Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
File: 10AeAklBizV1RyaIJPYkSSXY2zk.mft (raw, json)
Hash identifier: nE/auk/Sp6VC+PTyulifuxBYeZGEJ+GVt/9+q76sGSQ=
Subject key identifier: C7:6B:48:54:CE:37:90:F4:8E:77:B7:89:DD:83:27:0F:18:58:9E:1D
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 01975948D19FF713A4623CCDCF4349E04982
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
Manifest number: 0704
Signing time: Tue 10 Jun 2025 10:00:33 +0000
Manifest this update: Tue 10 Jun 2025 10:00:33 +0000
Manifest next update: Wed 11 Jun 2025 10:00:33 +0000
Files and hashes: 1: 10AeAklBizV1RyaIJPYkSSXY2zk.crl (hash: SG1B0YeB1EOXkpAk8ai5eWUDb2xszZ0m153PmCLPNXY=)
2: Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa (hash: cgzJBvOGYHM0ug0D/FFBZa1jcNvWqnCErJy8L2Lko1U=)
3: cBlGJ5bNODNILYzK1oNt3QzAw7M.roa (hash: 7wWvEWZaVuq+kybNFqA4kbf75m0LmBkO8WIx9pDUDFw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:48:d1:9f:f7:13:a4:62:3c:cd:cf:43:49:e0:49:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Jun 10 10:00:33 2025 GMT
Not After : Jun 11 10:00:33 2025 GMT
Subject: CN=c76b4854ce3790f48e77b789dd83270f18589e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:74:73:f3:50:63:d6:3e:7d:88:b8:f6:e8:
f8:13:10:0b:a0:c1:48:11:2e:96:0a:0e:59:fe:30:
ac:85:0e:bd:8f:1f:6f:67:7d:27:d8:83:9d:42:6d:
44:94:23:85:7d:10:a0:54:9b:50:ca:24:9e:92:7d:
e8:26:aa:fc:5b:be:66:40:e5:6e:08:dc:80:19:e2:
0e:15:2a:08:8e:a6:fd:fb:fc:49:6f:f5:e9:2e:ca:
da:18:79:d9:c5:8f:3c:50:86:77:27:e5:c3:ea:15:
22:81:59:0a:1f:2b:b1:50:ca:1e:06:1f:de:31:38:
eb:ce:b5:2b:13:e0:9b:78:3f:68:8d:18:86:12:c2:
8c:b1:3e:a1:92:d1:0c:8c:cd:03:df:e7:a6:95:33:
6e:46:04:dc:d3:ad:e4:51:42:cf:d0:4f:49:f2:9b:
db:59:45:04:60:e6:3f:5a:e8:c1:77:fe:09:3b:7d:
84:36:15:29:c7:7f:1b:e2:1c:b0:32:50:ca:bf:5e:
ef:f0:49:b6:63:e2:16:50:e0:0e:c2:70:1e:03:90:
56:3f:a0:01:5d:0f:c7:e8:0c:ff:5e:8a:92:65:08:
37:e7:c4:2e:3c:27:1d:31:61:4e:74:a7:34:3e:3c:
e9:22:80:a0:7c:c8:53:4f:aa:6d:cf:7e:2d:f8:22:
88:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6B:48:54:CE:37:90:F4:8E:77:B7:89:DD:83:27:0F:18:58:9E:1D
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:68:49:e2:ba:30:ce:18:b0:4a:46:5d:d3:8d:0a:6a:01:96:
34:f2:7d:4e:af:54:c7:7c:5a:b2:ae:e5:84:aa:73:34:31:e7:
d8:f8:fc:e5:48:5f:7b:aa:b8:67:03:9f:c9:66:34:8b:15:ab:
9f:5e:53:4b:8f:b4:de:04:7a:17:aa:63:e2:5b:2c:83:5f:3b:
d3:a4:ff:a8:b2:63:dc:60:45:5b:ae:03:7f:2c:52:9f:26:61:
08:76:bd:10:e1:91:8c:ef:0b:d3:9f:55:9e:94:87:17:f0:9b:
4f:99:69:cb:f8:01:c7:ce:c0:63:ee:b9:bb:bc:43:d6:ce:00:
1b:b9:de:3a:e2:4a:fe:91:ae:e6:2a:54:67:b7:c3:02:c1:72:
3c:c8:db:03:26:99:3a:24:24:a9:c7:75:bd:f7:25:6b:b2:ea:
0a:05:50:85:84:83:be:88:7d:10:9c:1b:7c:32:15:0e:50:19:
62:15:70:5b:e4:22:0a:27:ff:c6:46:f5:24:75:93:03:68:ad:
8a:cd:1f:b7:d0:dd:59:f8:41:f9:ae:75:bd:1e:71:66:79:c9:
da:49:b5:21:d8:c4:ee:b9:62:03:5b:d9:0e:24:f3:d2:93:7e:
c8:38:2a:e1:1b:37:9a:11:3b:cb:cf:8b:f4:20:6b:36:87:30:
db:d4:5c:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSNGf9xOkYjzNz0NJ4EmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjUwNjEwMTAwMDMzWhcNMjUwNjExMTAwMDMzWjAzMTEwLwYDVQQD
EyhjNzZiNDg1NGNlMzc5MGY0OGU3N2I3ODlkZDgzMjcwZjE4NTg5ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup10c/NQY9Y+fYi49uj4ExALoMFI
ES6WCg5Z/jCshQ69jx9vZ30n2IOdQm1ElCOFfRCgVJtQyiSekn3oJqr8W75mQOVu
CNyAGeIOFSoIjqb9+/xJb/XpLsraGHnZxY88UIZ3J+XD6hUigVkKHyuxUMoeBh/e
MTjrzrUrE+CbeD9ojRiGEsKMsT6hktEMjM0D3+emlTNuRgTc063kUULP0E9J8pvb
WUUEYOY/WujBd/4JO32ENhUpx38b4hywMlDKv17v8Em2Y+IWUOAOwnAeA5BWP6AB
XQ/H6Az/XoqSZQg358QuPCcdMWFOdKc0PjzpIoCgfMhTT6ptz34t+CKIfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMdrSFTON5D0jne3id2DJw8YWJ4dMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWhJ4row
zhiwSkZd040KagGWNPJ9Tq9Ux3xasq7lhKpzNDHn2Pj85Uhfe6q4ZwOfyWY0ixWr
n15TS4+03gR6F6pj4lssg18706T/qLJj3GBFW64DfyxSnyZhCHa9EOGRjO8L059V
npSHF/CbT5lpy/gBx87AY+65u7xD1s4AG7neOuJK/pGu5ipUZ7fDAsFyPMjbAyaZ
OiQkqcd1vfcla7LqCgVQhYSDvoh9EJwbfDIVDlAZYhVwW+QiCif/xkb1JHWTA2it
is0ft9DdWfhB+a51vR5xZnnJ2km1IdjE7rliA1vZDiTz0pN+yDgq4Rs3mhE7y8+L
9CBrNocw29RcIg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:36:15 2025 by rpki-client