Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: HfZxJqh6ormdp3GT+1Ohh0hTConldCg50pdoOlhbnhw=
Subject key identifier: 58:D3:F3:21:B2:D2:42:85:FA:BF:FB:91:FE:FD:2D:58:01:69:03:2C
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 01974A439EC874F77047CEC7DCCBBF541E50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 1580
Signing time: Sat 07 Jun 2025 12:00:34 +0000
Manifest this update: Sat 07 Jun 2025 12:00:34 +0000
Manifest next update: Sun 08 Jun 2025 12:00:34 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: eOHzHfvKwjt2V24WYJj5vPDvLfdXIpnYy9vmhB7LEpg=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:43:9e:c8:74:f7:70:47:ce:c7:dc:cb:bf:54:1e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jun 7 12:00:34 2025 GMT
Not After : Jun 8 12:00:34 2025 GMT
Subject: CN=58d3f321b2d24285fabffb91fefd2d580169032c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a3:43:9e:0d:c2:aa:06:eb:bb:26:46:7c:93:
a5:bf:7c:7d:ea:02:cc:66:9b:8d:f7:15:29:6b:90:
7d:a4:51:0a:00:87:cb:5f:71:48:61:bc:b8:2b:5b:
c1:f3:3a:c5:a5:dd:a1:c1:2e:6c:91:ff:ad:f5:39:
6d:da:b0:c8:f1:8b:50:08:a7:ae:28:a9:14:40:6d:
dc:ac:54:0f:4a:8f:be:7f:e1:48:9c:2f:c9:73:70:
2c:aa:49:09:92:b8:4f:3b:c8:32:6c:73:1b:70:4b:
35:53:c0:eb:e0:9e:60:65:ec:83:e1:2d:1e:4e:23:
fb:e5:65:c2:2a:67:24:ae:49:ba:47:ee:cf:f4:21:
19:31:a0:06:86:25:c7:f0:ba:28:e3:ca:f0:a0:fe:
93:e8:03:5c:d2:23:19:30:eb:84:bf:20:d5:a3:c7:
7b:d8:9d:be:cb:87:2b:26:11:ae:64:f5:65:fc:e8:
e2:3a:f6:15:3d:2e:bb:a0:84:6d:0e:59:5b:4d:a0:
ca:48:0e:bd:48:73:09:b6:af:e2:cd:a3:32:87:fc:
20:06:98:ee:62:4c:37:da:1e:d2:46:99:df:70:db:
47:06:d8:42:5c:01:bb:32:23:00:60:56:34:4b:52:
7c:df:fb:ea:d4:f3:7e:91:1b:27:60:a2:5d:3b:3c:
54:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D3:F3:21:B2:D2:42:85:FA:BF:FB:91:FE:FD:2D:58:01:69:03:2C
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:f4:47:47:7c:3d:9c:34:f3:cb:6a:4a:f1:23:0d:a0:3d:43:
30:54:29:aa:ba:15:2b:10:47:e0:51:37:cc:cd:1e:2d:cb:32:
b9:e3:11:ce:3d:04:45:81:c5:02:db:f0:71:58:2e:46:40:9a:
74:4f:bb:d0:74:d4:53:ac:ba:d5:aa:9a:f8:93:e4:20:e1:eb:
c4:c5:f0:10:76:16:ed:18:58:db:4e:82:48:8b:e7:98:43:52:
33:9f:e3:a6:fc:1b:27:7b:1a:e1:41:12:04:75:3d:36:95:b9:
ec:e9:a6:94:39:f7:12:63:2c:dc:aa:d2:94:55:09:79:41:75:
b6:41:9e:8c:99:19:92:0b:3d:6f:7f:ae:45:06:e8:1d:81:43:
d5:9d:45:9e:1d:a5:39:29:bc:5a:f2:fd:cb:99:1b:c5:19:e5:
bf:13:84:e7:cd:03:71:59:8c:ca:59:41:d3:80:f2:1c:a7:a2:
6f:43:df:b1:d9:51:c3:14:1a:af:64:7e:5d:61:5d:ac:41:ed:
31:3b:a6:2b:7e:dd:2d:17:ee:9e:68:6f:99:68:94:59:7c:0b:
70:f1:af:83:32:2b:d0:47:49:ef:f9:35:c1:0c:99:b5:1a:a5:
ae:2a:b3:1e:db:ce:48:66:ca:b2:25:cf:9b:7d:cf:b3:5d:2a:
f6:a9:f3:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKQ57IdPdwR87H3Mu/VB5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwNjA3MTIwMDM0WhcNMjUwNjA4MTIwMDM0WjAzMTEwLwYDVQQD
Eyg1OGQzZjMyMWIyZDI0Mjg1ZmFiZmZiOTFmZWZkMmQ1ODAxNjkwMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKNDng3CqgbruyZGfJOlv3x96gLM
ZpuN9xUpa5B9pFEKAIfLX3FIYby4K1vB8zrFpd2hwS5skf+t9Tlt2rDI8YtQCKeu
KKkUQG3crFQPSo++f+FInC/Jc3AsqkkJkrhPO8gybHMbcEs1U8Dr4J5gZeyD4S0e
TiP75WXCKmckrkm6R+7P9CEZMaAGhiXH8Loo48rwoP6T6ANc0iMZMOuEvyDVo8d7
2J2+y4crJhGuZPVl/OjiOvYVPS67oIRtDllbTaDKSA69SHMJtq/izaMyh/wgBpju
Ykw32h7SRpnfcNtHBthCXAG7MiMAYFY0S1J83/vq1PN+kRsnYKJdOzxUSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjT8yGy0kKF+r/7kf79LVgBaQMsMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfRHR3w9
nDTzy2pK8SMNoD1DMFQpqroVKxBH4FE3zM0eLcsyueMRzj0ERYHFAtvwcVguRkCa
dE+70HTUU6y61aqa+JPkIOHrxMXwEHYW7RhY206CSIvnmENSM5/jpvwbJ3sa4UES
BHU9NpW57OmmlDn3EmMs3KrSlFUJeUF1tkGejJkZkgs9b3+uRQboHYFD1Z1Fnh2l
OSm8WvL9y5kbxRnlvxOE580DcVmMyllB04DyHKeib0PfsdlRwxQar2R+XWFdrEHt
MTumK37dLRfunmhvmWiUWXwLcPGvgzIr0EdJ7/k1wQyZtRqlriqzHtvOSGbKsiXP
m33Ps10q9qnzWw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:25:25 2025 by rpki-client