Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: 7w/9LIGpWhaJ/RnN53oUE4bsHQ5vZIpJxeSlDCAPBHk=
Subject key identifier: 42:84:29:2E:E0:8D:B5:05:BC:86:8C:01:E4:58:16:E6:70:29:33:75
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0197B6A101956600833F49101B594233320D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 15B8
Signing time: Sat 28 Jun 2025 13:01:34 +0000
Manifest this update: Sat 28 Jun 2025 13:01:34 +0000
Manifest next update: Sun 29 Jun 2025 13:01:34 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: tTyBKUAHUhgE4wKuF2Ao7LtMyrFMb3DXdAEquxmRQzE=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:01:95:66:00:83:3f:49:10:1b:59:42:33:32:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jun 28 13:01:34 2025 GMT
Not After : Jun 29 13:01:34 2025 GMT
Subject: CN=4284292ee08db505bc868c01e45816e670293375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:9c:e4:a0:fd:5b:66:98:9f:91:c7:c0:40:
3a:22:4e:f9:8d:6d:3b:83:ac:89:6e:37:a9:28:3e:
64:7e:11:ee:9e:e5:45:9a:d4:25:40:60:22:32:03:
ee:36:0b:b2:c0:7a:49:c8:0c:91:a4:31:3a:6c:c1:
21:ac:f5:af:cf:c2:de:2a:65:44:6a:4b:c7:c8:09:
92:47:1c:b4:7f:b8:d5:c9:fd:b1:bd:2e:10:be:ba:
48:05:c3:a0:25:eb:5d:a9:87:b4:f6:2c:a0:7a:d2:
99:bf:38:34:fa:49:3e:43:d0:cd:49:16:70:bb:c6:
ee:a9:32:0a:6f:43:3f:04:57:91:d3:b3:33:29:16:
f2:b8:b6:cb:d2:39:81:85:0f:b2:05:71:22:c8:1b:
d3:a3:ad:b0:05:1b:b6:b8:44:76:5f:3e:2d:63:32:
7d:de:33:0f:bb:c6:e2:25:3c:f0:bd:9e:6c:fa:b4:
8f:6d:0a:9b:a9:3c:c2:ae:5e:ad:cd:e1:d9:b7:bd:
47:71:2a:65:28:5b:96:73:18:0c:58:80:22:04:35:
f1:10:f7:75:b4:7e:8a:f8:ae:15:1f:1c:f0:95:24:
da:6b:76:7d:07:a3:a9:7d:34:2b:c5:41:ed:11:7f:
61:dc:c3:89:d4:f7:85:76:9d:6b:dd:2f:db:6d:bd:
83:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:84:29:2E:E0:8D:B5:05:BC:86:8C:01:E4:58:16:E6:70:29:33:75
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:c3:fb:fd:41:13:f0:db:47:b0:cb:7c:ef:26:c5:66:e3:8c:
58:a4:79:39:9c:a0:99:7a:f5:43:fd:15:6e:55:35:fd:0f:84:
0f:1a:54:ae:3f:08:d7:39:54:81:56:82:fc:99:5f:f1:06:e8:
a5:dd:91:93:1f:de:f6:9a:1b:d7:c5:d9:e0:74:16:8b:99:6e:
89:21:2d:6b:fd:cf:07:13:02:6c:05:27:a2:c1:8f:56:fc:80:
22:f3:48:27:06:a8:6c:65:2f:6b:45:7a:14:ec:9f:a3:96:f2:
60:b5:1c:48:37:b5:24:c1:d0:3b:43:4a:3b:b6:90:51:e4:89:
b6:e3:35:1f:4c:70:f2:8a:fe:49:fe:70:a4:32:4f:86:f2:b6:
1f:62:a8:5c:e2:fc:21:f5:dc:42:16:f3:3f:5f:09:a6:e1:1c:
da:11:19:ba:2a:ff:60:ea:ec:12:c4:04:a8:bd:60:34:e2:6a:
9f:65:c4:d6:bd:ea:8b:b5:6f:a2:3b:bf:cd:63:70:44:bd:04:
c0:a0:32:f1:26:43:09:a7:2f:ce:64:3e:23:de:44:c1:01:9b:
d6:c1:10:87:70:43:cc:41:32:2f:48:9c:90:7b:72:df:14:3a:
d6:88:d3:b3:04:ff:bc:72:f3:7e:0e:75:65:4f:d8:44:be:73:
67:d1:13:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oQGVZgCDP0kQG1lCMzINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwNjI4MTMwMTM0WhcNMjUwNjI5MTMwMTM0WjAzMTEwLwYDVQQD
Eyg0Mjg0MjkyZWUwOGRiNTA1YmM4NjhjMDFlNDU4MTZlNjcwMjkzMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnuc5KD9W2aYn5HHwEA6Ik75jW07
g6yJbjepKD5kfhHunuVFmtQlQGAiMgPuNguywHpJyAyRpDE6bMEhrPWvz8LeKmVE
akvHyAmSRxy0f7jVyf2xvS4QvrpIBcOgJetdqYe09iygetKZvzg0+kk+Q9DNSRZw
u8buqTIKb0M/BFeR07MzKRbyuLbL0jmBhQ+yBXEiyBvTo62wBRu2uER2Xz4tYzJ9
3jMPu8biJTzwvZ5s+rSPbQqbqTzCrl6tzeHZt71HcSplKFuWcxgMWIAiBDXxEPd1
tH6K+K4VHxzwlSTaa3Z9B6OpfTQrxUHtEX9h3MOJ1PeFdp1r3S/bbb2D8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKEKS7gjbUFvIaMAeRYFuZwKTN1MB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8P7/UET
8NtHsMt87ybFZuOMWKR5OZygmXr1Q/0VblU1/Q+EDxpUrj8I1zlUgVaC/Jlf8Qbo
pd2Rkx/e9pob18XZ4HQWi5luiSEta/3PBxMCbAUnosGPVvyAIvNIJwaobGUva0V6
FOyfo5byYLUcSDe1JMHQO0NKO7aQUeSJtuM1H0xw8or+Sf5wpDJPhvK2H2KoXOL8
IfXcQhbzP18JpuEc2hEZuir/YOrsEsQEqL1gNOJqn2XE1r3qi7Vvoju/zWNwRL0E
wKAy8SZDCacvzmQ+I95EwQGb1sEQh3BDzEEyL0ickHty3xQ61ojTswT/vHLzfg51
ZU/YRL5zZ9ETAQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:14:04 2025 by rpki-client