Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: aIx6up0Cc9EQ0WMe3uy7lxnC+vKOkn750LYYe+qoqkc=
Subject key identifier: 2C:8B:DF:50:A9:9B:B9:B3:4F:98:22:4E:3A:EA:3F:59:01:6A:D3:39
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019753B49965157DF0B1EC72E8707F5EB702
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 14D5
Signing time: Mon 09 Jun 2025 08:00:34 +0000
Manifest this update: Mon 09 Jun 2025 08:00:34 +0000
Manifest next update: Tue 10 Jun 2025 08:00:34 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: BqMo18vEYVf1Y4Y5u9OP8y+S8nlqIRrseePSKo012r0=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:b4:99:65:15:7d:f0:b1:ec:72:e8:70:7f:5e:b7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Jun 9 08:00:34 2025 GMT
Not After : Jun 10 08:00:34 2025 GMT
Subject: CN=2c8bdf50a99bb9b34f98224e3aea3f59016ad339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:a9:9d:a9:19:7e:30:00:aa:9e:db:a7:d4:
79:96:32:c2:9c:64:46:aa:61:48:43:bb:00:c8:7a:
d4:29:d5:fd:84:d1:90:e7:c1:45:56:00:25:1f:0c:
c6:bf:10:62:5f:68:2f:a9:9e:9d:c7:50:06:b0:b0:
20:b5:f4:ac:e2:a1:4c:cb:42:df:63:c9:23:a9:30:
98:48:f7:03:3b:a9:3a:74:48:6f:bd:2a:55:62:f3:
ff:b4:48:6b:0d:ad:79:44:b3:e9:24:f2:fc:07:1b:
55:6e:ca:c2:d9:17:85:3b:6d:41:22:d8:d2:81:b4:
f2:61:99:d3:78:e2:74:ed:6c:c4:1e:b7:fc:cd:41:
ae:1f:a1:7e:18:79:f0:8e:c3:5c:4e:fd:8c:c8:00:
7e:e9:49:e6:83:af:27:ec:bd:a7:e9:7f:92:63:61:
54:a5:86:dc:2b:2d:e8:13:77:eb:7e:99:e1:d4:2b:
c8:85:ad:33:75:8e:f3:33:e2:98:56:70:b4:9d:ad:
de:39:8b:74:cf:45:4f:09:16:2e:c2:6e:fb:cf:c3:
7e:15:6b:3d:52:c3:d3:6c:83:b9:65:a5:51:06:df:
b1:71:5f:73:40:aa:6e:52:fa:a7:5c:6d:f1:84:1e:
83:f9:ac:49:e5:d1:5c:f4:dd:f7:57:2e:9a:73:06:
e4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8B:DF:50:A9:9B:B9:B3:4F:98:22:4E:3A:EA:3F:59:01:6A:D3:39
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:b0:9c:42:e0:87:53:36:f7:2b:4a:72:f8:4a:82:41:f0:93:
cc:6a:a8:10:e1:9c:12:17:d0:b5:a2:d6:54:79:4c:a9:b0:9d:
8a:9d:d8:32:72:c1:36:02:8c:46:8f:4c:cb:31:ce:8c:fd:fb:
70:21:35:35:35:82:e0:8f:da:5e:ac:52:4b:5f:34:37:e8:d3:
08:3b:26:c8:79:2d:e1:dc:b6:88:bb:05:d4:cb:b8:95:f0:b6:
9b:c8:3b:9a:1e:70:f2:9b:3c:1c:24:bd:2a:a1:bd:62:ef:15:
2e:29:64:39:60:8b:a6:52:14:5e:55:26:40:98:85:a6:50:de:
91:9d:3f:38:cc:77:4a:36:45:c8:a8:61:c0:ec:34:bb:30:40:
13:74:f8:c4:fc:50:bc:e6:ca:a1:d7:17:a8:d4:f8:82:f6:fe:
fa:ff:86:a4:6f:4b:37:64:54:bd:0c:03:4a:90:c2:bf:08:db:
be:63:ed:1c:54:a2:18:da:50:e1:af:15:72:4a:58:7d:fe:15:
67:87:a2:9b:a4:94:0d:81:fb:0c:f1:a0:32:34:93:63:77:a9:
43:19:3a:5b:ee:1f:57:c0:ec:e1:53:c0:59:2e:52:78:29:2e:
d4:ca:01:c3:93:dc:9a:11:5d:7d:3d:dc:da:a3:92:ae:9a:39:
ee:97:aa:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtJllFX3wsexy6HB/XrcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwNjA5MDgwMDM0WhcNMjUwNjEwMDgwMDM0WjAzMTEwLwYDVQQD
EygyYzhiZGY1MGE5OWJiOWIzNGY5ODIyNGUzYWVhM2Y1OTAxNmFkMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJypnakZfjAAqp7bp9R5ljLCnGRG
qmFIQ7sAyHrUKdX9hNGQ58FFVgAlHwzGvxBiX2gvqZ6dx1AGsLAgtfSs4qFMy0Lf
Y8kjqTCYSPcDO6k6dEhvvSpVYvP/tEhrDa15RLPpJPL8BxtVbsrC2ReFO21BItjS
gbTyYZnTeOJ07WzEHrf8zUGuH6F+GHnwjsNcTv2MyAB+6Unmg68n7L2n6X+SY2FU
pYbcKy3oE3frfpnh1CvIha0zdY7zM+KYVnC0na3eOYt0z0VPCRYuwm77z8N+FWs9
UsPTbIO5ZaVRBt+xcV9zQKpuUvqnXG3xhB6D+axJ5dFc9N33Vy6acwbkJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyL31Cpm7mzT5giTjrqP1kBatM5MB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKrCcQuCH
Uzb3K0py+EqCQfCTzGqoEOGcEhfQtaLWVHlMqbCdip3YMnLBNgKMRo9MyzHOjP37
cCE1NTWC4I/aXqxSS180N+jTCDsmyHkt4dy2iLsF1Mu4lfC2m8g7mh5w8ps8HCS9
KqG9Yu8VLilkOWCLplIUXlUmQJiFplDekZ0/OMx3SjZFyKhhwOw0uzBAE3T4xPxQ
vObKodcXqNT4gvb++v+GpG9LN2RUvQwDSpDCvwjbvmPtHFSiGNpQ4a8VckpYff4V
Z4eim6SUDYH7DPGgMjSTY3epQxk6W+4fV8Ds4VPAWS5SeCku1MoBw5PcmhFdfT3c
2qOSrpo57peqrA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:28:59 2025 by rpki-client