Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
File: l_aXATQzuJHWRpfZKGY75zTbpOc.mft (raw, json)
Hash identifier: fzgG6cwJJ9zvTCjl/xtEX50fXdN233FySE50GjdQY5o=
Subject key identifier: 3B:63:87:8B:66:E4:53:1D:B7:1D:7B:94:01:46:43:59:2C:4F:89:3C
Authority key identifier: 97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
Certificate issuer: /CN=97f697013433b891d64697d928663be734dba4e7
Certificate serial: 0198D5BB8F544CBFE10A6C5F26EB5E2AFC6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
Manifest number: 164A
Signing time: Sat 23 Aug 2025 07:01:35 +0000
Manifest this update: Sat 23 Aug 2025 07:01:35 +0000
Manifest next update: Sun 24 Aug 2025 07:01:35 +0000
Files and hashes: 1: Q01X85MGyHMF5rr2gbqyxSbVGJU.roa (hash: 3pLndBzBIS9IcjtzdUX4XacaMZCMolKRG+4KwxWHWEU=)
2: l_aXATQzuJHWRpfZKGY75zTbpOc.crl (hash: j3aEk0F2QjxUKe2uL3E23j+QdoLlYYvRdsWH20CG530=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bb:8f:54:4c:bf:e1:0a:6c:5f:26:eb:5e:2a:fc:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f697013433b891d64697d928663be734dba4e7
Validity
Not Before: Aug 23 07:01:35 2025 GMT
Not After : Aug 24 07:01:35 2025 GMT
Subject: CN=3b63878b66e4531db71d7b94014643592c4f893c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8b:c1:7f:d8:8a:34:1a:35:7a:ec:3e:b4:0c:
25:ba:72:9d:f2:d3:cc:48:1f:a2:9f:ba:d2:41:f4:
37:ad:53:98:9e:4f:e0:ad:1f:9a:4c:90:b2:77:f4:
a2:ed:5a:84:4b:65:29:26:08:33:64:60:96:66:36:
13:ac:af:4f:46:29:96:83:1d:84:d6:87:1a:55:3f:
fb:fa:f6:30:9d:61:fb:5b:0d:ab:12:fa:46:d1:f6:
52:a8:b5:f0:f1:77:ac:b4:bb:48:9e:8a:51:f6:95:
44:cc:af:f8:df:ff:d0:a5:65:42:7b:aa:e7:a8:6f:
a0:95:19:bc:41:d7:eb:09:80:9c:79:bc:a5:2e:c9:
6a:fb:70:8c:11:00:81:37:56:5f:02:92:5e:f2:36:
40:d9:83:50:ea:25:14:85:0a:c7:6b:42:55:7e:90:
a0:5d:9d:a4:5e:78:b1:06:8b:49:3e:1b:09:18:29:
e9:20:99:da:a6:6f:ca:dd:ed:e5:21:6e:44:52:0f:
79:01:8c:e8:1f:3a:35:62:46:6b:30:9d:2e:f4:72:
25:6f:42:a3:dd:61:4c:1e:cf:ff:39:08:0b:2e:ae:
7c:1b:eb:2d:b1:a2:77:4d:ef:98:bc:1c:df:b7:62:
03:ab:97:4b:68:54:03:0d:10:e8:70:8f:99:7b:d0:
bf:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:63:87:8B:66:E4:53:1D:B7:1D:7B:94:01:46:43:59:2C:4F:89:3C
X509v3 Authority Key Identifier:
keyid:97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:ff:2e:d1:09:22:b8:e3:e3:03:96:18:ec:2a:d1:c9:ab:d7:
dd:19:d7:51:d0:ff:9c:05:6a:59:fa:b7:5a:0e:b1:c8:ea:40:
62:67:99:30:33:2d:e8:3a:fb:dd:2a:6e:90:26:6d:b5:02:33:
67:93:3b:16:7d:9d:e8:f7:6d:a9:1a:a2:cc:26:88:0b:90:f9:
e8:0b:18:93:24:80:4e:78:b4:63:35:33:3b:f5:38:0c:85:fa:
66:7c:a2:75:bd:58:46:b0:42:7a:e5:84:c2:fb:c7:c1:b0:f1:
32:4a:17:46:7c:3b:61:29:24:b5:9c:33:9c:3b:48:a9:eb:f5:
14:08:6c:d7:4a:f9:a6:97:47:b7:df:37:4d:cf:76:15:5d:0a:
71:ef:3b:9f:58:91:59:f1:df:fb:27:ce:32:1f:72:bf:aa:8b:
63:b4:c0:39:69:89:ef:9a:38:be:58:a0:77:eb:22:ca:23:ac:
a0:c3:8e:1f:af:da:c1:1c:21:4b:b8:7f:fa:7f:c5:d7:5d:8b:
a4:4a:17:fe:89:10:7c:7d:86:89:6b:ba:75:74:7d:d3:c6:1d:
6c:38:01:39:bb:6d:52:d6:a1:d8:50:b7:d2:56:33:99:fd:d8:
ab:06:3d:7c:64:33:53:4b:83:67:e0:c9:5f:ba:67:e6:c5:1f:
4c:61:98:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu49UTL/hCmxfJuteKvxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjY5NzAxMzQzM2I4OTFkNjQ2OTdkOTI4NjYzYmU3MzRk
YmE0ZTcwHhcNMjUwODIzMDcwMTM1WhcNMjUwODI0MDcwMTM1WjAzMTEwLwYDVQQD
EygzYjYzODc4YjY2ZTQ1MzFkYjcxZDdiOTQwMTQ2NDM1OTJjNGY4OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYvBf9iKNBo1euw+tAwlunKd8tPM
SB+in7rSQfQ3rVOYnk/grR+aTJCyd/Si7VqES2UpJggzZGCWZjYTrK9PRimWgx2E
1ocaVT/7+vYwnWH7Ww2rEvpG0fZSqLXw8XestLtInopR9pVEzK/43//QpWVCe6rn
qG+glRm8QdfrCYCcebylLslq+3CMEQCBN1ZfApJe8jZA2YNQ6iUUhQrHa0JVfpCg
XZ2kXnixBotJPhsJGCnpIJnapm/K3e3lIW5EUg95AYzoHzo1YkZrMJ0u9HIlb0Kj
3WFMHs//OQgLLq58G+stsaJ3Te+YvBzft2IDq5dLaFQDDRDocI+Ze9C/rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtjh4tm5FMdtx17lAFGQ1ksT4k8MB8GA1UdIwQY
MBaAFJf2lwE0M7iR1kaX2ShmO+c026TnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjIt
N2JjODMyMjBmYjYyLzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjItN2JjODMyMjBmYjYy
LzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADv8u0Qki
uOPjA5YY7CrRyavX3RnXUdD/nAVqWfq3Wg6xyOpAYmeZMDMt6Dr73SpukCZttQIz
Z5M7Fn2d6PdtqRqizCaIC5D56AsYkySATni0YzUzO/U4DIX6Znyidb1YRrBCeuWE
wvvHwbDxMkoXRnw7YSkktZwznDtIqev1FAhs10r5ppdHt983Tc92FV0Kce87n1iR
WfHf+yfOMh9yv6qLY7TAOWmJ75o4vligd+siyiOsoMOOH6/awRwhS7h/+n/F112L
pEoX/okQfH2GiWu6dXR908YdbDgBObttUtah2FC30lYzmf3YqwY9fGQzU0uDZ+DJ
X7pn5sUfTGGYrA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:55:57 2025 by rpki-client