Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
File: tAqlFjSW4FOna21pzcRfdQBs2N8.mft (raw, json)
Hash identifier: uVKtfDnOq3wIDANfQqWrlIUxVtIa0x8unWtHCvy5oqc=
Subject key identifier: 4C:D6:E4:02:18:BB:A7:4E:4B:F7:E1:BD:67:95:5F:3D:D8:DF:BB:13
Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Certificate serial: 0198485276EC0F83B4793C7148589A176997
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
Manifest number: 1601
Signing time: Sat 26 Jul 2025 20:00:20 +0000
Manifest this update: Sat 26 Jul 2025 20:00:20 +0000
Manifest next update: Sun 27 Jul 2025 20:00:20 +0000
Files and hashes: 1: 1-d6DUI7mmJKHILGE-ACGJbIFV40.roa (hash: WM+ispXO9qKwdYzXWtwDmpPip6PK1PIBVYZaFFY6Sl4=)
2: tAqlFjSW4FOna21pzcRfdQBs2N8.crl (hash: YF9TWFKVjXV9NdT3n1bwcRfiZw6kUmuP+1E8kqju1OE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:52:76:ec:0f:83:b4:79:3c:71:48:58:9a:17:69:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Validity
Not Before: Jul 26 20:00:20 2025 GMT
Not After : Jul 27 20:00:20 2025 GMT
Subject: CN=4cd6e40218bba74e4bf7e1bd67955f3dd8dfbb13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:51:1f:fa:bb:d6:93:46:bc:8b:50:5a:ad:
7b:0b:0a:cd:53:3f:b4:08:7a:fb:82:67:ff:76:ba:
59:5c:0d:d2:a8:a0:65:e3:5d:c7:7a:b8:64:18:58:
8d:1e:a4:b1:c5:ad:31:7f:05:91:0e:52:3d:87:99:
7a:fc:c0:50:15:f7:f4:54:89:c4:ba:82:80:7b:9e:
79:8d:a4:9f:4b:d5:6f:c1:d1:bd:b9:21:6c:e8:47:
89:2a:09:2d:59:ce:5c:af:a8:c6:fe:6e:82:ae:95:
82:3d:1b:3c:45:66:30:28:65:6f:95:2d:63:bb:d9:
df:ae:ee:79:31:c4:30:5b:3d:62:9a:e4:e1:b7:d5:
7b:71:92:0b:b3:68:e5:1a:22:80:b9:3f:d3:45:61:
20:2d:17:30:c6:ed:11:6f:4b:90:3e:ae:c9:00:73:
ee:13:c2:65:24:4e:7c:82:2a:f8:8d:f9:41:5f:85:
39:15:53:e9:b4:95:77:06:f8:b2:c5:89:13:c3:9c:
2f:5f:20:ef:45:30:5f:e4:35:35:51:45:a7:8f:a3:
ff:b9:58:8f:ba:93:88:ca:4c:ec:8c:e3:70:8a:3b:
bd:96:21:ec:03:ef:f0:a8:98:86:fb:d0:33:c2:cb:
6e:b5:73:69:e1:01:b6:00:d8:2d:5b:8b:d2:a4:93:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:E4:02:18:BB:A7:4E:4B:F7:E1:BD:67:95:5F:3D:D8:DF:BB:13
X509v3 Authority Key Identifier:
keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:91:6f:bb:08:e6:45:23:6e:cc:a8:41:9d:9d:2f:40:d7:14:
3d:45:45:41:a1:cc:73:8e:37:13:17:b1:31:d8:95:4c:d2:79:
00:1e:7c:24:9e:1c:86:28:99:20:e3:b8:de:48:43:d6:3a:16:
34:06:c4:cc:37:8c:73:ea:96:55:09:ea:21:98:3c:34:8a:3c:
6b:d7:c4:57:79:70:61:2d:ff:cb:8f:b8:43:34:aa:c4:1a:5d:
eb:5f:62:36:de:c9:58:45:c8:7e:2d:77:33:82:29:2f:4c:86:
3c:c6:80:8a:b2:28:04:e8:b4:f2:33:58:d4:82:cf:25:af:72:
1c:c3:1d:de:f3:0a:48:83:41:f6:30:a4:8c:f7:36:38:1d:aa:
3e:8c:3f:02:d2:f5:a1:99:b7:27:3a:d7:83:07:78:e9:7d:4d:
8e:6c:cb:a9:07:1a:99:f4:75:39:0e:71:60:64:4a:65:d2:dc:
c6:42:43:93:c3:75:5d:30:9c:57:5d:27:e5:00:36:c2:4e:e3:
ab:9d:f1:5f:95:ab:ca:cc:57:66:70:b2:be:81:6c:26:bd:92:
b8:0f:38:b3:37:64:8e:eb:9c:7d:c2:27:05:d1:97:49:70:37:
c5:33:82:3b:fc:d7:90:21:bf:b3:e0:7b:12:10:db:40:cb:f4:
af:19:70:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIUnbsD4O0eTxxSFiaF2mXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2
Y2Q4ZGYwHhcNMjUwNzI2MjAwMDIwWhcNMjUwNzI3MjAwMDIwWjAzMTEwLwYDVQQD
Eyg0Y2Q2ZTQwMjE4YmJhNzRlNGJmN2UxYmQ2Nzk1NWYzZGQ4ZGZiYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrJRH/q71pNGvItQWq17CwrNUz+0
CHr7gmf/drpZXA3SqKBl413HerhkGFiNHqSxxa0xfwWRDlI9h5l6/MBQFff0VInE
uoKAe555jaSfS9VvwdG9uSFs6EeJKgktWc5cr6jG/m6CrpWCPRs8RWYwKGVvlS1j
u9nfru55McQwWz1imuTht9V7cZILs2jlGiKAuT/TRWEgLRcwxu0Rb0uQPq7JAHPu
E8JlJE58gir4jflBX4U5FVPptJV3BviyxYkTw5wvXyDvRTBf5DU1UUWnj6P/uViP
upOIykzsjONwiju9liHsA+/wqJiG+9AzwstutXNp4QG2ANgtW4vSpJN+FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzW5AIYu6dOS/fhvWeVXz3Y37sTMB8GA1UdIwQY
MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt
YzcyY2JhYzI4NWY4LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4
LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJFvuwjm
RSNuzKhBnZ0vQNcUPUVFQaHMc443ExexMdiVTNJ5AB58JJ4chiiZIOO43khD1joW
NAbEzDeMc+qWVQnqIZg8NIo8a9fEV3lwYS3/y4+4QzSqxBpd619iNt7JWEXIfi13
M4IpL0yGPMaAirIoBOi08jNY1ILPJa9yHMMd3vMKSINB9jCkjPc2OB2qPow/AtL1
oZm3JzrXgwd46X1NjmzLqQcamfR1OQ5xYGRKZdLcxkJDk8N1XTCcV10n5QA2wk7j
q53xX5WrysxXZnCyvoFsJr2SuA84szdkjuucfcInBdGXSXA3xTOCO/zXkCG/s+B7
EhDbQMv0rxlwZA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:39:47 2025 by rpki-client