Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: WNsjr/lhBgcXQ5rlvK4S9C4H05Kz/NU15s4SggnCL9w=
Subject key identifier: 70:49:00:7F:66:0E:D1:F7:43:74:2A:4B:2C:B1:2E:47:A9:5B:D5:54
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019962EBBDDDF59FFBDD7971142102B20812
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 15E6
Signing time: Fri 19 Sep 2025 17:00:40 +0000
Manifest this update: Fri 19 Sep 2025 17:00:40 +0000
Manifest next update: Sat 20 Sep 2025 17:00:40 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: 0rWhfAFnu6KJW2TXYwluMr25U/W+Q5pTKRz4qIvhuAs=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:62:eb:bd:dd:f5:9f:fb:dd:79:71:14:21:02:b2:08:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Sep 19 17:00:40 2025 GMT
Not After : Sep 20 17:00:40 2025 GMT
Subject: CN=7049007f660ed1f743742a4b2cb12e47a95bd554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:65:14:3f:92:86:da:ae:f1:20:d0:3e:da:
3e:ca:07:91:c6:21:bb:13:3c:20:4a:6d:98:4d:dd:
3c:2b:6f:2e:aa:58:3f:04:82:32:30:0a:d3:d2:95:
52:ba:03:d2:ba:5a:b9:cd:a4:c4:6a:fe:d8:51:fb:
e3:24:0d:18:e0:7a:0a:4a:28:0e:8b:6a:08:05:62:
51:ae:5c:8a:ae:29:2f:b8:1f:b6:34:50:26:01:54:
63:8b:4f:27:13:f3:88:f2:c1:bc:18:30:1c:be:63:
4c:62:10:55:48:63:aa:06:45:60:10:6b:61:ce:d4:
9e:ca:37:f1:f2:58:e3:5b:c5:00:0a:ab:47:82:31:
c6:a2:3c:d1:ac:55:3e:da:27:43:17:b0:79:41:20:
a2:fd:0f:fd:92:63:c9:d5:7c:9a:d8:4f:8a:77:b3:
59:b6:26:ca:4d:4f:59:ae:11:ef:28:6a:fb:8c:94:
ba:a0:d7:06:07:ef:cb:7d:d4:2a:08:1a:10:00:40:
cf:51:39:8d:e7:d2:80:23:09:c9:72:4b:98:3f:00:
ca:8b:d0:57:e8:0d:3b:81:91:25:c5:7b:de:48:d3:
75:17:89:55:40:13:97:40:57:0d:88:0b:19:c1:35:
e2:a1:f8:4c:8a:41:16:2c:f3:f8:35:c2:34:ac:ac:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:49:00:7F:66:0E:D1:F7:43:74:2A:4B:2C:B1:2E:47:A9:5B:D5:54
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:71:b7:be:22:3b:b5:59:9e:2d:9c:13:a9:b8:19:c7:03:a5:
c4:70:c3:f2:4c:0e:ca:ae:00:bd:4d:ad:f3:97:9b:02:b6:63:
ce:f1:5c:7b:c9:a8:50:9a:63:ac:a5:7c:0a:c2:29:20:14:82:
fd:fa:b2:9c:c3:78:c0:2c:df:39:3a:48:b2:8e:91:1c:06:2c:
f7:59:13:19:78:db:ac:73:d2:bf:8f:1e:b9:13:aa:5e:74:b4:
c9:10:b0:6b:d9:4c:ec:da:79:88:7a:ea:52:86:a1:88:a4:6a:
6d:9d:4e:15:d5:c6:21:be:d9:3b:93:ad:43:d9:75:fe:fe:82:
cc:9c:86:c7:53:bc:b3:80:22:6d:aa:f1:2a:6e:e4:06:e9:fc:
a1:fb:ce:9e:42:55:59:d1:2b:af:83:83:98:3e:54:be:81:1c:
df:e8:3b:87:00:6b:3d:39:96:50:84:cd:58:71:1d:7c:9f:df:
41:10:1c:3e:4f:b5:19:28:ef:82:ab:7e:3a:26:c7:1f:e4:55:
b3:ec:42:a8:96:ce:7a:04:3f:9e:f2:34:e3:57:ab:95:43:3f:
0f:4c:b7:2a:74:3d:78:12:75:9a:df:e7:5e:fe:99:ac:2e:76:
6a:66:80:80:a4:bb:58:ed:bb:8b:3f:e9:c9:09:c0:aa:4e:7a:
14:d9:23:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZli673d9Z/73XlxFCECsggSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwOTE5MTcwMDQwWhcNMjUwOTIwMTcwMDQwWjAzMTEwLwYDVQQD
Eyg3MDQ5MDA3ZjY2MGVkMWY3NDM3NDJhNGIyY2IxMmU0N2E5NWJkNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3NlFD+Shtqu8SDQPto+ygeRxiG7
EzwgSm2YTd08K28uqlg/BIIyMArT0pVSugPSulq5zaTEav7YUfvjJA0Y4HoKSigO
i2oIBWJRrlyKrikvuB+2NFAmAVRji08nE/OI8sG8GDAcvmNMYhBVSGOqBkVgEGth
ztSeyjfx8ljjW8UACqtHgjHGojzRrFU+2idDF7B5QSCi/Q/9kmPJ1Xya2E+Kd7NZ
tibKTU9ZrhHvKGr7jJS6oNcGB+/LfdQqCBoQAEDPUTmN59KAIwnJckuYPwDKi9BX
6A07gZElxXveSNN1F4lVQBOXQFcNiAsZwTXiofhMikEWLPP4NcI0rKywGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBJAH9mDtH3Q3QqSyyxLkepW9VUMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnnG3viI7
tVmeLZwTqbgZxwOlxHDD8kwOyq4AvU2t85ebArZjzvFce8moUJpjrKV8CsIpIBSC
/fqynMN4wCzfOTpIso6RHAYs91kTGXjbrHPSv48euROqXnS0yRCwa9lM7Np5iHrq
UoahiKRqbZ1OFdXGIb7ZO5OtQ9l1/v6CzJyGx1O8s4AibarxKm7kBun8ofvOnkJV
WdErr4ODmD5UvoEc3+g7hwBrPTmWUITNWHEdfJ/fQRAcPk+1GSjvgqt+OibHH+RV
s+xCqJbOegQ/nvI041erlUM/D0y3KnQ9eBJ1mt/nXv6ZrC52amaAgKS7WO27iz/p
yQnAqk56FNkj6w==
-----END CERTIFICATE-----
Generated at Sat Sep 20 00:23:22 2025 by rpki-client