Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: zDO+zZ60In7Gj7vCIOU11QF9fHlzlf/ubghW8Bq+tyA=
Subject key identifier: 08:8C:80:46:3D:81:87:32:90:40:BD:05:92:48:DF:DD:32:30:1E:0B
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019771517DB7C952BD1A873E279DB3A34DC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 159D
Signing time: Sun 15 Jun 2025 02:00:55 +0000
Manifest this update: Sun 15 Jun 2025 02:00:55 +0000
Manifest next update: Mon 16 Jun 2025 02:00:55 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: duYeZD2qscgYVFWATw5fB9JCUhWDb+XkX5feX7e1Dj0=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:71:51:7d:b7:c9:52:bd:1a:87:3e:27:9d:b3:a3:4d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Jun 15 02:00:55 2025 GMT
Not After : Jun 16 02:00:55 2025 GMT
Subject: CN=088c80463d8187329040bd059248dfdd32301e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:b2:b3:a8:45:8b:8b:39:4f:4c:28:ae:20:
88:fb:b9:69:da:32:c5:1a:21:ad:04:0b:cc:2d:f7:
26:9b:7d:fb:f2:0f:b5:a5:6e:80:4c:30:2e:02:61:
1c:ec:94:fd:23:05:ce:fd:4a:0f:bd:ca:7f:e8:e4:
f8:67:c4:e9:a7:92:99:54:19:32:e4:af:37:0f:5a:
70:f0:c1:f6:93:a6:38:85:09:ed:42:54:74:09:b2:
70:cb:82:47:4e:c7:88:f7:ee:0c:4f:fb:29:8e:76:
5e:fa:1e:fe:0e:8c:c0:15:c4:00:0e:28:d5:84:3a:
b9:cd:49:6c:2b:5d:4b:c7:47:a8:0c:0c:41:08:60:
42:18:03:c6:e6:1d:b9:c7:21:2c:35:3a:ef:62:1b:
0e:71:3c:80:22:76:b8:45:40:ad:03:a0:49:58:4b:
2d:fc:ff:b9:8a:66:4a:e2:9e:81:69:b6:0a:88:4d:
e6:e2:a5:87:e0:b3:93:4d:7f:da:a1:d6:73:19:00:
3c:5f:8e:8d:e1:33:ba:f2:ae:97:46:8c:6e:7a:52:
96:d7:ba:86:c8:9e:5e:06:d4:9a:45:10:7e:72:1d:
79:e1:90:3e:0b:a2:9b:05:30:4f:b9:ca:86:2f:16:
44:9b:b0:58:6e:07:93:32:28:1a:27:16:61:32:fe:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8C:80:46:3D:81:87:32:90:40:BD:05:92:48:DF:DD:32:30:1E:0B
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:4b:ae:74:b2:60:8f:ff:ad:e8:14:c6:77:1e:b5:1a:82:22:
16:e5:25:9e:38:d9:9f:31:df:fa:3a:43:c9:f1:71:a4:b9:20:
60:57:60:d4:bf:12:1d:26:19:44:1e:42:7d:c8:2f:49:d8:e8:
7f:94:0f:d6:89:49:6a:52:56:ba:bd:88:b5:84:e3:da:0f:3d:
3b:11:95:5a:60:c6:6b:a2:2a:0e:1e:01:e9:b4:fc:3f:43:10:
18:91:30:a3:73:ca:5a:55:aa:47:4f:3b:79:e6:1b:73:d1:a9:
97:6f:fc:f8:98:42:e9:9f:b3:4d:21:b6:ea:a0:73:e6:c7:ca:
c0:50:41:b8:78:57:c0:5d:f6:f0:7c:6e:d8:4b:19:fb:fe:bd:
5e:6d:66:1e:40:09:1d:3e:a9:1b:eb:db:65:80:d3:42:b0:a1:
2e:70:b5:b7:86:44:a8:0c:bc:b3:54:55:36:17:04:03:9e:b4:
be:86:df:b3:a6:66:27:5f:aa:e2:bd:19:31:73:f7:50:2c:b6:
ae:de:51:81:c9:a6:a3:27:2e:76:59:28:99:36:2b:bd:e2:dd:
ae:f3:56:11:83:10:2c:71:e6:9b:50:e5:ed:72:59:5c:04:17:
92:61:a1:c0:ea:f3:e5:02:e3:d7:45:36:97:49:3f:a3:00:52:
45:9d:2a:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxUX23yVK9Goc+J52zo03CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUwNjE1MDIwMDU1WhcNMjUwNjE2MDIwMDU1WjAzMTEwLwYDVQQD
EygwODhjODA0NjNkODE4NzMyOTA0MGJkMDU5MjQ4ZGZkZDMyMzAxZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvguys6hFi4s5T0woriCI+7lp2jLF
GiGtBAvMLfcmm3378g+1pW6ATDAuAmEc7JT9IwXO/UoPvcp/6OT4Z8Tpp5KZVBky
5K83D1pw8MH2k6Y4hQntQlR0CbJwy4JHTseI9+4MT/spjnZe+h7+DozAFcQADijV
hDq5zUlsK11Lx0eoDAxBCGBCGAPG5h25xyEsNTrvYhsOcTyAIna4RUCtA6BJWEst
/P+5imZK4p6BabYKiE3m4qWH4LOTTX/aodZzGQA8X46N4TO68q6XRoxuelKW17qG
yJ5eBtSaRRB+ch154ZA+C6KbBTBPucqGLxZEm7BYbgeTMigaJxZhMv5JuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiMgEY9gYcykEC9BZJI390yMB4LMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0uudLJg
j/+t6BTGdx61GoIiFuUlnjjZnzHf+jpDyfFxpLkgYFdg1L8SHSYZRB5CfcgvSdjo
f5QP1olJalJWur2ItYTj2g89OxGVWmDGa6IqDh4B6bT8P0MQGJEwo3PKWlWqR087
eeYbc9Gpl2/8+JhC6Z+zTSG26qBz5sfKwFBBuHhXwF328Hxu2EsZ+/69Xm1mHkAJ
HT6pG+vbZYDTQrChLnC1t4ZEqAy8s1RVNhcEA560vobfs6ZmJ1+q4r0ZMXP3UCy2
rt5RgcmmoycudlkomTYrveLdrvNWEYMQLHHmm1Dl7XJZXAQXkmGhwOrz5QLj10U2
l0k/owBSRZ0qww==
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:02:11 2025 by rpki-client