Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: 3XtfXpONJSK2gFfMdmA8TvBp5/mRlH6P3os5qq9w9No=
Subject key identifier: D7:5C:C8:B1:3D:A7:BD:65:C7:6C:9C:A0:DE:40:ED:12:E3:0D:FF:6B
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019933492CD4E1FB8704F7801CD32E7877DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 167B
Signing time: Wed 10 Sep 2025 11:00:57 +0000
Manifest this update: Wed 10 Sep 2025 11:00:57 +0000
Manifest next update: Thu 11 Sep 2025 11:00:57 +0000
Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=)
2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: FL6jV5rkmKJN/YAtZDG4YLksyYplDfRFvYQ1MD8Cbl8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:49:2c:d4:e1:fb:87:04:f7:80:1c:d3:2e:78:77:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Sep 10 11:00:57 2025 GMT
Not After : Sep 11 11:00:57 2025 GMT
Subject: CN=d75cc8b13da7bd65c76c9ca0de40ed12e30dff6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a1:27:c1:93:53:ce:5a:ad:d0:3a:3b:1c:f7:
0b:25:9e:5d:f8:ca:25:fc:e7:f3:d4:19:ce:65:28:
ad:15:6d:03:2d:81:5c:51:da:8a:10:9b:bf:95:31:
b6:94:90:ce:9a:03:ed:7d:84:99:ff:7f:5b:55:54:
f4:7e:bc:a9:4c:cf:01:4c:68:82:9f:3f:ff:94:72:
f2:41:c0:ca:8f:7f:f7:cc:fc:59:86:75:9f:58:fe:
ec:9e:8a:a0:82:21:75:c7:d3:8c:e5:47:3b:6c:0f:
d9:9c:f8:29:3d:5a:a6:9b:23:03:b8:d4:b1:8b:fc:
3c:28:d4:41:ab:1e:90:19:40:d7:4a:f5:54:9c:66:
77:25:d6:a4:b3:62:8a:98:ee:d2:96:6d:b8:4e:3f:
f3:e0:0f:81:f6:1c:d1:24:b9:a5:a1:30:59:16:f5:
a1:0b:74:94:d3:1b:ff:56:14:9a:c2:b8:00:32:a7:
ae:0e:c5:4d:1e:6a:46:95:72:97:6b:a2:74:dd:f0:
42:f0:ab:84:51:3c:19:81:fa:4b:ed:f2:7d:43:d2:
39:64:2b:51:10:ab:9e:ee:2c:04:d8:28:f8:16:4f:
2d:ed:02:f6:f4:be:cd:91:2f:c6:d9:b7:3a:86:13:
d8:a7:10:6b:2e:79:3c:51:0d:cf:02:54:00:0a:04:
31:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:5C:C8:B1:3D:A7:BD:65:C7:6C:9C:A0:DE:40:ED:12:E3:0D:FF:6B
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:bd:b0:cb:36:c5:a5:0a:94:c6:73:9d:bd:3c:95:1c:3e:e6:
34:13:24:ab:38:ac:10:26:fc:9f:29:aa:18:4b:d8:60:d0:d3:
0d:1f:64:26:c1:4c:8c:7c:e5:09:4b:95:db:04:26:40:55:f0:
0f:a5:96:8d:d3:8c:e8:35:df:83:8e:a8:1f:29:bc:a8:0b:60:
bf:0d:c1:77:02:ad:45:e3:88:ce:74:39:6d:d2:37:bb:61:93:
9a:5c:9e:ec:1b:4b:ab:e0:ea:ae:80:f2:b3:72:04:76:3e:39:
85:2a:89:b8:fe:71:e3:ca:b7:84:74:6d:04:42:c7:33:1d:ff:
17:aa:7f:9b:6e:c6:11:15:54:5e:12:74:0d:fe:fa:f0:dd:12:
7f:9b:10:d8:37:2a:b4:26:fc:82:6c:55:32:28:bf:58:18:0e:
f0:58:26:ac:2d:7a:7c:a7:9d:92:92:f9:01:cb:6e:06:03:c3:
68:95:f7:47:f1:96:20:7d:e8:5e:16:8d:3e:2b:2e:31:f2:9b:
c6:ef:de:8f:57:8f:8d:d8:cc:01:e3:45:4c:00:2f:3a:e4:83:
b4:54:5a:ed:8e:f2:c8:25:85:4e:3b:5e:0c:c5:d9:b3:c9:e0:
d1:1e:b3:90:bb:65:87:42:db:f3:d8:03:28:f2:f9:e4:49:3e:
b4:a8:70:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzSSzU4fuHBPeAHNMueHfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUwOTEwMTEwMDU3WhcNMjUwOTExMTEwMDU3WjAzMTEwLwYDVQQD
EyhkNzVjYzhiMTNkYTdiZDY1Yzc2YzljYTBkZTQwZWQxMmUzMGRmZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06EnwZNTzlqt0Do7HPcLJZ5d+Mol
/Ofz1BnOZSitFW0DLYFcUdqKEJu/lTG2lJDOmgPtfYSZ/39bVVT0frypTM8BTGiC
nz//lHLyQcDKj3/3zPxZhnWfWP7snoqggiF1x9OM5Uc7bA/ZnPgpPVqmmyMDuNSx
i/w8KNRBqx6QGUDXSvVUnGZ3Jdaks2KKmO7Slm24Tj/z4A+B9hzRJLmloTBZFvWh
C3SU0xv/VhSawrgAMqeuDsVNHmpGlXKXa6J03fBC8KuEUTwZgfpL7fJ9Q9I5ZCtR
EKue7iwE2Cj4Fk8t7QL29L7NkS/G2bc6hhPYpxBrLnk8UQ3PAlQACgQxZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdcyLE9p71lx2ycoN5A7RLjDf9rMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKr2wyzbF
pQqUxnOdvTyVHD7mNBMkqzisECb8nymqGEvYYNDTDR9kJsFMjHzlCUuV2wQmQFXw
D6WWjdOM6DXfg46oHym8qAtgvw3BdwKtReOIznQ5bdI3u2GTmlye7BtLq+DqroDy
s3IEdj45hSqJuP5x48q3hHRtBELHMx3/F6p/m27GERVUXhJ0Df768N0Sf5sQ2Dcq
tCb8gmxVMii/WBgO8FgmrC16fKedkpL5ActuBgPDaJX3R/GWIH3oXhaNPisuMfKb
xu/ej1ePjdjMAeNFTAAvOuSDtFRa7Y7yyCWFTjteDMXZs8ng0R6zkLtlh0Lb89gD
KPL55Ek+tKhwSA==
-----END CERTIFICATE-----
Generated at Wed Sep 10 20:31:43 2025 by rpki-client