Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: RfNxk7kx7Bl8wvbtbmtgMGTYWaj8RPuf6aFMOmWEwQw=
Subject key identifier: 7F:74:20:82:BE:21:26:F8:8A:EE:5B:95:8E:46:95:25:D0:68:2B:ED
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 01976929B20187A3993AAF92326E9643EED2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 1590
Signing time: Fri 13 Jun 2025 12:00:29 +0000
Manifest this update: Fri 13 Jun 2025 12:00:29 +0000
Manifest next update: Sat 14 Jun 2025 12:00:29 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: mVf29w5RfJ5SfVx5S6te/3Mb2g5yCwvI94N2cWwArW0=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:29:b2:01:87:a3:99:3a:af:92:32:6e:96:43:ee:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jun 13 12:00:29 2025 GMT
Not After : Jun 14 12:00:29 2025 GMT
Subject: CN=7f742082be2126f88aee5b958e469525d0682bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:10:6c:fb:f4:61:c2:2f:e5:61:1d:c7:20:9e:
12:7a:7a:74:aa:24:fe:d6:6e:39:c0:7c:64:cc:5d:
e3:95:bf:6a:b6:bc:88:c0:f6:30:ee:0e:8f:00:ec:
a5:0b:6e:e0:b0:c8:1c:26:2e:b7:4c:ac:16:1a:a6:
06:c2:d2:83:ba:e8:3b:e6:9c:12:96:f6:82:a9:76:
8f:69:a0:57:d3:8e:71:a4:4d:f1:f1:9d:46:03:23:
fb:d5:9c:67:73:da:99:aa:4d:8d:e1:65:ce:c0:03:
f9:2d:b9:2c:e0:97:e2:5d:bb:d4:2b:45:eb:6c:4f:
30:1d:c0:35:e0:1b:94:db:75:cc:89:c8:df:86:c1:
ed:ba:00:f7:0b:08:9d:ac:19:6e:76:de:e7:19:56:
6a:89:ab:b3:6d:c5:a4:a2:e4:49:3c:f8:a4:70:f6:
17:6e:7e:bd:75:20:11:6e:81:a7:6c:2d:16:4d:85:
84:cf:ab:ab:32:23:ef:2e:13:e2:58:37:3f:41:7b:
ab:1a:4a:b9:46:79:e8:42:6a:ad:23:b5:af:fe:2e:
28:f2:d6:a6:29:fe:f9:72:1d:53:1e:69:2e:f9:76:
9b:c7:d6:4f:83:27:f3:e7:59:8b:be:33:12:3d:46:
af:3a:9a:a7:59:38:1d:60:82:8e:12:ac:d0:5c:a7:
d1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:74:20:82:BE:21:26:F8:8A:EE:5B:95:8E:46:95:25:D0:68:2B:ED
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:d0:de:b7:67:04:fe:56:80:31:f0:86:44:ec:83:07:4c:9b:
95:7b:da:b3:39:5c:c4:c6:06:32:62:e3:20:bb:41:42:74:f4:
75:fe:b0:d4:d5:66:f3:af:d4:da:52:8b:ee:48:08:b7:46:63:
95:14:e3:1d:b9:67:20:3d:11:a6:39:bd:99:ff:ce:42:05:3e:
a7:f7:0d:7e:9f:35:0c:06:2d:bb:3a:3b:e1:9a:b5:6a:85:13:
23:31:c1:42:f0:94:d6:da:1e:4d:4a:c9:e2:95:cc:15:2d:6e:
9e:29:de:d5:a7:2a:f2:14:47:0e:95:7d:dc:13:b9:5a:2d:92:
64:08:30:47:38:38:b5:fa:a8:ef:38:06:ac:33:ae:b8:ef:9f:
de:39:c5:4e:63:63:fb:34:3d:a5:a6:77:58:3a:e5:78:fe:4f:
05:31:ce:ec:63:da:15:dd:16:43:92:4b:d1:cc:94:a4:f0:8e:
24:80:f5:af:f4:79:4b:c0:39:63:89:32:c5:3f:7f:93:2e:69:
00:59:41:b5:f1:52:2a:54:f5:6c:31:5b:79:90:cb:d5:58:99:
2a:7e:bc:23:0a:8f:1b:e0:a4:81:42:47:13:0d:63:9e:12:f6:
95:87:c6:e0:93:8e:b8:35:3c:2a:4f:93:b1:55:f1:8d:75:e4:
ff:1b:77:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKbIBh6OZOq+SMm6WQ+7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwNjEzMTIwMDI5WhcNMjUwNjE0MTIwMDI5WjAzMTEwLwYDVQQD
Eyg3Zjc0MjA4MmJlMjEyNmY4OGFlZTViOTU4ZTQ2OTUyNWQwNjgyYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxBs+/Rhwi/lYR3HIJ4Senp0qiT+
1m45wHxkzF3jlb9qtryIwPYw7g6PAOylC27gsMgcJi63TKwWGqYGwtKDuug75pwS
lvaCqXaPaaBX045xpE3x8Z1GAyP71Zxnc9qZqk2N4WXOwAP5Lbks4JfiXbvUK0Xr
bE8wHcA14BuU23XMicjfhsHtugD3CwidrBludt7nGVZqiauzbcWkouRJPPikcPYX
bn69dSARboGnbC0WTYWEz6urMiPvLhPiWDc/QXurGkq5RnnoQmqtI7Wv/i4o8tam
Kf75ch1THmku+Xabx9ZPgyfz51mLvjMSPUavOpqnWTgdYIKOEqzQXKfRuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH90IIK+ISb4iu5blY5GlSXQaCvtMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP9Det2cE
/laAMfCGROyDB0yblXvaszlcxMYGMmLjILtBQnT0df6w1NVm86/U2lKL7kgIt0Zj
lRTjHblnID0Rpjm9mf/OQgU+p/cNfp81DAYtuzo74Zq1aoUTIzHBQvCU1toeTUrJ
4pXMFS1unine1acq8hRHDpV93BO5Wi2SZAgwRzg4tfqo7zgGrDOuuO+f3jnFTmNj
+zQ9paZ3WDrleP5PBTHO7GPaFd0WQ5JL0cyUpPCOJID1r/R5S8A5Y4kyxT9/ky5p
AFlBtfFSKlT1bDFbeZDL1ViZKn68IwqPG+CkgUJHEw1jnhL2lYfG4JOOuDU8Kk+T
sVXxjXXk/xt3dA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 19:24:49 2025 by rpki-client