Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier: qrofD1VS0al2rHfolQDUxjhkzfB697DDRqeCjGCAAnA=
Subject key identifier: A6:28:0A:21:42:34:5F:40:67:A9:2F:AE:3E:D0:EE:A0:71:0E:7A:DC
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 0197B7EA6A2654D8C115326EBF5D512447B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number: 0B38
Signing time: Sat 28 Jun 2025 19:01:22 +0000
Manifest this update: Sat 28 Jun 2025 19:01:22 +0000
Manifest next update: Sun 29 Jun 2025 19:01:22 +0000
Files and hashes: 1: E8EItKN2__9iKd7VUUHBehRVQCo.roa (hash: mIn23TrAWNsxopm3nGDSwuz19rtPaaB79Dzo0Qrhuqk=)
2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: AKmKkDkknu39VSbh0uoZebW9XzqGlV/DDgr5zM8tvws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:6a:26:54:d8:c1:15:32:6e:bf:5d:51:24:47:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Jun 28 19:01:22 2025 GMT
Not After : Jun 29 19:01:22 2025 GMT
Subject: CN=a6280a2142345f4067a92fae3ed0eea0710e7adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c8:1d:32:7c:9d:53:c4:84:9e:51:66:c2:d2:
37:5a:50:1b:e9:7f:73:e9:0c:e4:db:9f:b3:43:b7:
fc:34:c8:d3:3e:1d:76:cd:a3:04:c2:84:aa:78:38:
a0:02:65:7a:fd:77:bd:22:b1:c0:36:7b:db:43:74:
03:89:de:0e:67:66:7a:5e:7d:1a:97:1b:1a:24:31:
fd:52:b4:b2:b1:92:2c:e6:23:b0:fd:d6:29:2b:50:
2e:ed:31:ed:bc:bd:0a:bb:d2:02:37:77:4c:87:fa:
ee:d2:98:83:a6:52:11:14:72:3b:a5:85:39:23:b3:
3f:c2:b4:d2:77:92:31:8f:dd:90:c5:3a:26:b6:42:
c8:3a:c1:ae:2e:8b:0b:59:b9:2e:6c:c0:12:cc:21:
ba:83:a6:93:30:65:ae:14:80:a3:63:5e:b1:6f:db:
b6:f2:cb:5a:18:27:0c:59:d0:13:ae:eb:5a:df:64:
0c:6e:30:d4:7c:ed:60:bc:68:d3:19:1a:60:09:6c:
35:dc:51:73:f0:5e:76:9b:8f:2f:b1:af:97:1c:3a:
f7:54:68:a6:da:6a:cb:8e:a3:9d:6c:02:5f:c5:3c:
b9:0b:4d:da:63:33:08:93:61:7b:63:53:29:8d:f0:
85:82:86:ee:7e:e3:7d:89:b5:94:f1:c4:0e:a1:4e:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:28:0A:21:42:34:5F:40:67:A9:2F:AE:3E:D0:EE:A0:71:0E:7A:DC
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:17:ed:e4:2e:e8:85:3c:c8:ad:8c:dd:a7:45:de:dc:ca:72:
f0:9e:9a:3e:54:44:ca:18:aa:50:28:96:f5:56:7f:76:55:c7:
e0:01:79:f1:db:a8:2f:97:50:16:da:61:8d:b1:b4:83:ae:ad:
0f:d1:aa:87:b1:3f:61:82:55:b2:90:c1:f0:ec:2f:88:5c:13:
21:1d:37:51:23:cf:31:ad:40:91:e2:38:1b:1d:e1:68:a1:41:
e2:70:51:57:9d:20:8c:30:24:e0:89:b6:20:9e:2f:cd:60:d3:
a5:bc:45:98:d5:11:cb:ac:aa:9c:29:ac:99:b7:d2:32:d2:c0:
08:c6:ff:93:9a:e7:f5:18:64:53:46:30:b3:e3:95:38:6c:d0:
bc:da:e5:ca:92:a3:10:6c:4a:8b:fb:3f:5f:5b:3c:4f:81:38:
59:b3:7e:c4:75:92:04:16:41:7b:ae:0d:7f:9b:fe:0c:8d:07:
de:f2:da:f5:25:39:52:4f:38:a3:01:94:79:32:7e:6f:ab:96:
f2:03:4c:57:a1:a7:7e:52:7a:c9:d8:81:f9:cb:0b:1d:9a:73:
00:26:51:d2:a0:9f:6b:16:1d:d0:71:fd:bf:6b:5d:82:9a:0a:
59:0c:36:41:58:11:de:e8:5d:f1:c8:77:b5:69:c0:47:36:76:
24:c3:fc:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36momVNjBFTJuv11RJEe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjUwNjI4MTkwMTIyWhcNMjUwNjI5MTkwMTIyWjAzMTEwLwYDVQQD
EyhhNjI4MGEyMTQyMzQ1ZjQwNjdhOTJmYWUzZWQwZWVhMDcxMGU3YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38gdMnydU8SEnlFmwtI3WlAb6X9z
6Qzk25+zQ7f8NMjTPh12zaMEwoSqeDigAmV6/Xe9IrHANnvbQ3QDid4OZ2Z6Xn0a
lxsaJDH9UrSysZIs5iOw/dYpK1Au7THtvL0Ku9ICN3dMh/ru0piDplIRFHI7pYU5
I7M/wrTSd5Ixj92QxTomtkLIOsGuLosLWbkubMASzCG6g6aTMGWuFICjY16xb9u2
8staGCcMWdATruta32QMbjDUfO1gvGjTGRpgCWw13FFz8F52m48vsa+XHDr3VGim
2mrLjqOdbAJfxTy5C03aYzMIk2F7Y1MpjfCFgobufuN9ibWU8cQOoU75YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYoCiFCNF9AZ6kvrj7Q7qBxDnrcMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRft5C7o
hTzIrYzdp0Xe3Mpy8J6aPlREyhiqUCiW9VZ/dlXH4AF58duoL5dQFtphjbG0g66t
D9Gqh7E/YYJVspDB8OwviFwTIR03USPPMa1AkeI4Gx3haKFB4nBRV50gjDAk4Im2
IJ4vzWDTpbxFmNURy6yqnCmsmbfSMtLACMb/k5rn9RhkU0Yws+OVOGzQvNrlypKj
EGxKi/s/X1s8T4E4WbN+xHWSBBZBe64Nf5v+DI0H3vLa9SU5Uk84owGUeTJ+b6uW
8gNMV6GnflJ6ydiB+csLHZpzACZR0qCfaxYd0HH9v2tdgpoKWQw2QVgR3uhd8ch3
tWnARzZ2JMP86g==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:48:46 2025 by rpki-client