Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: UdGL84rYq5JnxDDedPT/Yq5x+QMiqPJMVkK4b49Gr2k=
Subject key identifier: D7:2C:4D:5B:A9:BB:67:06:EE:AF:C9:01:79:17:47:DD:81:43:67:98
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0198D6CD63E296ECE3B16EE0D26E637E779D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 164B
Signing time: Sat 23 Aug 2025 12:00:41 +0000
Manifest this update: Sat 23 Aug 2025 12:00:41 +0000
Manifest next update: Sun 24 Aug 2025 12:00:41 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: BBYe9eUuccYt7asVECFDf1szRadMZAN1KQcMAfnzuOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:63:e2:96:ec:e3:b1:6e:e0:d2:6e:63:7e:77:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Aug 23 12:00:41 2025 GMT
Not After : Aug 24 12:00:41 2025 GMT
Subject: CN=d72c4d5ba9bb6706eeafc901791747dd81436798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:7d:81:75:0a:34:c2:fb:3a:be:15:5a:f1:
81:0d:1d:1a:7d:91:b5:f1:29:57:7a:fc:d0:ae:b8:
23:bb:14:c6:87:27:b3:9d:50:9d:59:31:a7:6d:36:
07:f0:74:58:f1:e9:b3:bc:04:93:ad:47:91:0b:22:
46:3e:cb:6c:37:c2:f1:b5:45:f0:be:da:db:a5:61:
0c:25:b5:88:31:6f:11:7f:ac:73:6c:ba:37:9d:13:
14:07:32:f9:47:23:c4:32:ae:93:2a:ed:b9:ec:7b:
d5:a9:9b:ca:b6:32:ec:3b:0e:d6:0d:9a:cb:58:9b:
f3:bf:b8:24:7b:47:29:47:9e:47:6b:12:41:14:49:
be:75:23:6b:ec:e2:72:6b:d4:9f:36:12:57:31:84:
a2:ca:2b:e9:3b:a3:b1:ae:d1:fe:08:01:0b:df:e2:
e3:ac:3e:77:e3:d8:a5:cd:e3:a6:69:28:ff:39:65:
ac:e9:19:b8:6e:91:99:95:fa:cf:b3:c4:11:cd:94:
d2:a5:4e:97:38:ec:01:6b:d2:84:90:02:81:95:5e:
8e:a3:55:55:79:11:b0:57:9e:1e:de:8f:c4:c3:98:
24:1f:ea:f1:53:7f:03:e7:1a:56:88:90:60:db:7c:
ca:b2:a2:40:4c:b9:aa:2e:c6:46:76:c9:22:d1:dd:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:4D:5B:A9:BB:67:06:EE:AF:C9:01:79:17:47:DD:81:43:67:98
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
de:00:db:b9:d7:8e:86:56:cc:71:53:cc:01:84:25:f1:b2:a3:
ca:97:fa:c8:a3:ab:f5:2f:81:25:90:f8:27:05:70:87:ed:5f:
c3:59:ab:06:96:ed:34:01:7e:1f:4a:5f:dc:b0:a2:22:9d:d5:
8e:6f:ac:b3:f9:58:cd:98:b2:5f:a0:21:29:24:0e:c3:5d:65:
f0:4e:69:40:45:2a:44:9d:40:1e:dc:55:af:e4:4c:c3:cf:50:
8a:ed:25:2f:d4:2c:7f:c8:cc:5a:a2:d0:68:ca:29:6b:0f:7a:
e2:0a:bf:0f:43:db:20:ba:fc:90:f7:b4:dd:c4:27:cf:a1:ab:
07:23:d7:9b:1b:6e:16:ed:92:5c:79:2e:b6:30:ee:9e:76:42:
76:8a:34:9f:27:62:45:29:9f:32:cd:4e:95:4d:47:35:b2:85:
65:9e:7b:85:9c:56:25:06:9e:7a:5b:72:d5:f4:9f:64:8e:7f:
07:99:59:03:a6:ca:d3:0a:33:fe:08:16:fc:9a:b2:5b:a1:7e:
ec:f5:25:f5:47:c1:b9:8d:ad:b5:99:52:a9:7d:e5:a4:2a:54:
d3:86:b4:4a:2d:c0:01:26:71:7f:a9:71:d3:79:f4:5e:08:ac:
88:7e:12:ce:e0:20:76:f1:92:9e:2f:fb:1c:e0:0b:c4:ec:ac:
d4:ac:99:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzWPiluzjsW7g0m5jfnedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwODIzMTIwMDQxWhcNMjUwODI0MTIwMDQxWjAzMTEwLwYDVQQD
EyhkNzJjNGQ1YmE5YmI2NzA2ZWVhZmM5MDE3OTE3NDdkZDgxNDM2Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEx9gXUKNML7Or4VWvGBDR0afZG1
8SlXevzQrrgjuxTGhyeznVCdWTGnbTYH8HRY8emzvASTrUeRCyJGPstsN8LxtUXw
vtrbpWEMJbWIMW8Rf6xzbLo3nRMUBzL5RyPEMq6TKu257HvVqZvKtjLsOw7WDZrL
WJvzv7gke0cpR55HaxJBFEm+dSNr7OJya9SfNhJXMYSiyivpO6OxrtH+CAEL3+Lj
rD5349ilzeOmaSj/OWWs6Rm4bpGZlfrPs8QRzZTSpU6XOOwBa9KEkAKBlV6Oo1VV
eRGwV54e3o/Ew5gkH+rxU38D5xpWiJBg23zKsqJATLmqLsZGdski0d0TVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcsTVupu2cG7q/JAXkXR92BQ2eYMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3gDbudeO
hlbMcVPMAYQl8bKjypf6yKOr9S+BJZD4JwVwh+1fw1mrBpbtNAF+H0pf3LCiIp3V
jm+ss/lYzZiyX6AhKSQOw11l8E5pQEUqRJ1AHtxVr+RMw89Qiu0lL9Qsf8jMWqLQ
aMopaw964gq/D0PbILr8kPe03cQnz6GrByPXmxtuFu2SXHkutjDunnZCdoo0nydi
RSmfMs1OlU1HNbKFZZ57hZxWJQaeelty1fSfZI5/B5lZA6bK0woz/ggW/JqyW6F+
7PUl9UfBuY2ttZlSqX3lpCpU04a0Si3AASZxf6lx03n0XgisiH4SzuAgdvGSni/7
HOALxOys1KyZnQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:46:42 2025 by rpki-client