Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: +Pm8Rn7+CcnwEwMg17bSUl2PAhjDOeh7Tls8SC384EU=
Subject key identifier: F9:15:6B:83:39:C9:3F:4D:1D:0F:9E:01:8A:43:58:FC:C1:2F:B1:57
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 01992255F91CA87976B4D6C4F8775E94B5F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0D7B
Signing time: Sun 07 Sep 2025 04:01:23 +0000
Manifest this update: Sun 07 Sep 2025 04:01:23 +0000
Manifest next update: Mon 08 Sep 2025 04:01:23 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: oTOSeNY3X/RUEinia22M6gE6UVYh953rS4zYsvEE4N8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:f9:1c:a8:79:76:b4:d6:c4:f8:77:5e:94:b5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Sep 7 04:01:23 2025 GMT
Not After : Sep 8 04:01:23 2025 GMT
Subject: CN=f9156b8339c93f4d1d0f9e018a4358fcc12fb157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:3f:95:9d:cf:40:3c:06:f5:5c:26:5a:b9:
3f:71:c4:87:64:db:13:a1:d1:da:a1:33:04:a0:bd:
ba:9e:8f:51:d1:7e:9b:fb:52:56:1d:fc:88:28:42:
87:89:7a:16:22:42:c6:9b:ea:4b:65:ae:a2:4e:54:
ca:36:87:e4:56:38:f7:a5:fb:a5:9d:f2:d4:16:b9:
3f:f4:ec:b7:33:b1:71:50:8f:54:d3:31:ae:b9:ac:
4c:12:18:58:99:2c:e0:be:ff:de:c8:c8:6d:78:14:
72:6c:c5:d5:4e:d5:ce:72:7a:66:ad:00:c8:e4:2b:
0b:50:b3:be:50:f3:dd:ab:f1:68:c7:9a:c8:2a:15:
60:33:1e:aa:61:84:ce:9c:99:c8:bd:67:87:6d:3f:
c0:96:6e:9d:28:cb:6c:e1:5d:5d:ef:98:bc:b3:da:
7e:86:07:9f:a3:20:0f:69:d3:db:2c:dc:68:0e:27:
90:ec:17:72:61:5b:c9:fa:d2:df:1d:df:c5:68:59:
f4:ef:2b:bb:d3:73:59:73:46:bf:03:73:03:4c:ae:
07:da:ac:86:86:e7:d6:a8:66:50:d1:95:5b:aa:c5:
44:4a:9c:2a:bb:0c:97:e3:28:c9:c4:5b:7e:77:1f:
92:ac:cf:8e:db:f5:08:9f:4c:3c:e7:05:53:aa:86:
2c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:15:6B:83:39:C9:3F:4D:1D:0F:9E:01:8A:43:58:FC:C1:2F:B1:57
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:e8:6a:c2:ae:55:35:d5:a3:12:f1:aa:fe:c0:b1:c5:b5:d9:
d3:45:62:57:24:ff:1d:c7:89:2c:e6:1a:ac:e5:7d:6d:c8:75:
83:ca:c5:31:ea:50:32:6b:bf:ab:6f:22:bb:19:9b:99:63:fb:
c8:84:1c:d3:96:08:45:0a:00:df:0e:d6:65:09:ca:af:12:e1:
65:34:1b:4d:27:07:86:55:06:bd:42:26:bf:f4:a0:be:21:9d:
a1:4e:1b:9a:95:4f:52:5a:ce:12:e2:ea:3a:5d:76:92:e6:b1:
e6:27:b2:39:a8:92:54:7e:f0:08:b7:ce:5a:b6:51:e9:4f:eb:
cd:fc:47:32:90:7c:fe:ac:ea:3e:df:06:bf:6a:70:6b:5b:57:
dd:c8:33:b0:c9:a5:48:93:5f:25:96:fa:53:1c:8f:d2:75:c4:
cf:da:78:9c:e5:24:e8:8b:03:55:10:0b:1c:31:c2:7d:14:3f:
3a:38:bf:47:32:b3:d6:ce:39:44:e8:49:d3:9f:e2:25:08:76:
2a:ee:1b:1a:a4:f9:78:25:23:78:83:0b:34:58:b5:8e:37:a5:
57:93:f2:cf:f9:75:54:ae:04:99:67:b3:5c:1b:ad:25:46:95:
03:bc:81:93:2f:a3:db:17:6d:47:82:03:29:4a:3f:b1:11:9b:
53:e3:01:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVfkcqHl2tNbE+HdelLX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUwOTA3MDQwMTIzWhcNMjUwOTA4MDQwMTIzWjAzMTEwLwYDVQQD
EyhmOTE1NmI4MzM5YzkzZjRkMWQwZjllMDE4YTQzNThmY2MxMmZiMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt84/lZ3PQDwG9VwmWrk/ccSHZNsT
odHaoTMEoL26no9R0X6b+1JWHfyIKEKHiXoWIkLGm+pLZa6iTlTKNofkVjj3pful
nfLUFrk/9Oy3M7FxUI9U0zGuuaxMEhhYmSzgvv/eyMhteBRybMXVTtXOcnpmrQDI
5CsLULO+UPPdq/Fox5rIKhVgMx6qYYTOnJnIvWeHbT/Alm6dKMts4V1d75i8s9p+
hgefoyAPadPbLNxoDieQ7BdyYVvJ+tLfHd/FaFn07yu703NZc0a/A3MDTK4H2qyG
hufWqGZQ0ZVbqsVESpwquwyX4yjJxFt+dx+SrM+O2/UIn0w85wVTqoYslwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkVa4M5yT9NHQ+eAYpDWPzBL7FXMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeOhqwq5V
NdWjEvGq/sCxxbXZ00ViVyT/HceJLOYarOV9bch1g8rFMepQMmu/q28iuxmbmWP7
yIQc05YIRQoA3w7WZQnKrxLhZTQbTScHhlUGvUImv/SgviGdoU4bmpVPUlrOEuLq
Ol12kuax5ieyOaiSVH7wCLfOWrZR6U/rzfxHMpB8/qzqPt8Gv2pwa1tX3cgzsMml
SJNfJZb6UxyP0nXEz9p4nOUk6IsDVRALHDHCfRQ/Oji/RzKz1s45ROhJ05/iJQh2
Ku4bGqT5eCUjeIMLNFi1jjelV5Pyz/l1VK4EmWezXButJUaVA7yBky+j2xdtR4ID
KUo/sRGbU+MBpA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:05:47 2025 by rpki-client