Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
File: aM73Itq-WXXKT5uoYWOI7GxlaiA.mft (raw, json)
Hash identifier: gNBiMBzu2loyQpth5ZK7B5sDWkPPkOyfn4ULkxuV0eQ=
Subject key identifier: E5:0C:BD:71:EF:DF:E4:04:5B:59:8E:B4:DD:93:80:26:1C:29:34:03
Authority key identifier: 68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
Certificate issuer: /CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Certificate serial: 0197B632C84CEC4D5A6E69574CF11329B98D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
Manifest number: 0A9E
Signing time: Sat 28 Jun 2025 11:01:10 +0000
Manifest this update: Sat 28 Jun 2025 11:01:10 +0000
Manifest next update: Sun 29 Jun 2025 11:01:10 +0000
Files and hashes: 1: F66nmw_9gnfRz1vGxzlxmQMgQys.roa (hash: V2QUSY1nIUt0LG1yVgyvdzAwGo/lvS6oHhY3urqyJbE=)
2: IdMP5mSXjXy5RCG7h8iUYBC-7wU.roa (hash: Ak+0cLrZuuXp8cAQmKH4z3k18zZ0o3zgplicC1IedBk=)
3: aM73Itq-WXXKT5uoYWOI7GxlaiA.crl (hash: zCpXKVYwgv31m7suHrSpWvbPG2ZKm5D/d41jVGznbwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:c8:4c:ec:4d:5a:6e:69:57:4c:f1:13:29:b9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Validity
Not Before: Jun 28 11:01:10 2025 GMT
Not After : Jun 29 11:01:10 2025 GMT
Subject: CN=e50cbd71efdfe4045b598eb4dd9380261c293403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ca:2c:45:1e:a4:3f:9d:01:cc:99:8f:d2:9e:
47:53:3d:a2:5e:12:3b:2e:d0:b3:17:ae:cc:35:67:
d6:71:08:01:0a:1c:dd:63:1c:ac:90:f0:5a:8b:e3:
16:c5:dc:23:9d:be:12:19:d8:e8:9f:ef:6b:f8:19:
19:2f:7d:d3:7b:fc:12:26:9b:4b:6f:1d:3c:46:6c:
dd:e9:68:62:4b:aa:f0:a8:9e:9d:31:7a:59:d9:3e:
24:83:9b:8f:7b:54:ef:cd:eb:f2:d1:4b:05:f5:f0:
01:c9:50:8d:82:43:e3:f1:00:2d:bd:47:a8:66:8e:
02:98:91:a3:1c:04:bf:57:c8:71:d0:99:fb:b7:e0:
52:f8:76:44:44:21:b4:8d:94:d5:b4:4d:05:f6:b3:
2a:b8:1a:61:8c:e6:80:5e:0c:c2:97:67:7b:a7:be:
74:39:c4:c9:e3:e4:29:25:4d:ed:bb:d2:a1:4a:ea:
34:4a:0a:58:10:65:f6:ae:7a:af:15:c5:82:68:2c:
89:13:0e:10:88:81:37:dc:5b:64:66:dc:7c:7f:64:
12:90:f7:d8:3b:c0:eb:cc:f1:7e:9b:2d:66:71:8c:
69:af:56:29:64:e0:ec:33:7d:b7:09:e4:a1:fe:03:
89:22:53:95:2a:e2:26:5b:98:b2:5b:77:d6:f1:1a:
f9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0C:BD:71:EF:DF:E4:04:5B:59:8E:B4:DD:93:80:26:1C:29:34:03
X509v3 Authority Key Identifier:
keyid:68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:42:7d:85:fe:1e:2e:2b:36:d6:1a:36:9b:7a:d2:2c:d7:cb:
ba:90:b6:63:25:bb:14:49:1e:38:63:1f:5f:93:67:47:d6:4a:
69:fd:b9:11:f3:84:8b:c4:c6:40:8b:a0:09:ab:88:58:58:53:
b2:40:a6:b5:ed:04:44:9c:da:97:14:ff:ef:89:74:9d:b4:41:
9c:5f:a4:a4:1d:0b:3a:1c:5e:b5:60:b4:b7:f7:0a:52:13:71:
49:29:4d:c0:9a:64:8f:e9:f5:e2:2f:34:b6:fa:38:7d:ec:c5:
07:2e:f7:3f:fa:bb:ca:49:68:47:38:ff:ca:d6:59:40:aa:c9:
7a:e4:56:61:eb:e0:71:bd:d3:2d:3b:c6:24:30:79:a0:14:e0:
da:75:ef:b1:fa:4e:be:8a:b4:3e:f4:6d:90:66:ea:92:ef:7b:
fd:e6:1c:df:32:be:80:b3:c1:d7:75:27:11:bb:62:de:12:b1:
06:24:94:70:13:84:dc:84:2b:09:f7:7d:b8:a2:50:3f:84:a9:
4a:6f:c2:25:4c:39:ae:ee:97:0e:4c:e7:b3:b1:49:c0:ec:d1:
4b:e8:e9:2e:57:34:69:0e:6a:05:ae:c6:f6:c0:5a:a1:9c:e5:
96:5d:62:90:aa:75:29:77:49:2b:42:88:fd:56:10:ea:40:a4:
12:dc:ab:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MshM7E1abmlXTPETKbmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2VmNzIyZGFiZTU5NzVjYTRmOWJhODYxNjM4OGVjNmM2
NTZhMjAwHhcNMjUwNjI4MTEwMTEwWhcNMjUwNjI5MTEwMTEwWjAzMTEwLwYDVQQD
EyhlNTBjYmQ3MWVmZGZlNDA0NWI1OThlYjRkZDkzODAyNjFjMjkzNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcosRR6kP50BzJmP0p5HUz2iXhI7
LtCzF67MNWfWcQgBChzdYxyskPBai+MWxdwjnb4SGdjon+9r+BkZL33Te/wSJptL
bx08Rmzd6WhiS6rwqJ6dMXpZ2T4kg5uPe1Tvzevy0UsF9fAByVCNgkPj8QAtvUeo
Zo4CmJGjHAS/V8hx0Jn7t+BS+HZERCG0jZTVtE0F9rMquBphjOaAXgzCl2d7p750
OcTJ4+QpJU3tu9KhSuo0SgpYEGX2rnqvFcWCaCyJEw4QiIE33FtkZtx8f2QSkPfY
O8DrzPF+my1mcYxpr1YpZODsM323CeSh/gOJIlOVKuImW5iyW3fW8Rr5OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUMvXHv3+QEW1mOtN2TgCYcKTQDMB8GA1UdIwQY
MBaAFGjO9yLavll1yk+bqGFjiOxsZWogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2It
Y2Q2NzdhYjQzMWFhLzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2ItY2Q2NzdhYjQzMWFh
LzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANkJ9hf4e
Lis21ho2m3rSLNfLupC2YyW7FEkeOGMfX5NnR9ZKaf25EfOEi8TGQIugCauIWFhT
skCmte0ERJzalxT/74l0nbRBnF+kpB0LOhxetWC0t/cKUhNxSSlNwJpkj+n14i80
tvo4fezFBy73P/q7ykloRzj/ytZZQKrJeuRWYevgcb3TLTvGJDB5oBTg2nXvsfpO
voq0PvRtkGbqku97/eYc3zK+gLPB13UnEbti3hKxBiSUcBOE3IQrCfd9uKJQP4Sp
Sm/CJUw5ru6XDkzns7FJwOzRS+jpLlc0aQ5qBa7G9sBaoZzlll1ikKp1KXdJK0KI
/VYQ6kCkEtyrzg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:59:13 2025 by rpki-client