:f1:4f:1b:94:c8:16:07:f3:7f:de:81:e8:d0:5d:e9:
44:76:92:a3:57:ae:6b:36:0c:62:f9:18:40:18:ae:ff:e9:60:
67:41:76:e9:7b:d4:64:4f:c9:da:80:70:b5:dd:90:cc:f7:ee:
19:a1:04:9e:55:c8:e9:58:5e:a5:03:f4:92:8d:f9:25:f1:8f:
26:12:4e:dd:df:55:72:99:c0:38:1c:07:82:42:0f:9f:0f:51:
1a:63:c9:32:a9:b3:55:ec:b6:62:e6:a7:0b:08:f0:0f:04:a9:
7c:19:81:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36o1uvDs2cYeTG0fRyzbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjUwNjI4MTkwMTMxWhcNMjUwNjI5MTkwMTMxWjAzMTEwLwYDVQQD
EygyODU2ZGE0YjhmMjVkMDQyZDY1ZDM4MmJkM2UwYzhjMGY4NTM4MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud+iw1XOAyX04YEMy6AwcHDYUjws
jcaALUEEHAr3uikHdy8X2vC26Zh+7J5N6Bp02Kp5Trq8AZhoZC7WQ3s4lADEBBHE
45jPSBn4GHdcDfU9cJqTA0OUeLX4FPHPPHsFkw5cCl8qwg+Je79KbyevqFNHi4vJ
aavqcFoMb+UYJCNaYjZ182IXoSItyY8THMV4sG2Dlxngvt2RlibCrcSaENHWCQ2y
xTr1PXsFtDWJx/pC0YK284n5zHkppUau/XuM9DMcfWmhnYXwvGGXPZ9/j4iS3ahR
PIUC5ewMlibc6/o8bWHXc6r7ggTZKiNw7QaL7F9gTUiMMDd78JkSsgq7dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChW2kuPJdBC1l04K9PgyMD4U4L3MB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkw5mAoGg
sjkZaH23/c/Dd7nX4f8ZKRH5M/0m5lZo7IJmO/lLHa/TLwIVFt4VnlnekNl9KsmM
oYS58oXkrOCAIcKDr9djzxiXxRnblIP99WPTIgIcUFnxosr5Bktfe/YK7LrS48Wc
ZMBtlyjCqtJU7poosIdlmW4g8npX42bpj/4JAsmN9wn0Y4rutCgTROhC70Xf8U8b
lMgWB/N/3oHo0F3pRHaSo1euazYMYvkYQBiu/+lgZ0F26XvUZE/J2oBwtd2QzPfu
GaEEnlXI6VhepQP0ko35JfGPJhJO3d9VcpnAOBwHgkIPnw9RGmPJMqmzVey2Yuan
CwjwDwSpfBmBhQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:20:18 2025 by rpki-client