Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: GwY01Xt1zczYZluXlyRZI0MozhHJZhzhkbf7HKnu3fg=
Subject key identifier: 25:BD:7A:FD:8B:20:BD:FA:01:38:B7:CF:9D:83:63:D3:6A:A7:97:FF
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 01987C408A1AC84F289755EE9E679B20AAFE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0D25
Signing time: Tue 05 Aug 2025 22:01:00 +0000
Manifest this update: Tue 05 Aug 2025 22:01:00 +0000
Manifest next update: Wed 06 Aug 2025 22:01:00 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: DkGkErjw9KMcxSJu8yZHIruNGACHDlSY66uoNfL6O3g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:40:8a:1a:c8:4f:28:97:55:ee:9e:67:9b:20:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Aug 5 22:01:00 2025 GMT
Not After : Aug 6 22:01:00 2025 GMT
Subject: CN=25bd7afd8b20bdfa0138b7cf9d8363d36aa797ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:8d:29:90:f5:61:b8:f1:ab:06:6b:2f:0b:
29:4c:a7:89:2a:1d:ab:c4:e7:fa:e9:c6:42:8e:76:
87:fa:97:7a:98:48:0b:d5:01:67:56:4a:7b:d0:20:
a7:ed:9f:41:d0:98:44:da:d6:f6:58:af:07:12:41:
c7:06:2b:88:2c:b4:dc:e7:6d:be:29:ef:df:be:ab:
72:df:57:1f:ba:3d:f7:0c:b6:a6:19:c8:66:fb:72:
ce:b0:3a:d8:8a:b9:a4:6e:ee:df:69:c4:01:3c:f7:
a4:fd:8f:0f:45:df:72:fc:e4:84:1a:94:95:05:a4:
8d:db:0f:fb:fa:54:f9:e2:2a:00:54:32:fe:96:d4:
42:af:5f:24:09:c2:7e:d0:e2:a8:44:2a:4d:19:53:
9a:ce:bf:e0:19:b4:22:86:85:fc:f4:b0:68:ca:91:
c0:3b:ff:22:b2:45:2e:96:90:c9:a6:18:8e:5d:73:
5a:d9:69:e7:17:36:0c:ff:b1:8d:4d:d4:71:a1:0d:
47:7c:1b:e2:12:3d:62:3c:3f:fb:0b:ea:10:01:50:
64:9e:3f:ce:08:30:0a:f7:e4:d5:b2:fa:eb:d5:bf:
5e:97:61:6e:0d:26:b5:ab:68:77:4d:3c:79:55:c3:
01:88:c8:eb:56:4d:17:d9:2b:3d:d6:0a:d7:ca:41:
f1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BD:7A:FD:8B:20:BD:FA:01:38:B7:CF:9D:83:63:D3:6A:A7:97:FF
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:bb:74:e2:fa:1e:c0:63:bc:ef:f0:dc:89:46:75:cf:dd:2b:
e0:29:51:ab:c1:5a:72:8e:3d:7c:0e:08:16:f3:7b:a7:66:23:
a8:32:94:33:72:7d:63:40:a5:09:bd:b9:15:8e:48:02:17:ba:
58:24:44:89:7b:37:33:85:39:93:e0:97:2d:48:df:64:a2:f2:
aa:fc:ee:0c:93:85:66:16:88:f8:54:d4:37:92:15:4c:d8:c3:
c5:eb:ae:40:91:55:15:83:f5:b6:9b:05:25:1a:2c:29:bc:79:
67:47:43:44:16:fc:0d:0a:10:46:31:99:0c:0a:8a:a2:f8:95:
01:45:3a:66:15:1d:91:7d:f2:12:87:46:fc:e5:c3:77:a8:51:
b2:ba:ec:c6:fa:4b:a2:bf:9b:5d:cb:7c:1c:4b:a9:d1:53:99:
54:78:8b:c7:be:31:03:10:2d:74:73:00:49:bc:11:19:aa:89:
53:3e:e8:dd:ef:7f:28:4e:9f:2d:ef:33:ab:8e:ba:7f:5c:60:
31:2d:fc:b7:8c:78:18:a8:8d:bd:43:a0:b3:d8:05:e8:66:e7:
13:f0:f7:da:69:fb:a6:6a:6e:a8:41:99:1c:14:f3:29:70:c3:
95:e6:2d:9d:50:a0:cb:71:cd:8e:ba:0d:ca:30:d6:2c:68:d1:
34:21:50:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8QIoayE8ol1XunmebIKr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUwODA1MjIwMTAwWhcNMjUwODA2MjIwMTAwWjAzMTEwLwYDVQQD
EygyNWJkN2FmZDhiMjBiZGZhMDEzOGI3Y2Y5ZDgzNjNkMzZhYTc5N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4iNKZD1YbjxqwZrLwspTKeJKh2r
xOf66cZCjnaH+pd6mEgL1QFnVkp70CCn7Z9B0JhE2tb2WK8HEkHHBiuILLTc522+
Ke/fvqty31cfuj33DLamGchm+3LOsDrYirmkbu7facQBPPek/Y8PRd9y/OSEGpSV
BaSN2w/7+lT54ioAVDL+ltRCr18kCcJ+0OKoRCpNGVOazr/gGbQihoX89LBoypHA
O/8iskUulpDJphiOXXNa2WnnFzYM/7GNTdRxoQ1HfBviEj1iPD/7C+oQAVBknj/O
CDAK9+TVsvrr1b9el2FuDSa1q2h3TTx5VcMBiMjrVk0X2Ss91grXykHxOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCW9ev2LIL36ATi3z52DY9Nqp5f/MB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGbt04voe
wGO87/DciUZ1z90r4ClRq8Faco49fA4IFvN7p2YjqDKUM3J9Y0ClCb25FY5IAhe6
WCREiXs3M4U5k+CXLUjfZKLyqvzuDJOFZhaI+FTUN5IVTNjDxeuuQJFVFYP1tpsF
JRosKbx5Z0dDRBb8DQoQRjGZDAqKoviVAUU6ZhUdkX3yEodG/OXDd6hRsrrsxvpL
or+bXct8HEup0VOZVHiLx74xAxAtdHMASbwRGaqJUz7o3e9/KE6fLe8zq466f1xg
MS38t4x4GKiNvUOgs9gF6GbnE/D32mn7pmpuqEGZHBTzKXDDleYtnVCgy3HNjroN
yjDWLGjRNCFQVA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:27:42 2025 by rpki-client