Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
File: aZHFbxGnFxxhUyOXafVXvroQGC0.mft (raw, json)
Hash identifier: Xfdg/mrMFQKQA88JdoP4jzuK1spKB4sURn1rhjoQorA=
Subject key identifier: 2B:BA:B0:61:DF:C0:63:CB:78:02:C4:3C:A8:1F:38:75:2D:9A:05:5F
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0197B7B2F2A8EFBFC377C2A971DA685A228E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
Manifest number: 090F
Signing time: Sat 28 Jun 2025 18:00:47 +0000
Manifest this update: Sat 28 Jun 2025 18:00:47 +0000
Manifest next update: Sun 29 Jun 2025 18:00:47 +0000
Files and hashes: 1: aZHFbxGnFxxhUyOXafVXvroQGC0.crl (hash: 7DXtgyxy4bTB7dN7ibz8rcsn9BRxhcCq2X88ukw35eE=)
2: x-UkkAB6bBHjnvfgkifHZfsul34.roa (hash: Z+EoTHR/GmNeC+PGL9FT4NMDxcyauPnVaWgbSwI9JOU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b2:f2:a8:ef:bf:c3:77:c2:a9:71:da:68:5a:22:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jun 28 18:00:47 2025 GMT
Not After : Jun 29 18:00:47 2025 GMT
Subject: CN=2bbab061dfc063cb7802c43ca81f38752d9a055f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:8f:e1:3b:2f:d7:cc:de:2e:50:ef:3c:1b:
a8:49:e5:99:51:35:eb:48:2b:4f:a1:39:58:92:d3:
20:67:93:3c:a8:58:fd:bc:76:3a:37:fb:33:5a:8c:
da:5f:02:52:ae:f2:cb:a9:c6:f1:82:4f:af:0b:3b:
0d:cf:49:b4:b0:71:5c:ba:68:9d:3e:47:bc:0e:70:
2f:b3:77:b0:83:60:ea:ed:6d:5b:b2:3b:fe:42:4e:
3f:38:28:c0:81:85:0c:75:6d:f0:a5:fb:0f:c5:07:
0f:65:84:aa:68:ad:bc:07:e6:dd:6b:88:33:35:56:
3d:d9:c1:76:94:9c:63:d5:87:01:88:1a:84:a3:5b:
55:d2:f4:9e:49:f1:a1:24:9d:e8:f8:fa:ff:f4:f3:
97:85:7d:36:f9:7e:91:d0:d9:24:28:6e:06:89:f9:
f7:ae:be:e7:88:15:c8:95:89:4a:65:8c:28:60:eb:
85:a0:79:d0:2f:e9:15:8c:d0:90:aa:00:c2:78:d5:
c4:62:17:47:1b:82:67:64:2b:ea:31:f6:0a:c2:4d:
b8:6d:9f:56:2e:f6:a5:01:03:44:45:8b:16:f9:a4:
dd:88:f1:72:46:f2:7f:9d:63:b4:a0:57:91:4e:5c:
0f:f8:13:98:1c:33:a0:41:63:1b:db:88:fe:27:ba:
07:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BA:B0:61:DF:C0:63:CB:78:02:C4:3C:A8:1F:38:75:2D:9A:05:5F
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:25:17:6a:ab:0a:a4:f3:14:9b:fb:25:0d:2c:74:84:16:2b:
16:d7:08:f9:42:8e:06:c3:74:ec:61:44:82:26:94:0b:55:72:
ca:7b:39:a8:08:01:f7:bc:51:6e:40:19:64:94:ff:11:38:e7:
de:54:e7:2a:c0:66:52:20:37:3e:b3:3c:b6:f9:b8:9a:43:ae:
3f:38:25:8a:e1:ec:9b:a0:6e:66:8b:26:75:c4:6f:94:d2:71:
1d:25:8b:5c:fd:1e:a1:67:f4:1f:0a:04:00:28:eb:50:7a:17:
17:f5:01:24:22:43:7b:19:9a:e8:02:c2:bb:04:c0:d9:5d:33:
5e:28:48:41:bb:b9:a6:b7:49:c2:bb:0a:98:1f:7f:21:eb:7a:
6a:b2:60:2b:be:98:1a:fd:61:7c:7c:d3:8c:e2:3e:cf:fd:f8:
a2:96:c9:43:6b:e7:c3:61:76:2d:43:32:30:6b:f6:7f:91:ce:
34:a2:70:67:cf:6e:ec:94:0e:20:49:97:29:93:ff:84:8c:f1:
a0:0e:c2:b4:1b:20:77:23:0e:13:bb:5b:68:7b:2b:92:2b:bf:
c0:43:84:4b:1e:b5:99:e7:75:bd:63:9a:c7:2c:1d:82:60:61:
fa:33:38:3c:72:f5:9b:72:74:be:58:11:51:0b:74:80:66:d3:
f8:eb:37:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3svKo77/Dd8KpcdpoWiKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNjI4MTgwMDQ3WhcNMjUwNjI5MTgwMDQ3WjAzMTEwLwYDVQQD
EygyYmJhYjA2MWRmYzA2M2NiNzgwMmM0M2NhODFmMzg3NTJkOWEwNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwWP4Tsv18zeLlDvPBuoSeWZUTXr
SCtPoTlYktMgZ5M8qFj9vHY6N/szWozaXwJSrvLLqcbxgk+vCzsNz0m0sHFcumid
Pke8DnAvs3ewg2Dq7W1bsjv+Qk4/OCjAgYUMdW3wpfsPxQcPZYSqaK28B+bda4gz
NVY92cF2lJxj1YcBiBqEo1tV0vSeSfGhJJ3o+Pr/9POXhX02+X6R0NkkKG4Gifn3
rr7niBXIlYlKZYwoYOuFoHnQL+kVjNCQqgDCeNXEYhdHG4JnZCvqMfYKwk24bZ9W
LvalAQNERYsW+aTdiPFyRvJ/nWO0oFeRTlwP+BOYHDOgQWMb24j+J7oH3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCu6sGHfwGPLeALEPKgfOHUtmgVfMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANiUXaqsK
pPMUm/slDSx0hBYrFtcI+UKOBsN07GFEgiaUC1Vyyns5qAgB97xRbkAZZJT/ETjn
3lTnKsBmUiA3PrM8tvm4mkOuPzgliuHsm6BuZosmdcRvlNJxHSWLXP0eoWf0HwoE
ACjrUHoXF/UBJCJDexma6ALCuwTA2V0zXihIQbu5prdJwrsKmB9/Iet6arJgK76Y
Gv1hfHzTjOI+z/34opbJQ2vnw2F2LUMyMGv2f5HONKJwZ89u7JQOIEmXKZP/hIzx
oA7CtBsgdyMOE7tbaHsrkiu/wEOESx61med1vWOaxywdgmBh+jM4PHL1m3J0vlgR
UQt0gGbT+Os3AA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:05:59 2025 by rpki-client