Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: VOw7UUkL8V7Rosy/gKhV0rOPX76x9ni23crk+gpSWas=
Subject key identifier: 65:3D:DC:2A:87:CC:DE:0B:E0:89:D7:A7:D2:CD:A6:32:91:8C:F2:F4
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 01987DC0BBD36A4411AB2D8CC128A8035B6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 161D
Signing time: Wed 06 Aug 2025 05:00:39 +0000
Manifest this update: Wed 06 Aug 2025 05:00:39 +0000
Manifest next update: Thu 07 Aug 2025 05:00:39 +0000
Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=)
2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: CvXMeaKeEq6zhb0GwpqQGBgIlUd2Hl6ZkE3Znt2f24M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:c0:bb:d3:6a:44:11:ab:2d:8c:c1:28:a8:03:5b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Aug 6 05:00:39 2025 GMT
Not After : Aug 7 05:00:39 2025 GMT
Subject: CN=653ddc2a87ccde0be089d7a7d2cda632918cf2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:01:fc:6d:fd:e3:c9:e1:d8:80:44:14:47:
d8:d0:80:8f:aa:62:fb:cd:59:14:9f:e6:f5:64:9f:
7b:c7:47:cf:2c:e4:b7:d9:b8:8e:4d:66:ed:18:42:
55:6a:fa:21:7a:fc:53:99:2c:35:d1:f5:41:55:8f:
9d:b1:d0:b3:23:e1:57:64:98:99:54:86:aa:59:a3:
b1:e6:c4:56:da:23:01:32:36:09:59:0d:9c:91:f7:
bf:01:25:d5:92:21:fc:0b:65:22:e9:db:3b:a5:00:
89:ef:40:09:b3:d9:9e:58:ad:d9:1a:aa:46:ce:f4:
2b:ba:d6:c6:ab:08:08:89:33:26:21:fb:bf:62:b4:
16:18:f2:00:0f:17:f7:a0:02:25:21:4d:53:95:ca:
23:af:b6:70:2a:8a:64:87:22:26:04:7f:ac:b4:8d:
d9:b6:74:c9:7a:1e:3f:97:20:85:82:53:d0:92:23:
fb:44:6a:ea:62:2f:2d:52:bb:c2:71:e5:81:e1:85:
e0:1e:b0:00:b4:a2:45:8d:17:78:20:41:cf:4a:93:
a4:78:35:c3:79:a8:4e:37:2a:d1:a4:1b:05:16:72:
b4:2d:18:03:de:31:24:91:44:14:3f:f8:c3:7e:b6:
dc:27:61:2d:19:e0:8a:b1:1d:28:17:e0:10:ad:bf:
5b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3D:DC:2A:87:CC:DE:0B:E0:89:D7:A7:D2:CD:A6:32:91:8C:F2:F4
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:1e:2f:74:aa:b1:9e:58:d7:7c:9f:09:7c:a9:5d:90:93:1b:
4b:e7:14:d4:b0:55:61:98:d0:e2:36:ae:39:d8:b9:5d:e9:2d:
02:71:15:18:52:8f:58:93:5e:c6:90:fa:fb:ce:e1:c6:81:cb:
1f:60:e4:fd:e8:d3:e7:33:4e:19:eb:6c:6e:2c:64:3e:a2:b3:
7f:16:2f:58:7c:7f:97:67:f2:20:77:86:cb:65:b0:32:02:0e:
2e:7a:73:c0:36:5a:71:72:59:05:e0:a1:bf:96:8f:94:dd:77:
0c:de:a0:2e:a5:50:25:a4:6a:96:d9:52:f4:9a:f1:86:7f:4c:
82:15:4b:65:2d:e1:9e:29:68:1e:9e:5c:d8:ff:2a:db:2a:2c:
c2:2b:df:2a:0b:65:c9:74:74:db:37:2d:81:78:0f:32:34:4d:
64:9e:06:b6:c1:ef:99:e6:3d:61:36:5f:ca:51:67:88:b6:eb:
1f:32:84:18:1d:0b:8c:2a:e6:ba:07:2c:12:38:a8:d9:d9:68:
19:70:5d:8c:c5:35:fb:bd:40:72:e7:f6:c5:18:49:47:c8:7a:
04:dd:f4:83:39:e4:83:ef:d7:34:fb:d8:69:1d:38:31:cd:8d:
da:6b:bf:87:34:0b:4f:30:11:55:f9:32:fe:af:f2:d3:f5:f0:
58:97:86:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9wLvTakQRqy2MwSioA1tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUwODA2MDUwMDM5WhcNMjUwODA3MDUwMDM5WjAzMTEwLwYDVQQD
Eyg2NTNkZGMyYTg3Y2NkZTBiZTA4OWQ3YTdkMmNkYTYzMjkxOGNmMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgQB/G3948nh2IBEFEfY0ICPqmL7
zVkUn+b1ZJ97x0fPLOS32biOTWbtGEJVavohevxTmSw10fVBVY+dsdCzI+FXZJiZ
VIaqWaOx5sRW2iMBMjYJWQ2ckfe/ASXVkiH8C2Ui6ds7pQCJ70AJs9meWK3ZGqpG
zvQrutbGqwgIiTMmIfu/YrQWGPIADxf3oAIlIU1Tlcojr7ZwKopkhyImBH+stI3Z
tnTJeh4/lyCFglPQkiP7RGrqYi8tUrvCceWB4YXgHrAAtKJFjRd4IEHPSpOkeDXD
eahONyrRpBsFFnK0LRgD3jEkkUQUP/jDfrbcJ2EtGeCKsR0oF+AQrb9bpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGU93CqHzN4L4InXp9LNpjKRjPL0MB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYh4vdKqx
nljXfJ8JfKldkJMbS+cU1LBVYZjQ4jauOdi5XektAnEVGFKPWJNexpD6+87hxoHL
H2Dk/ejT5zNOGetsbixkPqKzfxYvWHx/l2fyIHeGy2WwMgIOLnpzwDZacXJZBeCh
v5aPlN13DN6gLqVQJaRqltlS9Jrxhn9MghVLZS3hniloHp5c2P8q2yoswivfKgtl
yXR02zctgXgPMjRNZJ4GtsHvmeY9YTZfylFniLbrHzKEGB0LjCrmugcsEjio2dlo
GXBdjMU1+71Acuf2xRhJR8h6BN30gznkg+/XNPvYaR04Mc2N2mu/hzQLTzARVfky
/q/y0/XwWJeGcg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:29:27 2025 by rpki-client