Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: SP0uXyg2QknPGnVhRM4h2zixLSOxLplXBm9cQlhtmlA=
Subject key identifier: C2:13:C3:9A:9D:37:73:90:D1:C2:AA:28:98:53:26:0A:B2:AA:A0:CE
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019873E3C7DE020503E89E18531A70B35CC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 161A
Signing time: Mon 04 Aug 2025 07:02:44 +0000
Manifest this update: Mon 04 Aug 2025 07:02:44 +0000
Manifest next update: Tue 05 Aug 2025 07:02:44 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: MAyQhX8q1KtCwu3u1OqugC002srPuSCQvh3dE8Rg0Uo=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e3:c7:de:02:05:03:e8:9e:18:53:1a:70:b3:5c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Aug 4 07:02:44 2025 GMT
Not After : Aug 5 07:02:44 2025 GMT
Subject: CN=c213c39a9d377390d1c2aa289853260ab2aaa0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6c:35:ab:53:98:61:f1:35:05:98:3c:6b:36:
a9:3c:b6:f3:10:b1:30:4a:3a:22:73:3f:50:c9:00:
0c:eb:14:77:b7:ca:71:67:49:fb:a8:8c:40:68:76:
24:f2:55:db:78:b2:96:d6:9a:81:4f:d5:c0:05:28:
93:cb:1e:c4:d0:eb:d3:d0:e5:1f:90:9f:7f:47:6f:
c9:fb:15:8c:a8:55:7a:19:68:30:6c:41:b5:3e:cc:
39:19:f0:b4:8d:5c:5e:4e:b9:d2:e0:ad:b5:9d:b7:
c7:ee:88:30:c9:1c:a7:c3:b4:a2:71:2d:41:a4:62:
83:0e:fa:1b:59:fa:a0:b3:c7:ea:a0:80:96:fd:65:
79:f8:11:48:60:c3:3f:25:1d:23:fd:6c:50:3d:df:
a1:64:4e:b3:35:f0:7d:ca:fb:0a:29:4d:21:da:2a:
63:2c:10:7c:46:ca:ac:8b:e4:70:39:ff:6f:ca:1c:
14:be:88:a7:8f:76:61:af:f8:b6:58:76:e2:04:ee:
3e:1f:da:e5:03:c4:69:ac:d5:d3:86:94:bf:df:d2:
4a:84:af:49:f7:2a:78:d0:98:20:07:4e:1b:d6:4c:
ba:ef:c6:42:1d:0d:77:99:1b:c3:e8:54:03:cb:79:
c4:03:02:5f:15:75:77:28:00:2d:23:73:20:c0:f5:
26:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:C3:9A:9D:37:73:90:D1:C2:AA:28:98:53:26:0A:B2:AA:A0:CE
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:5f:a7:64:18:db:7e:b9:60:a3:70:f3:16:e4:c7:8b:44:a1:
38:ab:e6:4c:2c:54:3d:09:89:b9:82:0e:25:80:f3:68:1e:70:
0f:86:47:aa:67:e5:35:77:bb:e2:cf:64:c1:ce:18:d9:22:a5:
e1:a2:57:2e:9d:80:77:05:8d:42:dd:9e:8e:86:18:36:94:e5:
37:c9:19:1f:6a:be:bf:ab:65:32:59:ae:4f:f0:37:99:09:d4:
3f:ec:d9:be:a3:fc:10:f4:39:94:6e:81:33:8f:f2:36:18:2b:
be:9c:20:3f:65:77:ef:51:3f:4b:8b:e2:b9:cd:49:64:24:b9:
a8:16:25:0c:85:9b:07:c5:1c:4f:e1:54:59:06:ae:80:fb:a5:
79:6f:08:04:be:ce:cc:24:5b:6e:1b:95:27:6a:57:56:91:32:
01:cd:ca:6b:0e:4e:57:f1:c4:d5:45:7d:c3:49:09:d2:33:ee:
58:70:46:b4:87:f0:44:0c:fd:9b:db:29:a7:f4:92:86:31:84:
07:02:91:e0:3c:92:7c:67:60:05:95:7e:12:75:b0:d8:67:82:
59:c6:d0:7f:79:94:90:23:05:8c:18:37:c2:81:57:2a:60:57:
94:a6:10:88:43:48:e0:b3:be:ec:f3:e2:15:ca:49:1f:f3:e0:
8e:5a:0e:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz48feAgUD6J4YUxpws1zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwODA0MDcwMjQ0WhcNMjUwODA1MDcwMjQ0WjAzMTEwLwYDVQQD
EyhjMjEzYzM5YTlkMzc3MzkwZDFjMmFhMjg5ODUzMjYwYWIyYWFhMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12w1q1OYYfE1BZg8azapPLbzELEw
Sjoicz9QyQAM6xR3t8pxZ0n7qIxAaHYk8lXbeLKW1pqBT9XABSiTyx7E0OvT0OUf
kJ9/R2/J+xWMqFV6GWgwbEG1Psw5GfC0jVxeTrnS4K21nbfH7ogwyRynw7SicS1B
pGKDDvobWfqgs8fqoICW/WV5+BFIYMM/JR0j/WxQPd+hZE6zNfB9yvsKKU0h2ipj
LBB8Rsqsi+RwOf9vyhwUvoinj3Zhr/i2WHbiBO4+H9rlA8RprNXThpS/39JKhK9J
9yp40JggB04b1ky678ZCHQ13mRvD6FQDy3nEAwJfFXV3KAAtI3MgwPUmNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMITw5qdN3OQ0cKqKJhTJgqyqqDOMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1+nZBjb
frlgo3DzFuTHi0ShOKvmTCxUPQmJuYIOJYDzaB5wD4ZHqmflNXe74s9kwc4Y2SKl
4aJXLp2AdwWNQt2ejoYYNpTlN8kZH2q+v6tlMlmuT/A3mQnUP+zZvqP8EPQ5lG6B
M4/yNhgrvpwgP2V371E/S4viuc1JZCS5qBYlDIWbB8UcT+FUWQaugPuleW8IBL7O
zCRbbhuVJ2pXVpEyAc3Kaw5OV/HE1UV9w0kJ0jPuWHBGtIfwRAz9m9spp/SShjGE
BwKR4DySfGdgBZV+EnWw2GeCWcbQf3mUkCMFjBg3woFXKmBXlKYQiENI4LO+7PPi
FcpJH/PgjloOfA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:04:38 2025 by rpki-client