Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: NVoThYw4Mi6wq73sdkWMnyXVSkkRu6UB9OLiql5QmTM=
Subject key identifier: FC:F4:83:BC:93:01:50:CE:50:8B:57:46:CF:10:F0:64:38:8E:D1:57
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 01974D0DDA74907FA76E9880407B937602EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0C88
Signing time: Sun 08 Jun 2025 01:00:42 +0000
Manifest this update: Sun 08 Jun 2025 01:00:42 +0000
Manifest next update: Mon 09 Jun 2025 01:00:42 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: 6TwbF4xjjSUM3/RNhbC3Gcf9NV/wKRithvdKrmmArvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4d:0d:da:74:90:7f:a7:6e:98:80:40:7b:93:76:02:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Jun 8 01:00:42 2025 GMT
Not After : Jun 9 01:00:42 2025 GMT
Subject: CN=fcf483bc930150ce508b5746cf10f064388ed157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:b7:9e:fc:9e:bb:e1:3b:06:41:20:c7:6a:
df:4d:f2:1b:72:fa:36:14:0a:14:a1:68:e1:fc:10:
9b:36:9b:d2:27:4a:45:16:bf:f8:8f:ce:42:ce:a8:
83:50:c9:eb:36:cf:6d:74:92:bf:0d:9d:5a:3a:ed:
7e:e1:a1:d6:f9:6c:79:e0:d1:f0:70:15:7d:56:36:
0f:37:54:87:3e:7d:bf:89:6e:a8:33:66:a7:2f:3d:
35:37:16:1f:25:63:d1:46:93:c4:da:b3:b8:d2:b1:
de:e5:9b:1b:d7:32:9f:a8:99:c4:4d:04:94:e0:08:
f2:99:f9:da:51:56:a1:86:1c:e0:e4:3c:a2:ef:7a:
27:06:81:87:d0:10:a8:50:7e:45:a1:08:9b:5c:c8:
d1:c5:24:b4:5b:72:67:77:61:49:21:81:62:97:90:
0c:b2:c2:3c:c3:1f:79:d6:06:ff:c5:32:72:92:86:
af:05:48:6e:92:54:ff:c2:e0:d0:87:b4:76:74:0b:
c4:d4:49:af:33:66:38:e9:26:9a:3a:a6:42:6e:f1:
b7:6e:89:0c:89:b7:32:51:0d:e6:18:42:06:18:5f:
50:78:8f:74:16:e7:0e:3d:7e:63:b6:4c:60:98:a7:
73:48:80:50:9f:2a:a5:be:5c:d4:4f:1d:9e:8f:06:
de:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F4:83:BC:93:01:50:CE:50:8B:57:46:CF:10:F0:64:38:8E:D1:57
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:eb:18:0c:c9:fa:e5:b1:2e:89:9b:02:6e:0b:77:90:22:40:
7d:fb:1d:6a:ca:44:18:5c:c4:09:12:79:50:f2:f5:86:44:5a:
db:a9:9e:e7:f6:9d:f3:21:52:50:ca:db:f1:ed:a8:cb:26:60:
4e:12:1f:43:a7:cb:ee:24:fa:20:11:46:3b:c6:e1:3b:f1:59:
f5:d7:37:58:a4:89:49:2e:15:de:8b:ed:8f:bb:08:ce:e1:4e:
0e:fc:23:7c:1e:6f:6d:05:a5:db:94:85:30:fc:62:ee:6c:57:
66:48:94:ec:15:93:cc:79:0a:ac:85:33:2d:47:2d:71:57:f7:
82:c1:41:47:64:c6:3d:db:67:68:0e:7d:53:6c:ae:e7:6b:86:
50:30:11:90:98:3a:e7:f0:76:39:ae:23:4c:01:f7:27:86:04:
d3:15:ed:29:3a:f0:2b:a2:b0:56:89:2d:90:fb:90:61:21:ab:
f3:60:00:22:04:b3:95:9a:14:b6:7c:26:49:e4:3e:83:60:5a:
95:b6:ad:a0:1e:93:10:b2:ef:c0:5d:b7:0f:22:41:cf:be:71:
11:cb:5b:bd:80:12:66:6a:b3:e0:44:6b:b4:b5:8a:13:3d:99:
44:e7:6b:06:a8:f9:89:bc:a7:ff:15:13:aa:9d:a3:af:8d:fd:
97:61:e6:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNDdp0kH+nbpiAQHuTdgLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUwNjA4MDEwMDQyWhcNMjUwNjA5MDEwMDQyWjAzMTEwLwYDVQQD
EyhmY2Y0ODNiYzkzMDE1MGNlNTA4YjU3NDZjZjEwZjA2NDM4OGVkMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoa3nvyeu+E7BkEgx2rfTfIbcvo2
FAoUoWjh/BCbNpvSJ0pFFr/4j85CzqiDUMnrNs9tdJK/DZ1aOu1+4aHW+Wx54NHw
cBV9VjYPN1SHPn2/iW6oM2anLz01NxYfJWPRRpPE2rO40rHe5Zsb1zKfqJnETQSU
4AjymfnaUVahhhzg5Dyi73onBoGH0BCoUH5FoQibXMjRxSS0W3Jnd2FJIYFil5AM
ssI8wx951gb/xTJykoavBUhuklT/wuDQh7R2dAvE1EmvM2Y46SaaOqZCbvG3bokM
ibcyUQ3mGEIGGF9QeI90FucOPX5jtkxgmKdzSIBQnyqlvlzUTx2ejwbe5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPz0g7yTAVDOUItXRs8Q8GQ4jtFXMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKusYDMn6
5bEuiZsCbgt3kCJAffsdaspEGFzECRJ5UPL1hkRa26me5/ad8yFSUMrb8e2oyyZg
ThIfQ6fL7iT6IBFGO8bhO/FZ9dc3WKSJSS4V3ovtj7sIzuFODvwjfB5vbQWl25SF
MPxi7mxXZkiU7BWTzHkKrIUzLUctcVf3gsFBR2TGPdtnaA59U2yu52uGUDARkJg6
5/B2Oa4jTAH3J4YE0xXtKTrwK6KwVoktkPuQYSGr82AAIgSzlZoUtnwmSeQ+g2Ba
lbatoB6TELLvwF23DyJBz75xEctbvYASZmqz4ERrtLWKEz2ZROdrBqj5ibyn/xUT
qp2jr439l2HmSQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:14:33 2025 by rpki-client