
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: QNM4Hdv81gnLSbi+mWTudAgOCp/7NSvfquRdFNkqrSw=
Subject key identifier: 23:D5:1C:E2:C3:A2:47:4C:9C:56:84:9C:9A:57:89:3B:5A:82:9F:51
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 0197597FB9107951CC3DEFF9C348F080272A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 14D8
Signing time: Tue 10 Jun 2025 11:00:32 +0000
Manifest this update: Tue 10 Jun 2025 11:00:32 +0000
Manifest next update: Wed 11 Jun 2025 11:00:32 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: XJ/f2Slrko7cXZ1k6Jsd+iKv0mOUAztjqUlV2iWUahc=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:7f:b9:10:79:51:cc:3d:ef:f9:c3:48:f0:80:27:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Jun 10 11:00:32 2025 GMT
Not After : Jun 11 11:00:32 2025 GMT
Subject: CN=23d51ce2c3a2474c9c56849c9a57893b5a829f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:d9:42:8b:02:44:20:6a:8a:60:a8:22:77:
ee:97:80:d6:c5:ff:6b:aa:c5:8d:20:8d:2a:b8:aa:
a2:31:ee:8b:cd:fd:2d:87:28:2b:42:c5:7c:28:03:
1b:db:90:1f:de:6f:6d:aa:20:b5:20:82:7e:6a:5d:
8a:fa:fc:0a:cc:30:15:1d:a2:e4:eb:29:d1:c9:46:
b6:b7:f2:31:8d:49:29:e5:93:bc:17:b1:9c:da:d0:
8b:50:a6:95:c1:50:22:a9:13:c1:8d:74:22:3b:ce:
c1:0f:f2:f1:43:0c:de:73:32:7f:6a:49:1a:04:84:
27:c7:b3:64:50:16:9c:9c:80:98:27:c0:db:62:a2:
32:29:63:60:3b:a3:0d:07:29:ab:28:40:9e:23:c7:
b2:4a:63:a7:76:b6:07:ec:d4:d5:20:d8:8d:8b:69:
27:e1:2a:a6:9f:74:ff:3e:7d:78:e4:31:e6:7a:96:
e1:11:98:e3:6c:0b:25:82:20:3f:1b:2e:11:ee:29:
a1:a8:bb:ea:db:57:75:c6:2f:38:67:db:17:50:c8:
72:7d:37:0e:22:0d:a5:63:9f:a6:43:3b:29:51:93:
de:57:70:87:45:ce:d4:73:3c:21:5c:a4:58:b9:53:
fd:95:81:2f:2c:b4:df:35:49:07:5d:22:55:67:fd:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D5:1C:E2:C3:A2:47:4C:9C:56:84:9C:9A:57:89:3B:5A:82:9F:51
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:b1:cc:8f:34:67:a0:ef:88:38:48:da:08:7c:3f:d2:71:ce:
9e:41:ca:db:81:b2:d0:0b:44:3b:3d:f2:e9:bc:c0:93:13:c3:
b8:5b:f8:3b:49:e7:1e:ad:87:2f:a8:76:48:5f:b7:6f:cf:16:
55:04:af:fa:24:83:9f:ba:d3:01:94:42:11:b3:c0:5c:04:af:
63:4d:e5:8c:27:18:63:95:c8:19:30:4c:24:4d:fb:0b:a6:6d:
b3:85:04:b8:48:25:c2:e2:4e:d2:ec:26:30:f2:37:14:58:4f:
68:31:c0:d3:16:a4:5c:61:8e:a0:a8:fe:7e:0a:c5:c1:1e:18:
8b:08:2c:3a:b5:be:b3:ec:02:00:d3:24:74:a0:62:e9:2c:6e:
55:46:85:3d:5b:d9:29:57:1f:55:59:e1:3f:ae:f3:b0:75:c2:
d9:c8:c9:8e:0e:13:c3:aa:ff:6c:d1:3c:dc:fb:d7:5b:21:a3:
63:fc:07:34:1c:90:b6:43:6d:c6:a7:68:b2:02:c9:77:ab:26:
c4:94:36:fd:60:fd:62:f4:9a:37:6b:c4:d7:5d:ee:e2:f5:3a:
9d:dc:d2:0b:9b:02:d7:b2:02:1f:4a:af:e4:e7:a5:43:d9:7f:
bb:d6:53:ce:8e:d4:ba:94:d4:b0:d3:03:05:07:ac:5c:d2:0b:
15:31:a2:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf7kQeVHMPe/5w0jwgCcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwNjEwMTEwMDMyWhcNMjUwNjExMTEwMDMyWjAzMTEwLwYDVQQD
EygyM2Q1MWNlMmMzYTI0NzRjOWM1Njg0OWM5YTU3ODkzYjVhODI5ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzrZQosCRCBqimCoInful4DWxf9r
qsWNII0quKqiMe6Lzf0thygrQsV8KAMb25Af3m9tqiC1IIJ+al2K+vwKzDAVHaLk
6ynRyUa2t/IxjUkp5ZO8F7Gc2tCLUKaVwVAiqRPBjXQiO87BD/LxQwzeczJ/akka
BIQnx7NkUBacnICYJ8DbYqIyKWNgO6MNBymrKECeI8eySmOndrYH7NTVINiNi2kn
4Sqmn3T/Pn145DHmepbhEZjjbAslgiA/Gy4R7imhqLvq21d1xi84Z9sXUMhyfTcO
Ig2lY5+mQzspUZPeV3CHRc7UczwhXKRYuVP9lYEvLLTfNUkHXSJVZ/1CxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPVHOLDokdMnFaEnJpXiTtagp9RMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLHMjzRn
oO+IOEjaCHw/0nHOnkHK24Gy0AtEOz3y6bzAkxPDuFv4O0nnHq2HL6h2SF+3b88W
VQSv+iSDn7rTAZRCEbPAXASvY03ljCcYY5XIGTBMJE37C6Zts4UEuEglwuJO0uwm
MPI3FFhPaDHA0xakXGGOoKj+fgrFwR4YiwgsOrW+s+wCANMkdKBi6SxuVUaFPVvZ
KVcfVVnhP67zsHXC2cjJjg4Tw6r/bNE83PvXWyGjY/wHNByQtkNtxqdosgLJd6sm
xJQ2/WD9YvSaN2vE113u4vU6ndzSC5sC17ICH0qv5OelQ9l/u9ZTzo7UupTUsNMD
BQesXNILFTGioQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:49:03 2025 by rpki-client