Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: VoHqah2md1S3OJtenqSzbAIxKqdHNneOt0hVH5Om0fI=
Subject key identifier: 4A:E2:0D:52:4B:1F:67:BE:9D:AE:F8:5D:7B:15:B3:36:AD:B4:DD:93
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 019874F48ED43CDEC4AA45BB8761CAFCCBC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 12AC
Signing time: Mon 04 Aug 2025 12:00:41 +0000
Manifest this update: Mon 04 Aug 2025 12:00:41 +0000
Manifest next update: Tue 05 Aug 2025 12:00:41 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: NlTSiaIoZM2XBYzKdiUDuJW3VOlh//1eyAhpHu6pQY4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:f4:8e:d4:3c:de:c4:aa:45:bb:87:61:ca:fc:cb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Aug 4 12:00:41 2025 GMT
Not After : Aug 5 12:00:41 2025 GMT
Subject: CN=4ae20d524b1f67be9daef85d7b15b336adb4dd93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:38:4f:e7:ac:35:38:dd:2c:aa:54:6b:2c:
b4:df:60:e7:ba:f3:9c:ed:dc:70:9d:8d:19:8d:30:
75:62:93:a6:49:de:fa:b9:39:99:c2:a5:08:3f:bc:
36:0a:ef:26:26:bd:55:8e:24:74:06:be:19:c1:59:
82:ab:8b:44:d2:a7:4d:1e:13:30:84:0a:30:99:61:
aa:db:7e:c4:d5:c3:06:fb:1a:a9:39:05:8c:fa:39:
85:f4:88:d2:7c:67:f6:31:24:7c:17:c9:ea:55:35:
1f:f5:51:e9:79:d0:6d:09:20:ee:a3:8b:98:29:d4:
a9:fe:23:cf:dc:11:cc:79:db:0b:3f:f0:90:b1:e8:
4a:df:34:86:fc:88:6b:eb:0f:8e:f9:4c:cc:23:8a:
06:b6:35:5a:8a:e1:0e:09:b4:6e:b6:af:48:4f:e1:
6c:ba:5e:81:db:d2:e6:b0:1e:be:c9:e4:82:4e:93:
01:fd:e6:ea:98:7b:e3:74:12:98:28:36:d0:cd:24:
9d:fb:89:36:09:a4:ac:fb:fd:20:4b:d3:fa:ea:9f:
35:bc:f9:bb:db:13:cd:ae:09:e1:df:cf:8b:45:bc:
8f:55:2f:b5:57:66:3f:05:b7:b0:5a:39:4d:79:34:
64:a2:e8:8c:f7:ba:ec:a7:01:d4:4e:eb:95:f4:f2:
24:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E2:0D:52:4B:1F:67:BE:9D:AE:F8:5D:7B:15:B3:36:AD:B4:DD:93
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:1a:6c:b9:7f:01:20:1d:c4:66:49:be:60:d8:2f:ea:0a:bf:
9c:d5:3c:8f:a2:91:4b:13:97:fb:ad:8c:09:c0:5d:d0:2b:1d:
3f:c2:03:4c:cf:fd:4d:bd:30:46:ba:49:0b:70:9e:8c:81:11:
00:f8:b7:47:32:fd:4f:51:b1:af:c9:3d:5d:00:74:e9:50:a7:
1b:f8:9f:2d:75:b5:66:53:90:0b:24:30:50:fb:99:51:6e:ff:
59:cc:e9:d7:29:0a:49:78:7f:e3:c6:86:f3:71:e5:39:6b:a2:
8a:c8:a5:cb:84:56:a0:4a:a8:72:fc:20:04:38:e4:59:92:00:
a9:6f:98:1c:7c:e8:54:a6:03:6a:6d:a7:43:f6:18:ad:77:39:
6a:e4:0f:6f:b9:c1:67:eb:bd:45:f0:ae:6d:b4:70:01:6a:7f:
4a:a5:91:0e:f1:58:27:c0:1d:42:a5:6b:44:77:77:c3:bd:03:
f5:98:da:0d:65:de:7d:f2:6a:a7:a9:f6:db:77:db:d7:f8:29:
e2:7c:97:16:c6:82:e1:26:be:4b:2a:6a:13:4b:b6:48:6f:9f:
fa:33:d3:32:86:7f:d7:d1:26:c7:39:0f:1f:93:1d:f8:89:84:
08:ff:0d:dc:61:dc:c9:76:f3:10:7c:1b:21:b3:94:f4:54:8f:
94:05:ed:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09I7UPN7EqkW7h2HK/MvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUwODA0MTIwMDQxWhcNMjUwODA1MTIwMDQxWjAzMTEwLwYDVQQD
Eyg0YWUyMGQ1MjRiMWY2N2JlOWRhZWY4NWQ3YjE1YjMzNmFkYjRkZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNw4T+esNTjdLKpUayy032DnuvOc
7dxwnY0ZjTB1YpOmSd76uTmZwqUIP7w2Cu8mJr1VjiR0Br4ZwVmCq4tE0qdNHhMw
hAowmWGq237E1cMG+xqpOQWM+jmF9IjSfGf2MSR8F8nqVTUf9VHpedBtCSDuo4uY
KdSp/iPP3BHMedsLP/CQsehK3zSG/Ihr6w+O+UzMI4oGtjVaiuEOCbRutq9IT+Fs
ul6B29LmsB6+yeSCTpMB/ebqmHvjdBKYKDbQzSSd+4k2CaSs+/0gS9P66p81vPm7
2xPNrgnh38+LRbyPVS+1V2Y/BbewWjlNeTRkouiM97rspwHUTuuV9PIkHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEriDVJLH2e+na74XXsVszattN2TMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiRpsuX8B
IB3EZkm+YNgv6gq/nNU8j6KRSxOX+62MCcBd0CsdP8IDTM/9Tb0wRrpJC3CejIER
APi3RzL9T1Gxr8k9XQB06VCnG/ifLXW1ZlOQCyQwUPuZUW7/Wczp1ykKSXh/48aG
83HlOWuiisily4RWoEqocvwgBDjkWZIAqW+YHHzoVKYDam2nQ/YYrXc5auQPb7nB
Z+u9RfCubbRwAWp/SqWRDvFYJ8AdQqVrRHd3w70D9ZjaDWXeffJqp6n223fb1/gp
4nyXFsaC4Sa+SypqE0u2SG+f+jPTMoZ/19EmxzkPH5Md+ImECP8N3GHcyXbzEHwb
IbOU9FSPlAXtfw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:14:24 2025 by rpki-client