Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: JHkImz8mO+dRADTGfIPmRDvlBnFGa+00JAts/eTjnXU=
Subject key identifier: 0B:D6:D2:BF:20:E1:6D:62:EB:08:8A:51:37:0B:03:2F:6F:E4:17:7F
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 019936EE88B958212C871FBAD938E4ADA489
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 03E7
Signing time: Thu 11 Sep 2025 04:00:26 +0000
Manifest this update: Thu 11 Sep 2025 04:00:26 +0000
Manifest next update: Fri 12 Sep 2025 04:00:26 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: 1x2gHVnxQSqiAZJ2kUtWYD/MZbhIQR/Vu7Poi+WekcM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:ee:88:b9:58:21:2c:87:1f:ba:d9:38:e4:ad:a4:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Sep 11 04:00:26 2025 GMT
Not After : Sep 12 04:00:26 2025 GMT
Subject: CN=0bd6d2bf20e16d62eb088a51370b032f6fe4177f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:21:b6:9e:de:8d:ea:d2:37:1a:98:af:1a:27:
d1:bd:c1:c4:d7:59:10:2c:30:9f:c0:e3:e2:b2:84:
cc:bc:20:77:b5:82:4f:45:f9:93:f3:38:fb:83:4e:
50:a8:83:0e:f4:50:0c:45:0a:13:47:f6:f6:dc:5c:
9d:d1:cd:b8:91:db:d0:c1:9f:ca:9e:dc:a2:dc:2f:
8b:52:39:36:28:24:54:53:c2:94:33:d8:ce:f1:80:
5e:43:e2:a3:e6:37:3d:0a:f1:db:3d:a3:ae:c3:27:
e4:ae:1c:4a:28:8a:0a:da:da:27:b1:fa:ae:4f:6a:
7f:12:8b:f8:83:da:28:62:26:d1:96:ac:c8:ab:d1:
2d:a5:71:a5:46:12:f5:2e:41:01:a4:8f:2a:72:69:
d5:ed:72:d5:ce:70:a1:5f:6f:ac:99:a1:a4:84:99:
7c:f5:4b:4a:9d:4d:fb:1e:78:f1:1a:81:50:4d:3a:
30:2d:bb:41:95:53:2f:de:57:ca:64:50:e8:8f:56:
25:e3:f1:a2:95:6d:44:22:1d:2c:b0:c0:a6:30:7d:
c1:55:9e:76:a3:e8:14:6e:04:c1:4a:ec:3d:9d:40:
20:66:99:8f:07:a2:78:ce:97:d5:dd:74:93:47:24:
ec:51:7f:d4:e8:95:a8:a7:fc:ee:60:b4:a8:be:f7:
72:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D6:D2:BF:20:E1:6D:62:EB:08:8A:51:37:0B:03:2F:6F:E4:17:7F
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:7c:82:fa:82:93:24:b7:c7:1a:52:32:f1:b9:5a:e3:0e:bb:
1e:b9:31:b6:db:fb:4e:1c:c7:8e:66:cf:16:f0:76:93:5e:1b:
cb:bf:7a:70:57:49:37:c2:a8:f7:6c:b9:b6:20:38:ad:67:f6:
32:8d:d1:5e:9f:0d:eb:7b:13:e7:f7:52:3e:c7:01:a5:2c:fd:
cf:0a:30:5a:07:35:df:af:78:dd:e4:17:42:47:9f:8e:4d:47:
8d:c8:95:29:76:f3:d5:11:56:e7:d3:26:34:d1:c4:8c:fb:72:
b2:89:7e:75:a1:6c:fd:5e:72:9c:a7:d9:2f:00:df:db:42:3a:
2c:c2:10:77:68:b3:8a:3b:19:79:c2:2d:27:13:e4:ba:f9:97:
d5:a6:e2:21:c1:3e:7a:aa:f0:4b:aa:7f:cb:77:37:77:34:63:
31:98:32:db:ec:52:16:ca:e0:79:d0:08:92:70:8f:8e:c5:22:
5f:98:ee:64:14:ca:47:8b:e5:37:2c:67:2f:fa:8b:db:14:72:
72:83:03:80:86:c6:fc:7d:86:24:77:f2:0d:5b:d9:a1:7a:8c:
e2:46:77:b7:1f:48:b3:2b:e0:c2:69:87:6e:7b:f1:24:29:2c:
7f:ac:c1:40:00:a0:0e:27:c2:38:56:b5:2d:ab:40:0c:db:a0:
13:8b:7c:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk27oi5WCEshx+62TjkraSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwOTExMDQwMDI2WhcNMjUwOTEyMDQwMDI2WjAzMTEwLwYDVQQD
EygwYmQ2ZDJiZjIwZTE2ZDYyZWIwODhhNTEzNzBiMDMyZjZmZTQxNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SG2nt6N6tI3GpivGifRvcHE11kQ
LDCfwOPisoTMvCB3tYJPRfmT8zj7g05QqIMO9FAMRQoTR/b23Fyd0c24kdvQwZ/K
ntyi3C+LUjk2KCRUU8KUM9jO8YBeQ+Kj5jc9CvHbPaOuwyfkrhxKKIoK2tonsfqu
T2p/Eov4g9ooYibRlqzIq9EtpXGlRhL1LkEBpI8qcmnV7XLVznChX2+smaGkhJl8
9UtKnU37HnjxGoFQTTowLbtBlVMv3lfKZFDoj1Yl4/GilW1EIh0ssMCmMH3BVZ52
o+gUbgTBSuw9nUAgZpmPB6J4zpfV3XSTRyTsUX/U6JWop/zuYLSovvdy2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvW0r8g4W1i6wiKUTcLAy9v5Bd/MB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH3yC+oKT
JLfHGlIy8bla4w67Hrkxttv7ThzHjmbPFvB2k14by796cFdJN8Ko92y5tiA4rWf2
Mo3RXp8N63sT5/dSPscBpSz9zwowWgc136943eQXQkefjk1HjciVKXbz1RFW59Mm
NNHEjPtysol+daFs/V5ynKfZLwDf20I6LMIQd2izijsZecItJxPkuvmX1abiIcE+
eqrwS6p/y3c3dzRjMZgy2+xSFsrgedAIknCPjsUiX5juZBTKR4vlNyxnL/qL2xRy
coMDgIbG/H2GJHfyDVvZoXqM4kZ3tx9IsyvgwmmHbnvxJCksf6zBQACgDifCOFa1
LatADNugE4t8LA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 10:04:13 2025 by rpki-client