Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: SaAPIqtQa2cgaZOOgUfUlgACRWQ8iNbSoZwE4U4soKk=
Subject key identifier: 43:24:C0:1A:7D:D4:4D:8B:34:82:42:2F:42:1A:5B:02:E3:46:6F:83
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 01992D7E0F13E14135355E589888D990D810
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1683
Signing time: Tue 09 Sep 2025 08:01:00 +0000
Manifest this update: Tue 09 Sep 2025 08:01:00 +0000
Manifest next update: Wed 10 Sep 2025 08:01:00 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: s0LDZQDNUQxQiWYGbiHUGBPgK+Yv7XOigYbx7OQdhPw=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:7e:0f:13:e1:41:35:35:5e:58:98:88:d9:90:d8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Sep 9 08:01:00 2025 GMT
Not After : Sep 10 08:01:00 2025 GMT
Subject: CN=4324c01a7dd44d8b3482422f421a5b02e3466f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fa:83:7e:e8:3d:08:59:73:e5:19:fa:e2:97:
fc:70:30:89:e8:28:a1:f0:f5:46:f3:89:3c:08:65:
9a:a9:15:17:3a:9d:e9:c6:13:11:76:cb:46:8d:c2:
2a:8d:df:a1:3b:28:91:f3:c9:1b:bd:89:13:33:ec:
15:a2:cf:3e:0b:07:f2:f2:27:88:16:57:40:88:be:
9a:f2:6c:7e:b0:11:3b:78:79:e7:4b:d4:d1:e3:9a:
20:4e:6c:f9:65:fd:bd:f1:4f:9a:0b:7b:96:21:89:
45:0e:cb:67:86:0b:d7:2b:83:e7:53:4c:29:eb:b6:
88:cb:b3:6a:15:5b:80:c3:05:ba:a0:27:8a:7d:aa:
40:f9:4d:84:ed:ec:97:1d:6d:38:22:62:89:d8:20:
ca:ef:cd:09:65:4b:4c:13:87:2f:f0:59:b8:d5:d2:
c4:da:f2:fc:58:67:90:34:11:80:06:eb:16:71:f3:
c2:e7:b5:42:ce:3c:ec:ec:da:5b:56:95:39:7b:87:
8b:10:12:6f:60:5a:8d:cd:44:c4:a3:79:b4:6b:cf:
d0:d5:93:d0:71:67:83:b1:09:a1:7a:bf:01:4b:4c:
80:62:91:a2:31:64:4d:16:a8:fd:4b:76:93:03:32:
6b:bd:52:cf:ae:b1:5b:f0:60:e9:71:18:a2:69:c5:
f8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:24:C0:1A:7D:D4:4D:8B:34:82:42:2F:42:1A:5B:02:E3:46:6F:83
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:b7:da:4d:53:b1:21:bc:b3:bb:0f:fd:60:71:64:d0:a2:4f:
44:1a:7e:cf:e7:cb:26:9c:a3:9c:5a:79:4f:85:84:91:ac:65:
bc:d9:ed:ac:cb:cf:f3:c0:7e:0c:22:9c:bf:2b:1a:f7:43:c6:
d1:2a:3d:09:e3:51:72:83:fd:ed:2a:a8:81:17:4e:de:3b:5f:
dc:7a:e8:49:33:d1:f7:db:ae:a4:9a:7b:46:5f:5d:63:70:03:
87:74:43:03:ea:32:bd:25:7c:33:32:0c:03:3a:54:ec:d6:80:
4d:77:dc:41:b1:44:89:55:e7:50:fc:e8:c4:bc:0e:25:77:1f:
0f:62:20:f1:5d:b6:29:b3:d4:cd:b2:d6:8c:4e:5a:7e:65:79:
e9:78:17:ee:9a:97:52:05:de:84:a3:1d:aa:76:37:f7:0f:5a:
8b:19:17:12:3d:0f:fe:98:f0:40:bd:83:da:56:8e:ad:06:f8:
58:c6:48:17:d9:e5:db:44:52:92:fe:1b:ae:91:7b:93:2c:e3:
b5:c0:52:19:26:15:56:44:65:8d:be:15:e5:ce:60:71:77:7b:
ee:34:1e:6d:1c:6e:d2:cc:e5:11:4b:3e:2f:00:9c:d9:ab:fb:
19:59:66:04:fd:2f:f4:9b:e7:2e:79:fe:9e:80:14:13:2c:57:
47:87:d7:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZktfg8T4UE1NV5YmIjZkNgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUwOTA5MDgwMTAwWhcNMjUwOTEwMDgwMTAwWjAzMTEwLwYDVQQD
Eyg0MzI0YzAxYTdkZDQ0ZDhiMzQ4MjQyMmY0MjFhNWIwMmUzNDY2ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/qDfug9CFlz5Rn64pf8cDCJ6Cih
8PVG84k8CGWaqRUXOp3pxhMRdstGjcIqjd+hOyiR88kbvYkTM+wVos8+Cwfy8ieI
FldAiL6a8mx+sBE7eHnnS9TR45ogTmz5Zf298U+aC3uWIYlFDstnhgvXK4PnU0wp
67aIy7NqFVuAwwW6oCeKfapA+U2E7eyXHW04ImKJ2CDK780JZUtME4cv8Fm41dLE
2vL8WGeQNBGABusWcfPC57VCzjzs7NpbVpU5e4eLEBJvYFqNzUTEo3m0a8/Q1ZPQ
cWeDsQmher8BS0yAYpGiMWRNFqj9S3aTAzJrvVLPrrFb8GDpcRiiacX4owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMkwBp91E2LNIJCL0IaWwLjRm+DMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAerfaTVOx
Ibyzuw/9YHFk0KJPRBp+z+fLJpyjnFp5T4WEkaxlvNntrMvP88B+DCKcvysa90PG
0So9CeNRcoP97SqogRdO3jtf3HroSTPR99uupJp7Rl9dY3ADh3RDA+oyvSV8MzIM
AzpU7NaATXfcQbFEiVXnUPzoxLwOJXcfD2Ig8V22KbPUzbLWjE5afmV56XgX7pqX
UgXehKMdqnY39w9aixkXEj0P/pjwQL2D2laOrQb4WMZIF9nl20RSkv4brpF7kyzj
tcBSGSYVVkRljb4V5c5gcXd77jQebRxu0szlEUs+LwCc2av7GVlmBP0v9JvnLnn+
noAUEyxXR4fXhg==
-----END CERTIFICATE-----
Generated at Tue Sep 9 09:17:58 2025 by rpki-client