Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
File: aGOaIXWXlv46HZGfm1c362jXCOQ.mft (raw, json)
Hash identifier: JmluylatbPEqiWVw2xxpVj0Qmznm6WVFCjeYC5gAtTc=
Subject key identifier: 4B:37:27:59:86:18:DF:4D:FA:0D:6C:BF:3B:8C:5B:87:6D:6F:02:6C
Authority key identifier: 68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
Certificate issuer: /CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Certificate serial: 0197B77C6400C2942E282A2B1BDCCBD99381
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
Manifest number: 12FF
Signing time: Sat 28 Jun 2025 17:01:11 +0000
Manifest this update: Sat 28 Jun 2025 17:01:11 +0000
Manifest next update: Sun 29 Jun 2025 17:01:11 +0000
Files and hashes: 1: HaUn7tg_GQoLwUeKln7B89E1Zus.roa (hash: UBP04zlDEuw8zGqO58s8vILU4LoszVd4p1cFKyVRANw=)
2: Vaj_SKghwhMr5GkrNo3CpxB4bEs.roa (hash: 2ufypWC+H0u1FT85vML3Y3XXLbc7QafpFQUC4EhAO8E=)
3: aGOaIXWXlv46HZGfm1c362jXCOQ.crl (hash: bXS9hCumABwR5Lxp5RCszGvLOgbsgOqAPszd4CEmtuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:64:00:c2:94:2e:28:2a:2b:1b:dc:cb:d9:93:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Validity
Not Before: Jun 28 17:01:11 2025 GMT
Not After : Jun 29 17:01:11 2025 GMT
Subject: CN=4b3727598618df4dfa0d6cbf3b8c5b876d6f026c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:78:5c:3c:53:90:1c:20:4d:c8:1a:b5:c1:de:
3b:31:e4:a3:9c:b1:49:b6:8b:ba:d1:ae:28:e8:41:
ad:a3:a3:fb:06:25:7a:c1:d2:91:5c:16:93:46:d1:
a1:24:ee:9f:0c:32:74:53:3c:e4:a2:83:d3:6f:da:
a6:55:95:3f:8b:81:ed:ea:21:8e:ce:74:b7:57:91:
66:53:3c:ab:65:33:9b:9e:63:27:7d:41:33:9f:f3:
e7:35:08:f6:cb:3d:51:24:e3:c3:47:08:91:8c:54:
97:ce:15:fb:00:47:49:94:13:9b:35:42:41:57:bf:
b9:aa:41:47:e4:d5:7d:3f:8b:4d:99:b4:0f:e8:af:
d5:83:2d:11:38:19:d6:06:4e:d2:6d:67:67:f9:8b:
78:a9:81:f9:16:41:8e:8b:59:f0:4c:36:74:ec:9a:
8f:87:14:91:bc:97:59:cb:ac:01:1c:1b:cf:08:09:
d3:24:2a:31:32:9f:f5:eb:64:b0:b7:f3:88:3e:cf:
8e:18:06:09:ad:bf:5d:ec:c7:4f:48:fe:11:04:3e:
d0:9b:f2:95:87:ec:7f:f8:21:79:96:8a:44:a2:96:
90:d4:ef:27:81:58:28:7c:93:1a:fd:5a:76:84:d7:
fd:be:b6:a7:e7:4d:5d:07:f5:38:e3:b9:e7:1d:81:
b9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:37:27:59:86:18:DF:4D:FA:0D:6C:BF:3B:8C:5B:87:6D:6F:02:6C
X509v3 Authority Key Identifier:
keyid:68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:95:7a:eb:26:47:83:af:83:d8:0c:2a:5b:cb:a9:23:5b:b6:
c9:cd:9b:d3:3c:db:70:7e:cf:f9:ce:03:40:3b:5b:9e:ff:5b:
97:bb:6b:21:20:53:77:19:c9:d3:22:b2:69:e0:b6:2d:84:ac:
c2:fe:41:c2:99:8a:46:7a:65:9a:6e:4c:d6:f7:3d:d2:61:4f:
e5:33:77:d3:ed:e1:2a:d5:48:07:00:45:d7:5d:4e:e9:0b:eb:
b8:82:c4:b7:06:8d:ea:35:97:c0:75:46:22:0e:de:fb:e0:99:
b9:90:8a:f5:08:04:e3:db:91:a5:33:a3:43:ca:08:91:6e:68:
89:cd:e7:e4:ac:b8:99:f0:25:1c:a1:1b:25:95:5b:9c:d0:49:
c4:fa:d7:79:4b:96:62:a5:ab:eb:a9:ee:40:c6:c2:c7:0b:a2:
fd:83:17:94:7b:9c:d9:84:c9:86:cb:20:87:7f:02:58:bb:70:
30:0b:d6:a1:03:96:9a:fb:3b:e0:20:64:30:66:15:ce:55:47:
f2:b4:ff:b0:3f:89:cb:73:00:82:17:9a:d3:f2:05:d7:26:72:
0f:c4:8d:3f:05:42:4d:88:1a:b9:9f:27:0d:0e:15:17:b6:ac:
c5:be:41:fd:e3:ad:6d:da:35:bd:67:79:59:07:7e:8b:eb:17:
b9:b3:53:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fGQAwpQuKCorG9zL2ZOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM5YTIxNzU5Nzk2ZmUzYTFkOTE5ZjliNTczN2ViNjhk
NzA4ZTQwHhcNMjUwNjI4MTcwMTExWhcNMjUwNjI5MTcwMTExWjAzMTEwLwYDVQQD
Eyg0YjM3Mjc1OTg2MThkZjRkZmEwZDZjYmYzYjhjNWI4NzZkNmYwMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinhcPFOQHCBNyBq1wd47MeSjnLFJ
tou60a4o6EGto6P7BiV6wdKRXBaTRtGhJO6fDDJ0UzzkooPTb9qmVZU/i4Ht6iGO
znS3V5FmUzyrZTObnmMnfUEzn/PnNQj2yz1RJOPDRwiRjFSXzhX7AEdJlBObNUJB
V7+5qkFH5NV9P4tNmbQP6K/Vgy0ROBnWBk7SbWdn+Yt4qYH5FkGOi1nwTDZ07JqP
hxSRvJdZy6wBHBvPCAnTJCoxMp/162Swt/OIPs+OGAYJrb9d7MdPSP4RBD7Qm/KV
h+x/+CF5lopEopaQ1O8ngVgofJMa/Vp2hNf9vran501dB/U447nnHYG5DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEs3J1mGGN9N+g1svzuMW4dtbwJsMB8GA1UdIwQY
MBaAFGhjmiF1l5b+Oh2Rn5tXN+to1wjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTct
MTNkMTY4ZDU5YjExLzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTctMTNkMTY4ZDU5YjEx
LzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZV66yZH
g6+D2AwqW8upI1u2yc2b0zzbcH7P+c4DQDtbnv9bl7trISBTdxnJ0yKyaeC2LYSs
wv5BwpmKRnplmm5M1vc90mFP5TN30+3hKtVIBwBF111O6QvruILEtwaN6jWXwHVG
Ig7e++CZuZCK9QgE49uRpTOjQ8oIkW5oic3n5Ky4mfAlHKEbJZVbnNBJxPrXeUuW
YqWr66nuQMbCxwui/YMXlHuc2YTJhssgh38CWLtwMAvWoQOWmvs74CBkMGYVzlVH
8rT/sD+Jy3MAghea0/IF1yZyD8SNPwVCTYgauZ8nDQ4VF7asxb5B/eOtbdo1vWd5
WQd+i+sXubNTnw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:16:26 2025 by rpki-client