Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
File: aM73Itq-WXXKT5uoYWOI7GxlaiA.mft (raw, json)
Hash identifier: GxVVW/brJAmmvC9i2hmi6oVBjo3BeDWxLV3VirnoCqI=
Subject key identifier: 1B:9B:C9:1D:AE:19:4C:3F:80:E1:88:4E:EA:92:70:1D:D0:E4:87:CE
Authority key identifier: 68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
Certificate issuer: /CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Certificate serial: 0198D5F176367B164CB4938C848E081B1C5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
Manifest number: 0B33
Signing time: Sat 23 Aug 2025 08:00:28 +0000
Manifest this update: Sat 23 Aug 2025 08:00:28 +0000
Manifest next update: Sun 24 Aug 2025 08:00:28 +0000
Files and hashes: 1: F66nmw_9gnfRz1vGxzlxmQMgQys.roa (hash: V2QUSY1nIUt0LG1yVgyvdzAwGo/lvS6oHhY3urqyJbE=)
2: IdMP5mSXjXy5RCG7h8iUYBC-7wU.roa (hash: Ak+0cLrZuuXp8cAQmKH4z3k18zZ0o3zgplicC1IedBk=)
3: aM73Itq-WXXKT5uoYWOI7GxlaiA.crl (hash: O1LxXqNhlq7clknsz2F+FRmjdSNd5vRv4Ag3hWnZnXI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:f1:76:36:7b:16:4c:b4:93:8c:84:8e:08:1b:1c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Validity
Not Before: Aug 23 08:00:28 2025 GMT
Not After : Aug 24 08:00:28 2025 GMT
Subject: CN=1b9bc91dae194c3f80e1884eea92701dd0e487ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:32:8f:b0:93:37:cd:77:e2:d1:25:75:9a:
18:9d:1f:04:66:00:7c:77:40:ac:fc:14:dd:29:5f:
8a:71:0e:4e:3a:42:50:df:85:bc:8a:25:d1:47:45:
d9:74:3c:f7:29:11:5c:27:4e:5c:50:77:ef:57:e7:
89:5d:e5:5a:44:7c:b9:a1:a2:10:da:0f:3d:9f:86:
fc:f0:a8:78:a9:57:ce:42:c2:30:82:2c:0b:d3:86:
90:8c:9d:63:e2:38:ec:c7:61:2f:b5:29:14:23:39:
b8:02:eb:37:e1:10:48:03:1a:60:e2:d6:62:97:bd:
26:c0:a7:a0:2f:c3:20:30:a7:73:8e:5d:5a:09:23:
0a:a4:de:ac:c8:0a:17:00:09:14:68:4d:ec:77:96:
2f:a2:7e:21:e1:3f:44:62:d5:02:4a:97:fd:6a:3b:
11:f3:fe:c9:3d:bd:3d:9a:6a:03:26:af:0d:2b:b8:
42:b9:25:51:91:49:5f:13:d4:c7:2f:cc:db:52:a5:
a1:45:f3:ae:a8:79:d7:75:dd:db:19:05:a2:18:df:
af:ea:93:db:27:c7:fa:0f:dd:62:bd:50:2b:c0:10:
60:c5:81:b8:fc:71:02:6b:89:bc:b3:ad:77:e8:0e:
4f:b8:93:14:6e:8a:34:f6:30:d0:bb:ca:2c:19:e4:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9B:C9:1D:AE:19:4C:3F:80:E1:88:4E:EA:92:70:1D:D0:E4:87:CE
X509v3 Authority Key Identifier:
keyid:68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:e6:7c:56:35:54:eb:98:b8:2b:d9:b2:a6:cd:02:e5:49:c1:
6b:68:88:2b:ef:ab:01:4b:ef:ca:09:00:58:ec:e4:51:42:0a:
d5:b8:47:4d:d2:f6:04:90:fb:24:e9:9f:41:44:2e:68:0a:66:
ec:c9:d5:b1:9c:3a:19:5c:da:c3:db:56:87:c6:69:ab:5c:61:
bd:86:1d:fc:44:9c:b7:00:b9:ef:00:cf:b4:cf:99:8c:80:29:
09:77:80:4e:5f:54:3a:4a:e9:e8:cf:a7:4c:b1:c7:8b:e4:20:
e3:ca:ab:c6:d6:b6:9b:dc:2b:33:3e:a4:69:5a:49:8c:82:46:
9e:4b:e4:43:ce:c6:04:53:2f:69:81:7b:0b:c1:10:96:c1:39:
ab:63:df:82:5e:4c:8d:6b:7a:db:da:75:ec:1b:c5:79:db:30:
f8:82:61:95:e0:27:75:54:5c:71:29:14:15:b1:0e:1b:72:33:
b6:09:93:87:6d:c6:89:e7:33:b2:6f:6b:32:a2:98:a5:2d:3a:
16:5c:1d:25:bb:7b:00:ca:ad:99:e1:30:24:72:da:5b:d9:61:
6f:c0:90:16:b5:2c:b0:2f:10:fe:be:eb:33:df:9e:00:42:08:
a9:f5:ae:35:10:63:00:ac:38:7f:d6:1e:c4:b8:94:60:d8:f3:
82:c2:e2:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8XY2exZMtJOMhI4IGxxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2VmNzIyZGFiZTU5NzVjYTRmOWJhODYxNjM4OGVjNmM2
NTZhMjAwHhcNMjUwODIzMDgwMDI4WhcNMjUwODI0MDgwMDI4WjAzMTEwLwYDVQQD
EygxYjliYzkxZGFlMTk0YzNmODBlMTg4NGVlYTkyNzAxZGQwZTQ4N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Pkyj7CTN8134tEldZoYnR8EZgB8
d0Cs/BTdKV+KcQ5OOkJQ34W8iiXRR0XZdDz3KRFcJ05cUHfvV+eJXeVaRHy5oaIQ
2g89n4b88Kh4qVfOQsIwgiwL04aQjJ1j4jjsx2EvtSkUIzm4Aus34RBIAxpg4tZi
l70mwKegL8MgMKdzjl1aCSMKpN6syAoXAAkUaE3sd5Yvon4h4T9EYtUCSpf9ajsR
8/7JPb09mmoDJq8NK7hCuSVRkUlfE9THL8zbUqWhRfOuqHnXdd3bGQWiGN+v6pPb
J8f6D91ivVArwBBgxYG4/HECa4m8s6136A5PuJMUboo09jDQu8osGeQnSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBubyR2uGUw/gOGITuqScB3Q5IfOMB8GA1UdIwQY
MBaAFGjO9yLavll1yk+bqGFjiOxsZWogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2It
Y2Q2NzdhYjQzMWFhLzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2ItY2Q2NzdhYjQzMWFh
LzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZOZ8VjVU
65i4K9myps0C5UnBa2iIK++rAUvvygkAWOzkUUIK1bhHTdL2BJD7JOmfQUQuaApm
7MnVsZw6GVzaw9tWh8Zpq1xhvYYd/ESctwC57wDPtM+ZjIApCXeATl9UOkrp6M+n
TLHHi+Qg48qrxta2m9wrMz6kaVpJjIJGnkvkQ87GBFMvaYF7C8EQlsE5q2Pfgl5M
jWt629p17BvFedsw+IJhleAndVRccSkUFbEOG3IztgmTh23Gieczsm9rMqKYpS06
FlwdJbt7AMqtmeEwJHLaW9lhb8CQFrUssC8Q/r7rM9+eAEIIqfWuNRBjAKw4f9Ye
xLiUYNjzgsLi0A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:41:42 2025 by rpki-client