Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft
File: aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft (raw, json)
Hash identifier: cUzwV0w7IUJsVoeUY7uAzrMTUmh4w1d2HFSBv38pq3U=
Subject key identifier: 2B:9B:A6:34:FD:44:DB:3B:15:81:31:BB:4E:E1:FF:F0:33:35:3B:AA
Authority key identifier: 68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55
Certificate issuer: /CN=689c68a45661f90a4059bd8c29a3c967bf92e855
Certificate serial: 019922553ECEA54F5C1B0D8F9117BE98C020
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft
Manifest number: 0634
Signing time: Sun 07 Sep 2025 04:00:35 +0000
Manifest this update: Sun 07 Sep 2025 04:00:35 +0000
Manifest next update: Mon 08 Sep 2025 04:00:35 +0000
Files and hashes: 1: VftZMAe-HTAVpMfwxes2FDGztqs.roa (hash: KKajIYpdkVhXrGRISoXddoe+7uEBtFz7JC2M/TbIWjs=)
2: aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl (hash: xLkiKACjki7LFruUfg6BymCwcMQ5JFehTasEuY2549A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:3e:ce:a5:4f:5c:1b:0d:8f:91:17:be:98:c0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=689c68a45661f90a4059bd8c29a3c967bf92e855
Validity
Not Before: Sep 7 04:00:35 2025 GMT
Not After : Sep 8 04:00:35 2025 GMT
Subject: CN=2b9ba634fd44db3b158131bb4ee1fff033353baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2a:cc:89:71:a9:46:c7:d8:8d:f8:32:cf:19:
a6:1f:de:3d:0b:04:bf:a5:89:9b:e0:c3:5d:35:35:
40:6e:04:8d:49:e5:d7:36:63:93:a0:20:9d:39:8a:
47:05:32:b0:52:70:8c:36:52:99:55:61:cc:4c:8c:
23:a9:17:72:9a:be:b2:47:92:4d:c2:a9:dd:43:e3:
76:5e:a5:4a:c4:f6:18:e4:fb:66:9e:34:83:0f:50:
65:b6:56:00:28:72:b5:46:f5:68:ac:d8:e9:67:35:
cb:86:c0:0d:cf:c1:d6:fd:4e:58:1a:66:8d:ad:3f:
49:03:4f:42:45:0d:24:ee:08:ed:fc:0d:8a:78:69:
3b:4b:3f:2c:ca:e2:0b:d0:45:cf:3f:d3:fb:32:39:
df:27:32:23:6e:ac:da:fc:7b:64:59:d7:4a:f8:77:
68:55:0f:2f:a8:d2:4e:5a:fa:a4:f1:e8:75:95:26:
8b:20:ef:74:69:5e:d5:6a:38:ee:f2:c4:55:05:77:
42:79:23:d7:8a:40:c0:98:3d:26:f3:ff:b4:66:b1:
aa:3f:69:70:37:2d:7a:47:1f:14:e9:58:83:35:d4:
d7:24:1f:83:55:6f:51:2f:03:3e:34:62:65:e1:9a:
3b:50:01:9a:32:c6:d8:3f:e3:ee:20:ae:c9:c4:66:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9B:A6:34:FD:44:DB:3B:15:81:31:BB:4E:E1:FF:F0:33:35:3B:AA
X509v3 Authority Key Identifier:
keyid:68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:58:e5:83:b2:01:44:ba:27:8b:df:6c:89:dc:09:11:7e:56:
b6:ca:ef:cb:f6:fb:4b:50:3a:65:7f:07:90:f9:55:1d:82:ad:
5b:1a:f2:88:46:3a:5a:15:f0:cf:cb:e6:15:99:88:f4:7e:63:
89:14:f7:9c:c7:a7:2b:c7:44:a7:25:fb:7f:3a:12:8f:6f:d6:
de:d3:cc:7c:09:7b:96:77:5c:9b:c0:28:8a:6b:54:1b:50:ae:
8c:29:50:00:f6:a6:95:48:f3:ad:82:dd:35:0e:74:29:e5:fb:
27:eb:e8:8e:23:75:f2:36:b9:45:0f:a8:f5:27:13:d2:8a:26:
24:2d:92:12:2f:66:2f:f9:36:97:23:7b:b6:be:c3:6a:24:d9:
f1:52:d0:2b:16:36:f8:ad:ee:6c:ec:e5:19:30:b9:8f:42:5c:
ce:b8:9e:59:07:2d:08:0e:04:12:7b:b5:6a:72:2a:8b:64:db:
35:64:9f:a7:06:3b:f4:71:ce:4c:17:98:ee:ac:ae:08:11:4b:
7c:17:59:75:5b:5e:90:1a:5b:d1:0f:d8:c6:26:db:ae:ff:7f:
2a:22:0a:20:79:09:48:2c:4c:88:4a:21:27:18:8e:92:21:d3:
37:a1:86:ed:dd:6b:e0:84:6e:f1:03:99:29:be:5a:be:fa:2d:
bc:03:24:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVT7OpU9cGw2PkRe+mMAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OWM2OGE0NTY2MWY5MGE0MDU5YmQ4YzI5YTNjOTY3YmY5
MmU4NTUwHhcNMjUwOTA3MDQwMDM1WhcNMjUwOTA4MDQwMDM1WjAzMTEwLwYDVQQD
EygyYjliYTYzNGZkNDRkYjNiMTU4MTMxYmI0ZWUxZmZmMDMzMzUzYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyrMiXGpRsfYjfgyzxmmH949CwS/
pYmb4MNdNTVAbgSNSeXXNmOToCCdOYpHBTKwUnCMNlKZVWHMTIwjqRdymr6yR5JN
wqndQ+N2XqVKxPYY5PtmnjSDD1BltlYAKHK1RvVorNjpZzXLhsANz8HW/U5YGmaN
rT9JA09CRQ0k7gjt/A2KeGk7Sz8syuIL0EXPP9P7MjnfJzIjbqza/HtkWddK+Hdo
VQ8vqNJOWvqk8eh1lSaLIO90aV7Vajju8sRVBXdCeSPXikDAmD0m8/+0ZrGqP2lw
Ny16Rx8U6ViDNdTXJB+DVW9RLwM+NGJl4Zo7UAGaMsbYP+PuIK7JxGYQowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCubpjT9RNs7FYExu07h//AzNTuqMB8GA1UdIwQY
MBaAFGicaKRWYfkKQFm9jCmjyWe/kuhVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUt
YjYyMDdmNzU1MjY3LzEvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUtYjYyMDdmNzU1MjY3
LzEvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgFjlg7IB
RLoni99sidwJEX5Wtsrvy/b7S1A6ZX8HkPlVHYKtWxryiEY6WhXwz8vmFZmI9H5j
iRT3nMenK8dEpyX7fzoSj2/W3tPMfAl7lndcm8AoimtUG1CujClQAPamlUjzrYLd
NQ50KeX7J+vojiN18ja5RQ+o9ScT0oomJC2SEi9mL/k2lyN7tr7DaiTZ8VLQKxY2
+K3ubOzlGTC5j0JczrieWQctCA4EEnu1anIqi2TbNWSfpwY79HHOTBeY7qyuCBFL
fBdZdVtekBpb0Q/Yxibbrv9/KiIKIHkJSCxMiEohJxiOkiHTN6GG7d1r4IRu8QOZ
Kb5avvotvAMkpA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:54:30 2025 by rpki-client