Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: g2gPrv8oCrMrCsR5I28gOQ3KaKBCMVBcVFpvq8C5vW8=
Subject key identifier: 17:36:68:E9:57:50:66:AB:21:60:8A:DD:EA:4F:9D:36:34:D5:33:1B
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019874502125123AE0DDC644EA8712B6A3CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1618
Signing time: Mon 04 Aug 2025 09:01:05 +0000
Manifest this update: Mon 04 Aug 2025 09:01:05 +0000
Manifest next update: Tue 05 Aug 2025 09:01:05 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: ZG4M1GFlgeUJ8MpIEzcHA5/lNqLleiYQ6pgBYE4+mrs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:50:21:25:12:3a:e0:dd:c6:44:ea:87:12:b6:a3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Aug 4 09:01:05 2025 GMT
Not After : Aug 5 09:01:05 2025 GMT
Subject: CN=173668e9575066ab21608addea4f9d3634d5331b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:bc:0e:33:0f:f0:c8:f0:47:5b:d5:4a:96:
ae:3d:56:1b:e5:0d:84:0c:43:74:95:b5:64:85:b6:
fb:42:fa:f8:11:6d:b8:43:23:65:7a:e2:fd:50:f8:
46:f5:f6:89:4f:62:60:9f:f6:17:aa:6a:37:37:a2:
8b:46:92:df:62:20:7b:7e:48:9f:d3:bc:d9:42:1a:
39:58:20:d6:03:2a:24:68:7d:86:47:63:d5:e1:3d:
ed:8e:ac:3c:82:23:1c:fc:2b:22:d7:b6:9e:26:7e:
fe:54:94:bb:da:86:55:82:da:e8:64:25:5a:f6:a8:
92:99:3d:e5:9c:67:59:91:9b:cf:aa:1d:09:85:77:
02:e5:4f:cd:33:be:e8:c3:f6:17:14:6a:f7:ca:49:
0d:81:ad:97:fb:6a:31:1c:e2:3d:86:c2:12:3a:b9:
d8:74:d1:b4:f0:3c:bc:13:b8:25:e2:d2:2c:1b:1b:
4e:37:ad:0b:6c:6c:6f:06:d0:6d:09:d6:de:10:a8:
c2:0e:90:a4:37:6d:8b:06:74:e1:7a:43:73:89:a3:
5f:60:98:87:54:a6:bd:a8:2f:ac:b4:29:28:e5:6c:
d8:0e:b0:fb:0b:8d:a4:7f:44:ed:78:85:3f:4b:c8:
2f:ad:07:5b:90:12:3e:c4:d4:53:d6:ba:3e:91:9e:
14:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:36:68:E9:57:50:66:AB:21:60:8A:DD:EA:4F:9D:36:34:D5:33:1B
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:79:ae:0e:bb:99:25:0f:e4:be:b1:11:67:1d:e6:ef:78:0d:
a0:4d:92:b4:0b:3a:b0:c9:3b:33:37:eb:c7:83:d4:eb:de:66:
58:d8:f0:73:d9:8a:ca:07:b6:85:21:51:8f:06:0c:33:cf:8a:
79:f2:2c:c1:fb:96:b6:6e:3d:aa:8c:f3:ee:3f:65:99:7e:c4:
52:68:f0:e8:1d:98:5e:19:5e:31:dc:1a:86:ef:64:7f:86:41:
92:1a:ec:7a:e4:55:29:b2:8a:69:7f:b7:f8:ae:99:7c:1f:40:
3d:ba:56:d8:19:4e:ef:23:63:cf:a1:80:16:40:79:70:b1:ba:
ab:d4:ea:8c:2f:b3:c0:ce:dc:fb:bf:6f:29:09:28:3a:df:69:
aa:5a:c4:98:ce:c4:48:f9:43:4b:8d:1a:56:e7:ce:d9:48:df:
cd:4c:b4:31:e3:5b:e0:cc:a1:00:50:f5:1a:ad:7a:5b:71:4a:
12:5a:90:55:c1:55:2c:98:e1:99:fe:b1:34:02:ec:59:eb:fa:
6b:40:b4:a9:1e:5c:e9:b3:8b:8f:b7:0e:7b:77:23:5e:ab:b1:
86:c5:39:6d:ea:65:ad:c5:a0:e0:c9:87:d0:fa:0f:c7:e0:46:
d4:97:19:e6:21:7d:7a:c3:34:e7:c2:5c:04:5d:a2:05:ed:01:
aa:08:aa:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UCElEjrg3cZE6ocStqPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwODA0MDkwMTA1WhcNMjUwODA1MDkwMTA1WjAzMTEwLwYDVQQD
EygxNzM2NjhlOTU3NTA2NmFiMjE2MDhhZGRlYTRmOWQzNjM0ZDUzMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5e8DjMP8MjwR1vVSpauPVYb5Q2E
DEN0lbVkhbb7Qvr4EW24QyNleuL9UPhG9faJT2Jgn/YXqmo3N6KLRpLfYiB7fkif
07zZQho5WCDWAyokaH2GR2PV4T3tjqw8giMc/Csi17aeJn7+VJS72oZVgtroZCVa
9qiSmT3lnGdZkZvPqh0JhXcC5U/NM77ow/YXFGr3ykkNga2X+2oxHOI9hsISOrnY
dNG08Dy8E7gl4tIsGxtON60LbGxvBtBtCdbeEKjCDpCkN22LBnThekNziaNfYJiH
VKa9qC+stCko5WzYDrD7C42kf0TteIU/S8gvrQdbkBI+xNRT1ro+kZ4UZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBc2aOlXUGarIWCK3epPnTY01TMbMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3muDruZ
JQ/kvrERZx3m73gNoE2StAs6sMk7Mzfrx4PU695mWNjwc9mKyge2hSFRjwYMM8+K
efIswfuWtm49qozz7j9lmX7EUmjw6B2YXhleMdwahu9kf4ZBkhrseuRVKbKKaX+3
+K6ZfB9APbpW2BlO7yNjz6GAFkB5cLG6q9TqjC+zwM7c+79vKQkoOt9pqlrEmM7E
SPlDS40aVufO2UjfzUy0MeNb4MyhAFD1Gq16W3FKElqQVcFVLJjhmf6xNALsWev6
a0C0qR5c6bOLj7cOe3cjXquxhsU5beplrcWg4MmH0PoPx+BG1JcZ5iF9esM058Jc
BF2iBe0BqgiqxA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:27:33 2025 by rpki-client