Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
File: aKfCyE_6STTPD3PvGhoaM3hzGCY.mft (raw, json)
Hash identifier: wpIgTo7eV37vXKKOSjy4U4IkUF9ykJdOCLe02XI6Hg4=
Subject key identifier: 1E:F3:FD:83:A2:64:44:DF:E1:CE:30:1D:11:16:C7:C2:A5:A0:80:DA
Authority key identifier: 68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
Certificate issuer: /CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Certificate serial: 019874F4B508846B80DA1A5C04E0B7629EF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
Manifest number: 0CFD
Signing time: Mon 04 Aug 2025 12:00:50 +0000
Manifest this update: Mon 04 Aug 2025 12:00:50 +0000
Manifest next update: Tue 05 Aug 2025 12:00:50 +0000
Files and hashes: 1: KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa (hash: oV64n7K/Nu3TxpzkL+waUqCMMUTsVFeqTi3s1yY0Zn0=)
2: aKfCyE_6STTPD3PvGhoaM3hzGCY.crl (hash: VMwKjhjqijJLFukPuv3DMKIKcuNbQFcKkMIlcZQG+Uw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:f4:b5:08:84:6b:80:da:1a:5c:04:e0:b7:62:9e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Validity
Not Before: Aug 4 12:00:50 2025 GMT
Not After : Aug 5 12:00:50 2025 GMT
Subject: CN=1ef3fd83a26444dfe1ce301d1116c7c2a5a080da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:a8:2a:d9:d7:50:d8:35:1e:1d:a1:fc:76:
a9:4f:89:97:fc:d8:ed:ba:d1:79:74:42:92:74:b0:
90:ca:df:b5:e1:9e:81:c3:96:fd:35:1a:be:8b:96:
a6:39:e2:13:32:3b:c2:2a:b1:41:73:5f:44:f4:d4:
87:94:40:26:da:49:83:95:2c:6f:2e:12:56:00:8a:
98:26:26:55:1a:d9:0f:54:07:ad:33:64:95:0b:e6:
55:43:7e:bc:3b:e5:92:80:9e:03:e1:e3:d6:bd:e7:
fd:7e:3c:3d:a2:c2:83:3d:67:1a:a0:a7:18:68:ce:
4d:42:24:6d:e1:c3:a8:82:4d:6e:9a:16:54:a4:19:
54:cb:fd:97:0b:b9:b2:bf:e9:45:da:41:28:80:cd:
5c:69:55:82:92:e1:a5:32:ee:2b:22:b2:15:8d:71:
c0:88:4f:f5:26:b9:db:3a:e1:0d:fe:20:ec:30:46:
3b:01:b0:4d:c7:7b:68:eb:28:7d:05:f2:cb:a4:ee:
28:ac:88:f0:59:fa:4c:5d:26:28:3c:54:dc:eb:93:
45:dd:6a:98:74:69:ca:79:fb:66:ca:5e:2a:d8:12:
d9:bb:a7:dc:6b:42:ad:7c:84:9a:01:4e:95:c1:da:
36:54:5b:6f:d3:7d:0b:e5:c9:95:75:52:0a:54:ce:
74:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F3:FD:83:A2:64:44:DF:E1:CE:30:1D:11:16:C7:C2:A5:A0:80:DA
X509v3 Authority Key Identifier:
keyid:68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:4f:38:61:bd:c6:f0:88:36:98:79:11:8f:71:73:9a:27:39:
c2:15:8a:85:3e:7a:7d:fd:0b:ea:98:df:a7:0f:ed:77:b4:cf:
f7:05:43:57:87:3c:f4:b7:6b:8a:b7:aa:72:82:9c:3d:d1:e7:
3f:59:5a:b6:14:eb:fa:c8:a9:ff:e7:f6:1a:fb:8d:12:e8:15:
90:b7:a6:bb:ba:65:cc:26:ec:00:fe:09:74:20:78:63:33:da:
a9:f2:14:9f:bf:a7:1a:ca:a0:fb:da:1a:4c:18:c1:b6:35:be:
67:e9:3b:e2:de:fb:49:09:36:7b:fa:25:d8:e9:78:97:0a:ba:
12:b5:65:8e:a2:21:32:60:03:ca:61:5b:e5:77:d9:2a:93:1d:
5a:90:22:ca:79:42:51:08:62:38:52:a9:26:d2:6e:90:03:7b:
86:64:4f:ee:a8:be:29:92:d2:57:70:3b:9c:f7:95:89:24:64:
63:4e:c0:0f:02:93:19:df:91:1d:e8:14:e3:9c:f0:ca:22:f8:
ac:b9:2c:6e:d0:40:14:12:4b:90:14:6d:d1:39:2a:01:6e:47:
1c:25:f1:a7:73:5c:0e:1f:27:84:0f:c2:75:04:4e:54:f6:84:
25:7e:62:26:d6:75:6c:39:ee:fa:8d:82:bd:7d:65:59:41:bf:
64:02:b0:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09LUIhGuA2hpcBOC3Yp7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTdjMmM4NGZmYTQ5MzRjZjBmNzNlZjFhMWExYTMzNzg3
MzE4MjYwHhcNMjUwODA0MTIwMDUwWhcNMjUwODA1MTIwMDUwWjAzMTEwLwYDVQQD
EygxZWYzZmQ4M2EyNjQ0NGRmZTFjZTMwMWQxMTE2YzdjMmE1YTA4MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntGoKtnXUNg1Hh2h/HapT4mX/Njt
utF5dEKSdLCQyt+14Z6Bw5b9NRq+i5amOeITMjvCKrFBc19E9NSHlEAm2kmDlSxv
LhJWAIqYJiZVGtkPVAetM2SVC+ZVQ368O+WSgJ4D4ePWvef9fjw9osKDPWcaoKcY
aM5NQiRt4cOogk1umhZUpBlUy/2XC7myv+lF2kEogM1caVWCkuGlMu4rIrIVjXHA
iE/1JrnbOuEN/iDsMEY7AbBNx3to6yh9BfLLpO4orIjwWfpMXSYoPFTc65NF3WqY
dGnKeftmyl4q2BLZu6fca0KtfISaAU6Vwdo2VFtv030L5cmVdVIKVM504QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7z/YOiZETf4c4wHREWx8KloIDaMB8GA1UdIwQY
MBaAFGinwshP+kk0zw9z7xoaGjN4cxgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjct
ZGI2ZGRiNGE0NGU1LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjctZGI2ZGRiNGE0NGU1
LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUU84Yb3G
8Ig2mHkRj3Fzmic5whWKhT56ff0L6pjfpw/td7TP9wVDV4c89LdrireqcoKcPdHn
P1lathTr+sip/+f2GvuNEugVkLemu7plzCbsAP4JdCB4YzPaqfIUn7+nGsqg+9oa
TBjBtjW+Z+k74t77SQk2e/ol2Ol4lwq6ErVljqIhMmADymFb5XfZKpMdWpAiynlC
UQhiOFKpJtJukAN7hmRP7qi+KZLSV3A7nPeViSRkY07ADwKTGd+RHegU45zwyiL4
rLksbtBAFBJLkBRt0TkqAW5HHCXxp3NcDh8nhA/CdQROVPaEJX5iJtZ1bDnu+o2C
vX1lWUG/ZAKwVw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:01 2025 by rpki-client