Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: YbA8WHVLBdZCzw7mudOAgyaCQA3ofKdCaE9qifSHrrI=
Subject key identifier: 2D:EA:B7:8C:58:B6:88:E7:4B:CC:D2:BA:49:B7:68:A7:B7:1A:4A:E8
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 0198D5F1AC96F429C3E5012AC22A58300E4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 159D
Signing time: Sat 23 Aug 2025 08:00:41 +0000
Manifest this update: Sat 23 Aug 2025 08:00:41 +0000
Manifest next update: Sun 24 Aug 2025 08:00:41 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: Ztz9043fuVU5ULrnk2pyOyak53KdAC9wQR7/yj+7pNY=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:ac:96:f4:29:c3:e5:01:2a:c2:2a:58:30:0e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Aug 23 08:00:41 2025 GMT
Not After : Aug 24 08:00:41 2025 GMT
Subject: CN=2deab78c58b688e74bccd2ba49b768a7b71a4ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:c1:2c:92:88:28:ff:13:4b:c5:78:09:ea:
ed:c2:f1:eb:d5:47:6e:bb:41:70:4a:e3:6e:fa:62:
02:4b:59:48:9f:09:9c:44:1b:8c:88:69:7f:e9:d4:
92:c2:15:06:10:56:97:54:6c:e8:29:90:ad:38:6e:
b0:8c:c4:9e:e6:6f:64:6b:4d:38:69:72:59:d0:2f:
d9:0a:0f:dd:e7:86:fa:16:87:e3:7a:f1:86:3f:94:
af:43:df:73:74:67:c9:d7:d7:4c:74:3c:0b:53:a1:
53:f6:fd:e3:92:d3:b7:47:f3:44:d2:3b:7f:12:c3:
5b:00:63:c5:55:9a:49:fb:aa:71:9c:a4:4b:b6:dc:
28:78:6e:31:c7:6b:2c:2c:6b:4a:44:ee:10:a3:af:
b7:58:20:0e:e0:3f:7b:91:f8:66:ce:83:63:97:90:
26:e7:ae:62:e3:de:45:96:26:60:0c:aa:d7:a6:8c:
09:b6:1b:8c:b0:93:82:27:35:6b:54:d5:8c:70:0a:
b2:08:d8:3f:68:83:84:4c:ad:69:0e:6e:02:4b:e2:
3f:28:20:d5:bc:91:31:98:56:35:48:e3:3a:c7:df:
59:86:67:33:06:6f:b7:63:f9:35:c6:22:2d:a9:bc:
81:e8:b1:f3:a6:84:de:e9:e4:21:6f:bc:df:65:ee:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EA:B7:8C:58:B6:88:E7:4B:CC:D2:BA:49:B7:68:A7:B7:1A:4A:E8
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:da:c7:03:a7:d3:e3:8c:49:7f:9e:67:a5:70:b0:ec:bc:21:
06:39:64:68:e8:2b:c9:cb:28:b5:6d:3e:10:7f:0c:b8:5a:e7:
a8:fc:95:fe:31:b0:98:ee:e5:9d:37:a4:4b:ff:ff:1e:c3:21:
68:99:42:71:e8:55:2c:03:48:2a:fd:65:a2:bb:e1:8a:b7:fe:
57:b2:1b:e4:25:09:5d:b5:c9:80:6f:25:31:29:3c:97:11:be:
66:b6:c2:de:8f:2d:a1:39:6a:e5:2a:7a:dd:b2:88:6a:f8:5f:
1e:ae:2d:18:e3:37:ce:5b:ba:e5:97:cd:27:96:45:32:4b:6c:
39:63:7b:d4:2b:35:91:c6:18:76:92:6b:45:8a:19:ba:72:d3:
3b:fd:a4:7c:fb:e0:54:e7:65:56:08:65:95:fd:20:b1:e1:68:
2c:3d:81:7c:b8:4a:e3:46:be:a8:e0:7b:06:d9:a5:5c:e9:a9:
cc:79:c0:a2:66:f8:ac:0c:12:a4:8e:14:39:8e:3a:9b:65:ce:
8b:19:1f:bc:6b:ca:e6:a4:49:de:f8:b9:18:d5:ee:7c:a2:9a:
32:4d:ce:e6:4d:86:9c:46:bf:cf:ee:ef:7a:af:49:cc:3b:72:
62:d3:d4:24:8b:0f:20:8e:75:8f:10:4f:46:b0:79:b9:0b:de:
bb:22:b4:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8ayW9CnD5QEqwipYMA5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwODIzMDgwMDQxWhcNMjUwODI0MDgwMDQxWjAzMTEwLwYDVQQD
EygyZGVhYjc4YzU4YjY4OGU3NGJjY2QyYmE0OWI3NjhhN2I3MWE0YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCXBLJKIKP8TS8V4CertwvHr1Udu
u0FwSuNu+mICS1lInwmcRBuMiGl/6dSSwhUGEFaXVGzoKZCtOG6wjMSe5m9ka004
aXJZ0C/ZCg/d54b6FofjevGGP5SvQ99zdGfJ19dMdDwLU6FT9v3jktO3R/NE0jt/
EsNbAGPFVZpJ+6pxnKRLttwoeG4xx2ssLGtKRO4Qo6+3WCAO4D97kfhmzoNjl5Am
565i495FliZgDKrXpowJthuMsJOCJzVrVNWMcAqyCNg/aIOETK1pDm4CS+I/KCDV
vJExmFY1SOM6x99ZhmczBm+3Y/k1xiItqbyB6LHzpoTe6eQhb7zfZe63owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3qt4xYtojnS8zSukm3aKe3GkroMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdrHA6fT
44xJf55npXCw7LwhBjlkaOgrycsotW0+EH8MuFrnqPyV/jGwmO7lnTekS///HsMh
aJlCcehVLANIKv1lorvhirf+V7Ib5CUJXbXJgG8lMSk8lxG+ZrbC3o8toTlq5Sp6
3bKIavhfHq4tGOM3zlu65ZfNJ5ZFMktsOWN71Cs1kcYYdpJrRYoZunLTO/2kfPvg
VOdlVghllf0gseFoLD2BfLhK40a+qOB7BtmlXOmpzHnAomb4rAwSpI4UOY46m2XO
ixkfvGvK5qRJ3vi5GNXufKKaMk3O5k2GnEa/z+7veq9JzDtyYtPUJIsPII51jxBP
RrB5uQveuyK0Fw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:39:07 2025 by rpki-client