Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: /xSB3aQQSjuaSbKM279JskF4UW10czhJahzN/vfKaUg=
Subject key identifier: 1F:A4:5E:74:B9:6B:21:8D:3C:7B:45:D4:84:65:41:73:58:35:D0:F8
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0197B70EC37C36F0EA93AD1F5CAF97D8F5BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 15B6
Signing time: Sat 28 Jun 2025 15:01:27 +0000
Manifest this update: Sat 28 Jun 2025 15:01:27 +0000
Manifest next update: Sun 29 Jun 2025 15:01:27 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: WX09aBKcePeEmjXuqJkxsppKfE387YbPQulI/+uUiHQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:c3:7c:36:f0:ea:93:ad:1f:5c:af:97:d8:f5:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Jun 28 15:01:27 2025 GMT
Not After : Jun 29 15:01:27 2025 GMT
Subject: CN=1fa45e74b96b218d3c7b45d4846541735835d0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d8:44:fc:e7:f5:a5:91:3d:10:74:14:f5:1b:
32:39:71:9f:67:43:00:2b:b9:78:cd:74:22:ea:bd:
10:d3:87:b6:a2:dc:3b:5c:cf:be:72:84:d3:51:bd:
e4:a5:51:d8:95:83:71:9a:e3:4f:a1:71:b3:de:15:
f7:43:34:12:c9:7d:16:43:dc:96:6a:e9:45:76:2d:
f1:6a:f1:d7:43:f9:e6:c0:ac:63:e7:44:33:3e:d2:
7f:c8:c2:0b:4c:42:4f:98:b0:f7:ab:7a:36:99:b1:
3a:2d:2e:9e:db:ee:3b:34:16:3f:61:8a:f2:77:4c:
dd:0a:be:9d:7e:66:89:85:f3:b2:b7:25:1e:fe:d2:
d5:cc:09:ba:62:25:11:d5:36:a8:df:45:e6:45:02:
72:0b:19:67:5a:1f:3b:66:8f:a8:86:75:59:81:f3:
2c:25:99:7a:67:b4:91:84:80:66:2a:ea:a7:4a:87:
80:7d:89:45:4f:56:a3:a3:c1:69:d6:89:e7:30:59:
d5:64:2c:48:64:a1:01:48:ed:18:f5:dd:c6:d6:dd:
d2:e9:53:72:93:54:53:09:5a:1d:53:27:42:a3:c7:
4d:42:7d:ed:39:0b:82:6f:9b:f1:7d:db:13:95:41:
02:20:61:90:e1:3f:a3:83:d7:7a:3c:8a:80:ee:db:
db:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A4:5E:74:B9:6B:21:8D:3C:7B:45:D4:84:65:41:73:58:35:D0:F8
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:5a:43:ce:94:3e:ef:e4:99:b9:8c:75:56:37:29:a0:75:54:
ea:0b:2a:43:2d:00:ef:77:95:47:0a:bb:82:0d:4c:0b:4d:26:
a3:83:c9:37:76:e6:d5:e2:c6:13:c9:b8:1b:a5:f9:d3:0d:36:
ec:f2:8d:e2:ae:69:a7:a7:55:15:c4:39:6e:66:f6:61:51:b4:
4b:db:e4:48:15:bd:d8:11:c3:1a:22:94:5b:85:3e:92:72:c0:
7c:57:50:29:24:b7:e5:b7:5e:4a:2d:e7:6e:17:ee:61:70:1a:
20:bb:38:d2:cd:87:84:cb:89:d0:ad:cb:83:f9:8c:0e:0b:42:
a1:95:1f:11:83:c4:54:9d:2c:54:b2:45:ae:3e:0f:ef:ed:6c:
09:8c:97:11:99:9f:c5:18:a4:15:2e:37:cb:d2:d7:6f:dd:b0:
7d:66:fb:d9:49:dc:40:c8:47:d4:0b:72:b2:d6:b9:d3:06:19:
7b:e0:73:b8:4b:f0:89:97:c9:ba:a8:5d:d3:0b:46:6d:9b:20:
11:8e:f3:2b:c3:46:a1:d3:9e:c3:b5:d3:94:38:5f:7c:5c:62:
d6:cf:3e:0a:e6:77:b7:0a:54:0d:aa:9c:39:7b:98:9f:3e:00:
8c:e3:2a:15:0e:4a:31:89:70:68:68:b2:b6:d2:1c:c3:4c:74:
86:6d:d9:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DsN8NvDqk60fXK+X2PW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwNjI4MTUwMTI3WhcNMjUwNjI5MTUwMTI3WjAzMTEwLwYDVQQD
EygxZmE0NWU3NGI5NmIyMThkM2M3YjQ1ZDQ4NDY1NDE3MzU4MzVkMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dhE/Of1pZE9EHQU9RsyOXGfZ0MA
K7l4zXQi6r0Q04e2otw7XM++coTTUb3kpVHYlYNxmuNPoXGz3hX3QzQSyX0WQ9yW
aulFdi3xavHXQ/nmwKxj50QzPtJ/yMILTEJPmLD3q3o2mbE6LS6e2+47NBY/YYry
d0zdCr6dfmaJhfOytyUe/tLVzAm6YiUR1Tao30XmRQJyCxlnWh87Zo+ohnVZgfMs
JZl6Z7SRhIBmKuqnSoeAfYlFT1ajo8Fp1onnMFnVZCxIZKEBSO0Y9d3G1t3S6VNy
k1RTCVodUydCo8dNQn3tOQuCb5vxfdsTlUECIGGQ4T+jg9d6PIqA7tvbKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+kXnS5ayGNPHtF1IRlQXNYNdD4MB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFpDzpQ+
7+SZuYx1VjcpoHVU6gsqQy0A73eVRwq7gg1MC00mo4PJN3bm1eLGE8m4G6X50w02
7PKN4q5pp6dVFcQ5bmb2YVG0S9vkSBW92BHDGiKUW4U+knLAfFdQKSS35bdeSi3n
bhfuYXAaILs40s2HhMuJ0K3Lg/mMDgtCoZUfEYPEVJ0sVLJFrj4P7+1sCYyXEZmf
xRikFS43y9LXb92wfWb72UncQMhH1Atysta50wYZe+BzuEvwiZfJuqhd0wtGbZsg
EY7zK8NGodOew7XTlDhffFxi1s8+CuZ3twpUDaqcOXuYnz4AjOMqFQ5KMYlwaGiy
ttIcw0x0hm3Zfw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:13:06 2025 by rpki-client