Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
File: aGOaIXWXlv46HZGfm1c362jXCOQ.mft (raw, json)
Hash identifier: X7NRA5ceqxGNtJn8f3Jyc7z9wMqPJZDJcdmZNGyuGV4=
Subject key identifier: FF:BE:31:BA:DA:1A:F8:71:96:CE:96:74:67:FC:6A:A2:98:5B:FF:AB
Authority key identifier: 68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
Certificate issuer: /CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Certificate serial: 0198D54DC545B0278099AC2E3BFB6252B7E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
Manifest number: 1393
Signing time: Sat 23 Aug 2025 05:01:40 +0000
Manifest this update: Sat 23 Aug 2025 05:01:40 +0000
Manifest next update: Sun 24 Aug 2025 05:01:40 +0000
Files and hashes: 1: HaUn7tg_GQoLwUeKln7B89E1Zus.roa (hash: UBP04zlDEuw8zGqO58s8vILU4LoszVd4p1cFKyVRANw=)
2: Vaj_SKghwhMr5GkrNo3CpxB4bEs.roa (hash: 2ufypWC+H0u1FT85vML3Y3XXLbc7QafpFQUC4EhAO8E=)
3: aGOaIXWXlv46HZGfm1c362jXCOQ.crl (hash: 47c7DH/pfS77wVTRp6iI1F/ibVuB+9C95cUa3LjIwtQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4d:c5:45:b0:27:80:99:ac:2e:3b:fb:62:52:b7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Validity
Not Before: Aug 23 05:01:40 2025 GMT
Not After : Aug 24 05:01:40 2025 GMT
Subject: CN=ffbe31bada1af87196ce967467fc6aa2985bffab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:97:f3:0c:90:76:41:92:f8:18:f0:59:5e:cd:
9a:bc:70:9c:c3:75:16:29:bb:e8:fd:b4:d9:5a:57:
11:b4:e9:24:d3:15:72:30:e5:8c:8f:a2:92:01:36:
a0:d3:dc:ef:08:e6:7b:62:55:f0:23:c8:63:f2:63:
41:bb:9a:3b:67:3e:3e:e3:ba:7c:cf:66:a3:8b:c6:
b8:5d:78:a9:48:d2:10:be:e4:82:97:8f:01:af:fd:
43:61:fe:e2:b8:4b:a9:4e:c5:9a:01:ab:b3:3b:b7:
8a:f4:ca:d7:e7:b5:8e:7d:96:a8:70:c1:dd:b5:9a:
84:68:e6:55:35:88:79:e3:12:ea:ba:28:5e:53:f0:
1b:9b:6a:0f:25:16:54:18:28:c9:18:4e:a1:9e:f2:
6e:6f:e8:0e:4d:b9:8f:c5:64:5a:65:94:57:96:f3:
18:a6:03:6b:6d:e8:fd:c4:ec:76:4f:b1:2a:27:89:
57:f5:22:36:7d:75:2c:b8:6e:bc:c8:94:48:48:4b:
95:f1:5e:c7:14:cc:c2:7c:3a:07:b4:13:96:2f:05:
7d:b8:d6:ac:58:94:76:d6:63:73:f3:10:78:4c:42:
10:cf:b5:21:74:f9:8b:c7:34:71:6e:a5:90:a8:d7:
0f:fe:65:cf:28:8a:32:55:4f:f2:d1:93:0c:32:77:
28:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BE:31:BA:DA:1A:F8:71:96:CE:96:74:67:FC:6A:A2:98:5B:FF:AB
X509v3 Authority Key Identifier:
keyid:68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:7d:cd:45:4d:34:b8:a7:7b:21:2a:58:fe:91:6a:b6:39:fe:
d7:37:b7:fb:be:a7:68:78:d1:7d:5d:7a:53:d5:e2:51:6c:a5:
ae:a2:65:78:8b:10:c1:f4:b0:f4:6e:08:9e:15:69:08:99:96:
6c:fa:79:2f:c0:ae:ac:58:be:9c:7e:77:5b:77:11:09:71:3b:
e1:b9:f6:43:00:d8:49:f6:da:20:32:cb:80:f1:f6:42:48:09:
ca:41:97:15:5d:8f:54:2c:92:e5:16:5d:e7:77:76:7a:61:cb:
37:d2:01:dc:50:91:6e:d0:93:c7:d9:2c:af:44:23:ed:6e:e5:
82:06:6d:27:a8:97:38:24:54:dc:5d:b0:8f:d2:72:7a:93:0f:
9d:bd:bf:7c:84:98:0a:1e:69:4c:9b:cd:6f:ef:f5:dd:18:7d:
3b:6d:35:5c:11:47:4e:2e:af:63:e8:8a:a6:ec:9f:ba:f3:e7:
b3:cb:e4:56:f9:63:0a:6a:85:7f:7e:d0:ea:f1:c4:03:fe:bd:
8d:86:ff:ef:37:41:06:65:18:f4:8e:3e:51:04:c8:74:12:be:
97:be:b1:30:9e:64:e5:ba:82:19:6f:5f:b2:42:fc:13:89:3d:
77:53:a5:f1:e4:aa:80:ff:30:d2:b9:0c:fa:6f:79:40:2c:3d:
d8:e1:7c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTcVFsCeAmawuO/tiUrfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM5YTIxNzU5Nzk2ZmUzYTFkOTE5ZjliNTczN2ViNjhk
NzA4ZTQwHhcNMjUwODIzMDUwMTQwWhcNMjUwODI0MDUwMTQwWjAzMTEwLwYDVQQD
EyhmZmJlMzFiYWRhMWFmODcxOTZjZTk2NzQ2N2ZjNmFhMjk4NWJmZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05fzDJB2QZL4GPBZXs2avHCcw3UW
Kbvo/bTZWlcRtOkk0xVyMOWMj6KSATag09zvCOZ7YlXwI8hj8mNBu5o7Zz4+47p8
z2aji8a4XXipSNIQvuSCl48Br/1DYf7iuEupTsWaAauzO7eK9MrX57WOfZaocMHd
tZqEaOZVNYh54xLquiheU/Abm2oPJRZUGCjJGE6hnvJub+gOTbmPxWRaZZRXlvMY
pgNrbej9xOx2T7EqJ4lX9SI2fXUsuG68yJRISEuV8V7HFMzCfDoHtBOWLwV9uNas
WJR21mNz8xB4TEIQz7UhdPmLxzRxbqWQqNcP/mXPKIoyVU/y0ZMMMncocwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP++MbraGvhxls6WdGf8aqKYW/+rMB8GA1UdIwQY
MBaAFGhjmiF1l5b+Oh2Rn5tXN+to1wjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTct
MTNkMTY4ZDU5YjExLzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTctMTNkMTY4ZDU5YjEx
LzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgH3NRU00
uKd7ISpY/pFqtjn+1ze3+76naHjRfV16U9XiUWylrqJleIsQwfSw9G4InhVpCJmW
bPp5L8CurFi+nH53W3cRCXE74bn2QwDYSfbaIDLLgPH2QkgJykGXFV2PVCyS5RZd
53d2emHLN9IB3FCRbtCTx9ksr0Qj7W7lggZtJ6iXOCRU3F2wj9JyepMPnb2/fISY
Ch5pTJvNb+/13Rh9O201XBFHTi6vY+iKpuyfuvPns8vkVvljCmqFf37Q6vHEA/69
jYb/7zdBBmUY9I4+UQTIdBK+l76xMJ5k5bqCGW9fskL8E4k9d1Ol8eSqgP8w0rkM
+m95QCw92OF8yQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:25:28 2025 by rpki-client