Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: wAkVAUXRxSbFZDOO0Y3MIdWLP90opMgF8Qbiu9EHsng=
Subject key identifier: 7A:C3:DC:E3:2E:51:DF:B2:4A:4A:ED:13:47:E0:C6:1C:61:43:71:6D
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019680C6B03F059FD4F43DF17E8ADFAE11A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1520
Signing time: Tue 29 Apr 2025 09:00:26 +0000
Manifest this update: Tue 29 Apr 2025 09:00:26 +0000
Manifest next update: Wed 30 Apr 2025 09:00:26 +0000
Files and hashes: 1: OjcVy0GD8k4hcL8TqatzrwvfKI4.roa (hash: F/NOwGH5uq3Ta1hkwK8ONz25FZMJkk1iczAs1jYB4bA=)
2: X0zgOdGzFbnbluRhuXpZjJlGcaE.roa (hash: OadwEgcvezDEMKG2XzDYD2AjQVOO23z1M1gu9Hpi6DI=)
3: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: anxw/kIvzQyAZlRS9OPWygFSwwGmL3lh9WPYi9BjNOg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 08:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:c6:b0:3f:05:9f:d4:f4:3d:f1:7e:8a:df:ae:11:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Apr 29 09:00:26 2025 GMT
Not After : Apr 30 09:00:26 2025 GMT
Subject: CN=7ac3dce32e51dfb24a4aed1347e0c61c6143716d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:66:35:a9:50:b2:de:b9:f5:22:b7:03:e9:
88:ac:f5:2a:b9:c5:bd:55:43:fe:85:89:7f:2f:36:
51:ea:87:b3:ff:03:91:42:d5:62:02:b1:57:e0:e2:
6f:5f:5d:f4:9a:02:97:2e:e5:cf:99:91:8c:01:b3:
da:05:6c:2e:ff:99:7a:2f:7d:6c:e7:85:6d:59:ab:
8a:5b:c6:12:59:fa:ef:f2:e6:b6:c8:f2:59:da:1f:
c9:c2:4c:69:a3:f4:b3:ca:e2:a9:2c:b2:7e:1e:9e:
14:19:49:16:19:0a:8f:4e:21:dd:73:d8:d5:ac:0e:
b3:6e:97:f3:9d:b2:13:09:28:56:c6:4e:2b:f2:d7:
69:73:78:f3:34:f4:93:00:85:82:0d:4b:44:34:3c:
9d:3e:b5:32:38:04:25:65:6b:bb:14:96:7f:ac:f6:
20:14:4e:6e:7c:97:9a:cf:53:df:a4:bd:28:f4:a1:
64:c2:d0:a3:b1:56:0f:90:a2:a1:1e:f8:3a:ef:6d:
ec:f0:1e:cf:4c:12:71:91:1d:bc:9a:5e:33:a5:75:
2f:d9:97:73:f2:4c:1b:12:a9:65:36:e1:0a:7d:d5:
a7:28:05:b6:40:97:6f:3f:41:50:b7:c5:88:83:64:
33:39:43:12:6d:35:ad:09:d1:d1:38:40:52:08:e0:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C3:DC:E3:2E:51:DF:B2:4A:4A:ED:13:47:E0:C6:1C:61:43:71:6D
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:46:ea:95:6d:cf:13:5b:a1:2b:9c:0b:47:af:55:67:47:f4:
c0:ed:6c:02:2e:ac:73:ad:25:32:35:c1:6c:27:f6:3a:a9:c1:
1d:db:1c:f2:28:1f:e5:7f:07:b0:5a:fe:d7:56:7a:43:a7:41:
56:cb:6d:d8:35:8c:65:41:ec:40:1c:61:9f:2a:1f:5f:2b:ac:
ad:3a:02:fe:2d:79:ef:6b:7e:ad:62:7a:11:66:7d:55:1e:77:
44:3e:96:3b:90:a7:b3:34:76:bb:02:dd:18:77:c7:c8:75:ee:
1a:bb:24:52:e4:72:fe:a5:ad:96:23:bf:5a:0d:40:2d:da:a9:
08:b6:f9:b5:af:78:3c:eb:ce:a2:f8:29:42:98:7f:29:02:a9:
9b:63:51:63:1c:30:6c:f4:e0:66:53:bf:07:6a:74:88:8e:81:
e8:94:6b:57:ce:f1:2b:e5:9b:42:9c:7b:93:44:81:84:5c:40:
02:82:84:e7:89:99:16:4b:4a:6c:06:01:7d:f9:70:f0:35:12:
67:84:65:b0:c1:58:8c:51:10:5a:ac:d6:65:fb:49:5a:c1:20:
ab:90:bc:22:6d:11:b0:9e:a9:c7:d2:05:22:28:9c:61:ed:3b:
42:38:c5:e6:a0:09:94:b9:a4:95:24:cc:59:80:53:05:8e:3c:
dd:a2:81:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxrA/BZ/U9D3xforfrhGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUwNDI5MDkwMDI2WhcNMjUwNDMwMDkwMDI2WjAzMTEwLwYDVQQD
Eyg3YWMzZGNlMzJlNTFkZmIyNGE0YWVkMTM0N2UwYzYxYzYxNDM3MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvohmNalQst659SK3A+mIrPUqucW9
VUP+hYl/LzZR6oez/wORQtViArFX4OJvX130mgKXLuXPmZGMAbPaBWwu/5l6L31s
54VtWauKW8YSWfrv8ua2yPJZ2h/Jwkxpo/SzyuKpLLJ+Hp4UGUkWGQqPTiHdc9jV
rA6zbpfznbITCShWxk4r8tdpc3jzNPSTAIWCDUtENDydPrUyOAQlZWu7FJZ/rPYg
FE5ufJeaz1PfpL0o9KFkwtCjsVYPkKKhHvg6723s8B7PTBJxkR28ml4zpXUv2Zdz
8kwbEqllNuEKfdWnKAW2QJdvP0FQt8WIg2QzOUMSbTWtCdHROEBSCODxxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrD3OMuUd+ySkrtE0fgxhxhQ3FtMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo0bqlW3P
E1uhK5wLR69VZ0f0wO1sAi6sc60lMjXBbCf2OqnBHdsc8igf5X8HsFr+11Z6Q6dB
Vstt2DWMZUHsQBxhnyofXyusrToC/i1572t+rWJ6EWZ9VR53RD6WO5CnszR2uwLd
GHfHyHXuGrskUuRy/qWtliO/Wg1ALdqpCLb5ta94POvOovgpQph/KQKpm2NRYxww
bPTgZlO/B2p0iI6B6JRrV87xK+WbQpx7k0SBhFxAAoKE54mZFktKbAYBfflw8DUS
Z4RlsMFYjFEQWqzWZftJWsEgq5C8Im0RsJ6px9IFIiicYe07QjjF5qAJlLmklSTM
WYBTBY483aKB8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:26:30 2025 by rpki-client