Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: qj/+kHucfdVc0Fp5GjQMSmoK7OqmdSX6q9dkQ/6QB14=
Subject key identifier: B9:DF:87:9D:8B:14:90:F7:40:EC:43:B1:65:99:3F:E9:F7:8B:7B:1E
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 0197B632A029D615781C379050886F750150
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 1508
Signing time: Sat 28 Jun 2025 11:01:00 +0000
Manifest this update: Sat 28 Jun 2025 11:01:00 +0000
Manifest next update: Sun 29 Jun 2025 11:01:00 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: S6CPV6wFj4ReA+/LlDrKB3GhTwcqN/7pqHUTElCmBIM=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:a0:29:d6:15:78:1c:37:90:50:88:6f:75:01:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Jun 28 11:01:00 2025 GMT
Not After : Jun 29 11:01:00 2025 GMT
Subject: CN=b9df879d8b1490f740ec43b165993fe9f78b7b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a6:00:a8:f2:4d:bc:18:23:02:89:19:ea:49:
65:61:a8:8c:e5:20:b4:74:1f:2e:22:f9:3a:f5:de:
ea:2c:c7:38:8c:8b:fa:fb:bf:9a:c8:a0:cb:24:59:
df:65:7b:ed:c1:b9:03:75:33:db:89:5c:4f:de:5c:
aa:58:47:58:f4:2a:72:c3:96:f3:a1:c5:0f:42:bd:
5e:26:54:f0:01:53:6b:cc:e9:7e:63:d9:fd:06:ba:
3d:cf:32:09:a8:92:0a:99:58:93:8d:9d:7c:fd:9b:
5e:c9:c2:66:e7:00:0d:7c:33:05:bd:2d:a4:18:d8:
13:c2:15:fe:9f:94:dc:57:b5:13:12:79:d4:69:09:
ed:d2:74:27:b3:7f:93:6a:00:02:ea:70:ff:3d:6a:
21:77:5c:a6:09:d1:d5:52:1c:14:12:4b:b9:77:7f:
dd:c2:0e:3a:91:5f:de:01:d5:57:e9:6f:c8:7b:15:
5c:33:c6:40:58:45:71:59:b7:3c:ad:f3:4a:1f:18:
7b:31:5c:91:67:e5:3d:35:c3:de:17:3e:ff:7f:06:
c6:03:03:ab:47:81:88:a5:91:28:23:f8:34:f1:a0:
97:8b:2c:51:90:2d:da:34:76:0a:1d:2d:95:67:05:
cb:39:2d:0d:a5:e7:a8:58:c5:b8:de:26:4a:ad:10:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DF:87:9D:8B:14:90:F7:40:EC:43:B1:65:99:3F:E9:F7:8B:7B:1E
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:02:20:c0:89:d6:ab:15:cc:3a:55:c0:d9:85:6f:bb:df:1d:
bd:fc:d4:24:05:ec:b7:70:49:d2:99:00:30:2b:c1:f9:ba:e3:
e7:6b:72:5e:74:65:d4:a3:ed:24:52:03:bc:86:8d:61:3f:30:
60:c7:b8:42:cf:9a:ad:54:9a:9d:91:2b:c1:68:d7:22:4e:6c:
f3:ef:ac:66:5a:cb:0f:f2:8a:b2:0a:a0:d6:d4:06:03:f2:9c:
17:61:26:65:b3:33:f5:38:72:0e:eb:d7:39:c8:86:96:bd:d5:
bf:74:20:8a:a2:32:9d:0a:df:60:ee:c3:5a:83:18:6a:d9:39:
fb:57:04:e1:49:a0:04:c2:5e:09:18:e3:66:fb:a8:12:e1:a5:
af:76:24:19:bc:b2:a1:ec:34:6e:72:34:9c:a2:b0:5a:a8:de:
19:80:4a:02:ed:22:bb:83:8a:fb:64:ed:a8:ae:03:e2:77:76:
92:f8:d3:c8:be:67:19:c8:e0:f2:e5:16:e0:7a:3e:a6:21:04:
aa:8e:20:45:d8:a7:a7:ce:75:a3:ad:d1:c2:6e:55:dd:f2:fc:
1d:57:84:54:90:69:07:5f:a1:bc:b8:44:a2:8d:fa:ca:89:3a:
50:de:6a:4b:66:69:38:ac:5f:72:ff:0c:43:ad:89:fc:61:7a:
75:ea:17:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MqAp1hV4HDeQUIhvdQFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwNjI4MTEwMTAwWhcNMjUwNjI5MTEwMTAwWjAzMTEwLwYDVQQD
EyhiOWRmODc5ZDhiMTQ5MGY3NDBlYzQzYjE2NTk5M2ZlOWY3OGI3YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaYAqPJNvBgjAokZ6kllYaiM5SC0
dB8uIvk69d7qLMc4jIv6+7+ayKDLJFnfZXvtwbkDdTPbiVxP3lyqWEdY9Cpyw5bz
ocUPQr1eJlTwAVNrzOl+Y9n9Bro9zzIJqJIKmViTjZ18/ZteycJm5wANfDMFvS2k
GNgTwhX+n5TcV7UTEnnUaQnt0nQns3+TagAC6nD/PWohd1ymCdHVUhwUEku5d3/d
wg46kV/eAdVX6W/IexVcM8ZAWEVxWbc8rfNKHxh7MVyRZ+U9NcPeFz7/fwbGAwOr
R4GIpZEoI/g08aCXiyxRkC3aNHYKHS2VZwXLOS0NpeeoWMW43iZKrRC/+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnfh52LFJD3QOxDsWWZP+n3i3seMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwIgwInW
qxXMOlXA2YVvu98dvfzUJAXst3BJ0pkAMCvB+brj52tyXnRl1KPtJFIDvIaNYT8w
YMe4Qs+arVSanZErwWjXIk5s8++sZlrLD/KKsgqg1tQGA/KcF2EmZbMz9ThyDuvX
OciGlr3Vv3QgiqIynQrfYO7DWoMYatk5+1cE4UmgBMJeCRjjZvuoEuGlr3YkGbyy
oew0bnI0nKKwWqjeGYBKAu0iu4OK+2TtqK4D4nd2kvjTyL5nGcjg8uUW4Ho+piEE
qo4gRdinp851o63Rwm5V3fL8HVeEVJBpB1+hvLhEoo36yok6UN5qS2ZpOKxfcv8M
Q62J/GF6deoXRQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:57:35 2025 by rpki-client