Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
File: aXJqlhM2--eCCz10joEvSVyHLTU.mft (raw, json)
Hash identifier: iYWFITeaDIfhWmncyhbVHk1oUYcXWAojGAui3baMAoQ=
Subject key identifier: AA:AC:14:6D:D0:79:62:2D:EB:58:E1:69:A8:3A:30:95:85:5E:97:AD
Authority key identifier: 69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
Certificate issuer: /CN=69726a961336fbe7820b3d748e812f495c872d35
Certificate serial: 0196A5AF2AF1977CEF3F08287E2293D0AA7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
Manifest number: 0D17
Signing time: Tue 06 May 2025 13:00:42 +0000
Manifest this update: Tue 06 May 2025 13:00:42 +0000
Manifest next update: Wed 07 May 2025 13:00:42 +0000
Files and hashes: 1: TPjf70pa6qBZmpfYB0iX9CcL4Y4.roa (hash: swAbvLbVBmlLATlL/hX7o87L+INYtKkOcONzc8lraTI=)
2: aXJqlhM2--eCCz10joEvSVyHLTU.crl (hash: HJgO3WOdw8S+ejF7fQReo6yLazj817j1fi0lSqXAx8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:af:2a:f1:97:7c:ef:3f:08:28:7e:22:93:d0:aa:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69726a961336fbe7820b3d748e812f495c872d35
Validity
Not Before: May 6 13:00:42 2025 GMT
Not After : May 7 13:00:42 2025 GMT
Subject: CN=aaac146dd079622deb58e169a83a3095855e97ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:31:06:99:28:fd:f9:6a:c6:9e:8d:55:94:
72:75:ab:99:a3:fb:21:ad:0f:42:22:7f:18:97:a8:
0d:dc:80:ed:2d:db:75:45:48:6b:6b:cc:fe:3b:92:
f5:33:ba:97:71:9c:6b:21:7a:ba:ae:eb:b9:bd:f9:
30:dd:f3:33:69:c2:3e:a9:c9:11:02:e2:27:80:26:
8f:fd:da:b5:e9:09:56:81:20:8a:98:fe:77:82:73:
cc:0d:a3:01:4a:5f:8a:2d:f5:f4:4e:22:11:9b:3e:
bf:fc:42:71:5a:0d:e3:d5:99:88:9d:98:02:94:60:
b1:53:88:c6:e0:94:f3:55:dd:65:46:f2:e7:04:54:
5e:31:68:d6:8f:79:17:c5:93:aa:fe:89:d8:b9:9d:
78:c9:bf:b5:3e:0c:d6:9c:ea:61:8e:4a:d0:c0:3c:
70:12:aa:5b:e1:91:10:fe:30:3a:d6:3e:57:35:a6:
8e:40:59:6d:00:30:2a:7b:96:90:af:6e:88:e5:95:
bd:73:13:e6:f4:f1:ff:6a:53:7f:b5:b8:d0:49:18:
9d:58:74:40:30:36:27:91:e2:f2:67:05:e2:3f:76:
e2:cc:59:4a:c3:2c:30:0b:65:6b:c3:bf:c5:d7:94:
30:70:c6:fd:b1:df:76:2c:51:d9:ae:51:b5:9d:27:
e5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AC:14:6D:D0:79:62:2D:EB:58:E1:69:A8:3A:30:95:85:5E:97:AD
X509v3 Authority Key Identifier:
keyid:69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:a1:e6:b2:0a:f3:72:3e:53:e8:70:cb:6e:c4:03:96:27:f5:
8f:87:4a:8a:f1:0d:fb:5b:c3:e9:52:c1:c5:60:c3:94:d7:41:
c7:57:7f:c3:ea:26:90:71:f5:da:7c:b0:40:99:63:94:1d:f0:
d5:5b:08:f3:80:8c:dd:43:05:3f:fe:e3:e8:56:b3:21:b8:4c:
01:8c:a5:a2:0a:5a:29:84:f8:fd:22:48:96:5a:6d:b9:eb:8e:
65:d1:f0:7d:dd:95:14:c2:c1:83:d0:2f:51:65:b0:50:97:ee:
3b:7a:27:a2:90:e7:b2:62:41:35:9a:67:de:ea:2c:d2:66:f7:
8c:9f:84:6d:c1:65:f2:d4:42:55:16:50:89:f4:87:68:59:98:
d4:9a:01:f6:36:41:41:fd:ed:e2:c3:f0:ea:16:b4:f4:5b:d5:
13:72:b6:3d:93:90:8a:d3:8a:5f:af:d8:f6:6a:1b:93:b1:02:
e7:e0:91:d8:31:80:35:16:45:90:be:ef:d5:1d:7f:0a:ec:65:
14:61:ec:38:5b:24:4a:55:1c:e1:31:5b:88:8c:fd:08:bc:72:
4b:d9:01:b2:c7:67:47:fc:0c:e6:a9:e2:12:28:51:db:d9:51:
7a:ad:a6:5f:d1:fb:26:24:ac:c5:d1:60:0b:8e:6c:e1:bc:a8:
ef:6b:b5:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZalryrxl3zvPwgofiKT0Kp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzI2YTk2MTMzNmZiZTc4MjBiM2Q3NDhlODEyZjQ5NWM4
NzJkMzUwHhcNMjUwNTA2MTMwMDQyWhcNMjUwNTA3MTMwMDQyWjAzMTEwLwYDVQQD
EyhhYWFjMTQ2ZGQwNzk2MjJkZWI1OGUxNjlhODNhMzA5NTg1NWU5N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXUxBpko/flqxp6NVZRydauZo/sh
rQ9CIn8Yl6gN3IDtLdt1RUhra8z+O5L1M7qXcZxrIXq6ruu5vfkw3fMzacI+qckR
AuIngCaP/dq16QlWgSCKmP53gnPMDaMBSl+KLfX0TiIRmz6//EJxWg3j1ZmInZgC
lGCxU4jG4JTzVd1lRvLnBFReMWjWj3kXxZOq/onYuZ14yb+1PgzWnOphjkrQwDxw
Eqpb4ZEQ/jA61j5XNaaOQFltADAqe5aQr26I5ZW9cxPm9PH/alN/tbjQSRidWHRA
MDYnkeLyZwXiP3bizFlKwywwC2Vrw7/F15QwcMb9sd92LFHZrlG1nSflUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqsFG3QeWIt61jhaag6MJWFXpetMB8GA1UdIwQY
MBaAFGlyapYTNvvnggs9dI6BL0lchy01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUt
YzAxNjZkOTcwMTBkLzEvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUtYzAxNjZkOTcwMTBk
LzEvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACaHmsgrz
cj5T6HDLbsQDlif1j4dKivEN+1vD6VLBxWDDlNdBx1d/w+omkHH12nywQJljlB3w
1VsI84CM3UMFP/7j6FazIbhMAYylogpaKYT4/SJIllptueuOZdHwfd2VFMLBg9Av
UWWwUJfuO3onopDnsmJBNZpn3uos0mb3jJ+EbcFl8tRCVRZQifSHaFmY1JoB9jZB
Qf3t4sPw6ha09FvVE3K2PZOQitOKX6/Y9mobk7EC5+CR2DGANRZFkL7v1R1/Cuxl
FGHsOFskSlUc4TFbiIz9CLxyS9kBssdnR/wM5qniEihR29lReq2mX9H7JiSsxdFg
C45s4byo72u1Xg==
-----END CERTIFICATE-----
Generated at Tue May 6 16:23:09 2025 by rpki-client