Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: P2OfBQ5WEugO9uwkj4vRxVK45/4YLSrGr2+vfDSvBQo=
Subject key identifier: CF:D7:92:A4:E5:25:FB:EE:04:01:B9:90:36:07:4D:19:CE:83:99:39
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0198D65F99C5B715486BBDC68D9ADF274609
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 164D
Signing time: Sat 23 Aug 2025 10:00:46 +0000
Manifest this update: Sat 23 Aug 2025 10:00:46 +0000
Manifest next update: Sun 24 Aug 2025 10:00:46 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: Dik62rjnsjf4LnIsUWuFCcAu8CLlNyQBY+sR1OXyWqY=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:99:c5:b7:15:48:6b:bd:c6:8d:9a:df:27:46:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Aug 23 10:00:46 2025 GMT
Not After : Aug 24 10:00:46 2025 GMT
Subject: CN=cfd792a4e525fbee0401b99036074d19ce839939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:75:2e:fe:ad:86:dc:67:3c:f9:f3:c2:2c:
c4:d8:17:cd:91:a8:5e:d1:8e:fd:dd:4a:c8:ab:5d:
79:cf:61:e2:6d:bc:d5:7d:21:56:74:ce:93:43:d8:
6b:f0:b0:6b:80:b3:13:3c:61:cc:5b:1f:07:6f:2b:
63:ab:5b:3c:ea:83:08:24:a2:fd:5c:9f:96:a4:c1:
b8:b4:7b:05:20:44:8c:8f:50:91:48:cc:b1:05:59:
b1:3e:fd:21:00:e2:6c:9a:19:28:15:8c:99:d7:02:
2e:1d:44:d0:c7:c4:0e:f6:bf:62:ee:f7:e5:dd:33:
ff:f3:e2:1e:82:73:25:85:66:1a:a5:f2:dc:ef:ce:
53:e7:5a:b0:9f:00:aa:0a:2d:7b:bf:53:54:a8:22:
83:fb:1f:93:ab:90:0a:0d:81:84:4a:1c:bf:e8:e7:
5e:5d:96:1e:3d:9c:70:28:bb:b9:7b:0c:e0:26:6e:
16:a7:52:62:5c:b0:52:72:69:15:e9:2e:ec:cd:fc:
d0:33:ed:17:e9:18:71:39:a5:13:65:90:f3:6d:59:
a0:c2:4b:93:48:13:1a:d8:d6:c1:88:bd:cf:1f:f2:
11:85:39:09:ac:f8:83:5b:f6:b4:d1:33:e0:4d:06:
31:f9:95:b6:9e:f0:64:df:96:69:d7:1e:ba:df:51:
82:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D7:92:A4:E5:25:FB:EE:04:01:B9:90:36:07:4D:19:CE:83:99:39
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:3e:ef:35:9a:31:0d:75:22:da:0b:8f:db:c3:92:1c:7c:1f:
15:d6:74:36:2f:f7:a0:a3:69:a3:2e:98:39:37:35:a2:66:6c:
26:3b:a7:3f:59:77:06:b9:14:b4:11:b6:43:6f:33:fe:ee:25:
24:e4:90:b9:27:0e:b7:ba:99:a9:86:31:1d:27:2f:c5:93:a2:
b7:bb:02:c8:92:f7:6b:ee:18:90:c9:14:d9:0f:3c:9e:4d:f8:
97:f1:aa:b6:39:d1:67:b8:43:9c:db:ff:7f:ee:57:a8:59:2e:
d4:b8:c7:13:7d:46:88:76:61:9e:25:86:7f:c2:15:f7:19:f1:
96:dc:4a:9f:af:5b:ae:e1:a0:25:06:14:ff:3c:e9:12:39:74:
03:38:31:7a:15:dd:b3:72:0b:86:fc:0c:43:c3:4a:32:e2:df:
d7:27:c9:a7:24:4c:29:22:f3:1a:8b:4c:59:42:5b:11:7f:45:
51:c7:67:67:43:59:a2:58:38:9b:b8:1e:8d:05:c4:a3:00:8b:
52:29:f5:af:06:70:3e:a4:e2:09:f2:a2:56:e6:65:d6:fd:bd:
5e:e3:a9:a6:a0:e4:2c:e2:27:83:e8:38:68:ef:8c:98:e0:70:
a4:ce:26:af:25:8f:20:b0:b7:13:ee:74:07:14:93:05:84:2d:
b0:98:b0:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX5nFtxVIa73GjZrfJ0YJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwODIzMTAwMDQ2WhcNMjUwODI0MTAwMDQ2WjAzMTEwLwYDVQQD
EyhjZmQ3OTJhNGU1MjVmYmVlMDQwMWI5OTAzNjA3NGQxOWNlODM5OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNp1Lv6thtxnPPnzwizE2BfNkahe
0Y793UrIq115z2HibbzVfSFWdM6TQ9hr8LBrgLMTPGHMWx8Hbytjq1s86oMIJKL9
XJ+WpMG4tHsFIESMj1CRSMyxBVmxPv0hAOJsmhkoFYyZ1wIuHUTQx8QO9r9i7vfl
3TP/8+IegnMlhWYapfLc785T51qwnwCqCi17v1NUqCKD+x+Tq5AKDYGEShy/6Ode
XZYePZxwKLu5ewzgJm4Wp1JiXLBScmkV6S7szfzQM+0X6RhxOaUTZZDzbVmgwkuT
SBMa2NbBiL3PH/IRhTkJrPiDW/a00TPgTQYx+ZW2nvBk35Zp1x6631GCPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/XkqTlJfvuBAG5kDYHTRnOg5k5MB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyT7vNZox
DXUi2guP28OSHHwfFdZ0Ni/3oKNpoy6YOTc1omZsJjunP1l3BrkUtBG2Q28z/u4l
JOSQuScOt7qZqYYxHScvxZOit7sCyJL3a+4YkMkU2Q88nk34l/GqtjnRZ7hDnNv/
f+5XqFku1LjHE31GiHZhniWGf8IV9xnxltxKn69bruGgJQYU/zzpEjl0AzgxehXd
s3ILhvwMQ8NKMuLf1yfJpyRMKSLzGotMWUJbEX9FUcdnZ0NZolg4m7gejQXEowCL
Uin1rwZwPqTiCfKiVuZl1v29XuOppqDkLOIng+g4aO+MmOBwpM4mryWPILC3E+50
BxSTBYQtsJiwfQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:12:01 2025 by rpki-client