Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: FQLA+/aiDG/M7Lz0A3+5g/ECmsKzcasJ3N6gslI8VRQ=
Subject key identifier: 63:93:72:FE:75:A6:FC:2C:40:6C:5B:2F:60:63:A9:E4:BF:C4:5D:DE
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019683C7F301DD1D717EA10999AA9B1B010C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 1517
Signing time: Tue 29 Apr 2025 23:00:41 +0000
Manifest this update: Tue 29 Apr 2025 23:00:41 +0000
Manifest next update: Wed 30 Apr 2025 23:00:41 +0000
Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=)
2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: 2/k0EMsn4LpvMUz1yNuRwraY5w1U83Gtl5/rkanVCcs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 23:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:c7:f3:01:dd:1d:71:7e:a1:09:99:aa:9b:1b:01:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Apr 29 23:00:41 2025 GMT
Not After : Apr 30 23:00:41 2025 GMT
Subject: CN=639372fe75a6fc2c406c5b2f6063a9e4bfc45dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d4:ca:0d:58:22:a0:af:31:57:b6:34:f9:b8:
40:5c:fb:0e:2e:67:37:a2:cc:92:e1:2c:c7:8d:0d:
e2:69:03:ac:c4:4d:7f:22:a3:d2:d5:9d:6f:33:9a:
59:72:da:12:cf:cb:8b:59:56:cf:7f:25:c4:0b:a5:
7d:e2:0c:93:2b:d5:a8:51:e7:b9:f9:db:09:16:1a:
9b:db:ae:5f:77:0e:a6:2b:4f:b7:dd:bd:c7:0c:d0:
aa:44:90:c3:62:93:68:b0:6f:ca:f6:7a:c3:25:39:
2e:2c:1e:1b:18:4b:37:b9:6f:6c:10:5d:d0:d3:c1:
1f:93:35:62:75:fd:40:9d:cc:36:9b:fc:12:bf:ff:
35:39:d8:c6:1e:6a:76:b0:01:03:07:ee:c8:a0:7f:
3c:b1:1a:e4:4f:8b:16:cb:ee:15:ce:f9:75:41:b8:
f1:60:d4:19:aa:71:85:72:60:2f:33:47:8d:fd:b0:
42:e1:e3:7f:5b:92:5b:03:eb:d7:bd:6d:75:05:17:
78:9e:23:cd:34:ec:60:59:71:27:a1:37:a0:42:ff:
17:b9:c1:c2:23:0d:2d:b5:f9:c5:08:da:6d:f8:48:
d6:3e:fe:d8:9f:25:08:f9:1a:68:70:9d:e7:cf:d6:
cf:3e:aa:fa:78:3e:ac:ae:1c:e9:3a:35:f7:a2:84:
96:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:93:72:FE:75:A6:FC:2C:40:6C:5B:2F:60:63:A9:E4:BF:C4:5D:DE
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:cb:c3:25:52:fe:c9:71:84:62:1c:31:d3:48:3e:d3:15:62:
6b:bf:c5:ae:c5:7b:a4:e1:74:0b:e3:39:57:8d:45:58:95:a5:
bb:eb:15:57:59:df:10:4b:9f:58:e2:2d:34:f0:2f:cf:d7:ae:
04:8c:84:0c:f2:3e:c9:8f:6e:db:50:fe:8b:c2:8d:8f:b2:32:
fe:2c:3d:ab:83:c4:f8:62:95:0b:84:47:7c:56:6e:89:c0:ee:
fa:f4:ec:34:c1:d6:10:00:e4:d3:a2:9c:f5:1f:38:ba:8f:6c:
b2:fa:f1:41:98:00:5f:ce:41:81:d1:c8:6f:8d:5a:11:b8:8a:
84:68:bb:21:3b:0e:a5:a1:ab:f3:11:ba:a2:d9:83:b9:35:fd:
70:4a:a2:f7:d7:55:67:7a:42:e3:7a:c5:53:b9:61:9b:bd:40:
ef:96:1b:96:dc:a4:83:5e:0f:26:b4:a0:52:56:53:0e:d2:e1:
5f:05:70:ac:e7:5c:b6:83:cb:2a:6b:c0:93:f5:01:ef:13:81:
7b:9b:d7:83:2f:a5:f3:fb:8b:03:2a:e6:4a:c9:79:6b:d5:30:
01:3d:9b:23:a7:96:04:38:ef:c4:a6:c9:88:a6:a9:7b:b1:4b:
6f:f2:d4:c2:3f:8c:09:a8:b9:81:39:db:73:4d:94:4e:25:16:
eb:0d:e5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDx/MB3R1xfqEJmaqbGwEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUwNDI5MjMwMDQxWhcNMjUwNDMwMjMwMDQxWjAzMTEwLwYDVQQD
Eyg2MzkzNzJmZTc1YTZmYzJjNDA2YzViMmY2MDYzYTllNGJmYzQ1ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9TKDVgioK8xV7Y0+bhAXPsOLmc3
osyS4SzHjQ3iaQOsxE1/IqPS1Z1vM5pZctoSz8uLWVbPfyXEC6V94gyTK9WoUee5
+dsJFhqb265fdw6mK0+33b3HDNCqRJDDYpNosG/K9nrDJTkuLB4bGEs3uW9sEF3Q
08EfkzVidf1Ancw2m/wSv/81OdjGHmp2sAEDB+7IoH88sRrkT4sWy+4Vzvl1Qbjx
YNQZqnGFcmAvM0eN/bBC4eN/W5JbA+vXvW11BRd4niPNNOxgWXEnoTegQv8XucHC
Iw0ttfnFCNpt+EjWPv7YnyUI+RpocJ3nz9bPPqr6eD6srhzpOjX3ooSWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOTcv51pvwsQGxbL2BjqeS/xF3eMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADsvDJVL+
yXGEYhwx00g+0xVia7/FrsV7pOF0C+M5V41FWJWlu+sVV1nfEEufWOItNPAvz9eu
BIyEDPI+yY9u21D+i8KNj7Iy/iw9q4PE+GKVC4RHfFZuicDu+vTsNMHWEADk06Kc
9R84uo9ssvrxQZgAX85BgdHIb41aEbiKhGi7ITsOpaGr8xG6otmDuTX9cEqi99dV
Z3pC43rFU7lhm71A75Ybltykg14PJrSgUlZTDtLhXwVwrOdctoPLKmvAk/UB7xOB
e5vXgy+l8/uLAyrmSsl5a9UwAT2bI6eWBDjvxKbJiKape7FLb/LUwj+MCai5gTnb
c02UTiUW6w3lhg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:27:53 2025 by rpki-client