Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: Owuu+7xIEH+RRdtnRpmXVGco+IDpiZ+qOGmK6ie5GRY=
Subject key identifier: E4:64:E1:B4:39:4E:9C:4B:09:94:3C:FF:98:5D:8B:EA:13:5B:95:3F
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 01974C324060FBE369983D5E97686DA6D6E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 02E9
Signing time: Sat 07 Jun 2025 21:00:50 +0000
Manifest this update: Sat 07 Jun 2025 21:00:50 +0000
Manifest next update: Sun 08 Jun 2025 21:00:50 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: WeNmGT5YIrIpTxyT0e65XWCm95p0rK3byyWBPja3+Es=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4c:32:40:60:fb:e3:69:98:3d:5e:97:68:6d:a6:d6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Jun 7 21:00:50 2025 GMT
Not After : Jun 8 21:00:50 2025 GMT
Subject: CN=e464e1b4394e9c4b09943cff985d8bea135b953f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:81:62:fc:23:8e:16:b4:1a:79:d5:a5:55:
c4:ae:13:85:97:cf:a0:eb:b6:c7:56:d1:1d:72:52:
0d:fc:3f:9d:b7:03:1a:f0:0a:41:14:b0:8e:06:31:
6d:49:e3:ea:ac:67:29:da:b9:20:3e:1e:e8:24:ae:
55:81:57:39:55:03:01:e8:6c:36:f9:a5:c2:bf:05:
59:6e:bf:a0:29:96:49:fe:77:ea:3a:6c:e1:10:0a:
39:1e:a3:61:29:23:85:ae:b6:f3:39:8b:e8:54:8c:
12:10:b3:54:3b:23:97:6a:29:ca:43:ca:48:50:53:
23:25:05:b4:67:59:6e:6d:e0:17:42:88:14:fa:ef:
38:41:05:e2:ef:4c:84:96:c3:bf:6f:7f:a1:2a:7d:
d4:f3:96:dd:d5:a9:dd:67:c3:9c:34:d0:23:4b:7e:
d2:a5:4c:e7:bc:4f:6f:27:c6:de:80:ea:ca:99:b6:
34:07:5c:5f:98:71:3f:93:14:f9:0a:24:24:4a:b4:
f9:0e:ac:d7:59:69:1e:fc:e5:b3:ed:88:7f:91:ba:
25:e0:e1:31:eb:c3:74:9d:29:7f:8b:ab:cf:21:ed:
6c:a7:5d:40:a1:82:f8:72:55:a3:45:4f:78:76:67:
52:62:f0:a4:3c:d7:cc:50:05:f9:fb:81:71:d7:2c:
90:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:64:E1:B4:39:4E:9C:4B:09:94:3C:FF:98:5D:8B:EA:13:5B:95:3F
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:b4:43:48:b3:2a:b4:31:51:d1:65:5d:b1:d9:04:8b:ee:93:
12:f4:75:74:b5:07:f7:d6:b7:f3:90:9f:31:3f:f7:3f:41:81:
15:d5:3b:39:d7:9c:d6:2d:98:36:ed:3c:7c:bf:1a:be:6e:fb:
d9:12:56:54:1b:87:2a:c4:93:65:82:57:17:a6:74:c4:75:4a:
ac:34:97:6a:a3:27:df:f0:a2:00:52:62:a2:16:cb:63:c8:ea:
04:52:7e:e9:80:22:07:67:a2:50:40:ae:39:c0:73:cd:a6:d9:
4e:16:47:de:4c:d8:54:be:96:69:86:40:9d:f9:db:09:19:8d:
f5:79:b9:96:62:ef:57:f8:e7:23:cd:dd:91:ca:0c:d8:84:9b:
3b:9b:76:93:cd:73:4b:e7:3a:6d:03:c7:fc:22:b8:34:0f:96:
a9:3a:d6:7d:1f:db:b0:1a:42:56:67:70:6e:b5:7b:67:b6:0c:
e5:7b:fe:52:40:04:3a:38:43:cc:91:7b:62:96:82:00:a0:1b:
a6:d9:b5:1d:8f:02:d5:19:7b:c8:ac:39:85:2d:de:7c:09:0d:
ba:48:bd:d8:9f:81:2e:76:d0:ed:e0:e0:9a:0f:0c:87:f1:ce:
09:a9:b1:c5:9a:c5:97:96:01:d9:aa:87:1d:41:d5:82:c4:d3:
56:06:70:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMkBg++NpmD1el2htptbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwNjA3MjEwMDUwWhcNMjUwNjA4MjEwMDUwWjAzMTEwLwYDVQQD
EyhlNDY0ZTFiNDM5NGU5YzRiMDk5NDNjZmY5ODVkOGJlYTEzNWI5NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBmBYvwjjha0GnnVpVXErhOFl8+g
67bHVtEdclIN/D+dtwMa8ApBFLCOBjFtSePqrGcp2rkgPh7oJK5VgVc5VQMB6Gw2
+aXCvwVZbr+gKZZJ/nfqOmzhEAo5HqNhKSOFrrbzOYvoVIwSELNUOyOXainKQ8pI
UFMjJQW0Z1lubeAXQogU+u84QQXi70yElsO/b3+hKn3U85bd1andZ8OcNNAjS37S
pUznvE9vJ8begOrKmbY0B1xfmHE/kxT5CiQkSrT5DqzXWWke/OWz7Yh/kbol4OEx
68N0nSl/i6vPIe1sp11AoYL4clWjRU94dmdSYvCkPNfMUAX5+4Fx1yyQTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORk4bQ5TpxLCZQ8/5hdi+oTW5U/MB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAirRDSLMq
tDFR0WVdsdkEi+6TEvR1dLUH99a385CfMT/3P0GBFdU7Odec1i2YNu08fL8avm77
2RJWVBuHKsSTZYJXF6Z0xHVKrDSXaqMn3/CiAFJiohbLY8jqBFJ+6YAiB2eiUECu
OcBzzabZThZH3kzYVL6WaYZAnfnbCRmN9Xm5lmLvV/jnI83dkcoM2ISbO5t2k81z
S+c6bQPH/CK4NA+WqTrWfR/bsBpCVmdwbrV7Z7YM5Xv+UkAEOjhDzJF7YpaCAKAb
ptm1HY8C1Rl7yKw5hS3efAkNuki92J+BLnbQ7eDgmg8Mh/HOCamxxZrFl5YB2aqH
HUHVgsTTVgZwBQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:09:44 2025 by rpki-client