Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: icc3HHXVlIViqPQi9mcKy85RvZNToMHj846Ix7yA2Ac=
Subject key identifier: A6:30:1E:09:15:D8:2C:22:E0:23:B2:61:52:55:AD:CE:56:56:76:18
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0199375CCCA7CF75E77C004B0DF9600A2988
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 167D
Signing time: Thu 11 Sep 2025 06:00:52 +0000
Manifest this update: Thu 11 Sep 2025 06:00:52 +0000
Manifest next update: Fri 12 Sep 2025 06:00:52 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: lml0YeDch5nTSIPNIfDLj6q1+uK9+pSbunIbqhlfmvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:5c:cc:a7:cf:75:e7:7c:00:4b:0d:f9:60:0a:29:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Sep 11 06:00:52 2025 GMT
Not After : Sep 12 06:00:52 2025 GMT
Subject: CN=a6301e0915d82c22e023b2615255adce56567618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:05:92:39:5a:5f:e1:70:7a:da:ac:03:61:
e3:eb:7f:dc:df:c3:b8:95:84:cb:d6:4b:2b:1c:2c:
f3:bf:de:b7:e8:a4:61:de:94:95:82:a4:ae:49:ca:
23:32:45:92:df:fd:a6:ca:13:8b:77:9a:e4:1c:58:
c3:ab:f8:94:d5:24:1e:95:bc:8e:5c:09:e2:d7:82:
6e:07:6d:d3:3c:34:34:15:38:f7:2e:1a:73:1d:eb:
e5:49:68:ac:6c:b8:1c:da:77:06:d1:80:df:c8:46:
d1:28:49:9f:0f:d6:4a:a2:9a:12:3f:e6:4c:33:59:
c2:c8:17:69:4e:90:e9:eb:67:0d:73:21:c8:c7:52:
7f:4f:97:9c:9d:85:93:9e:0f:9f:ed:d7:ee:52:8c:
53:a2:0f:6c:c8:56:d1:f4:8a:ca:fb:aa:6f:33:d8:
55:a4:7c:f2:d4:8d:67:40:6b:28:aa:6d:1c:2e:7e:
9c:04:7d:f1:05:46:36:b4:4a:5d:0b:e0:d5:f3:a8:
db:74:0d:8a:01:36:07:35:bf:a9:3c:d6:9a:4f:a0:
61:7b:84:93:82:b1:ac:4c:3b:50:56:80:2d:0e:56:
b4:52:ba:f4:aa:0b:aa:61:bf:4a:30:5d:c2:6b:3d:
1b:10:40:ee:25:72:29:9a:d0:d9:81:d5:4a:eb:69:
2e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:30:1E:09:15:D8:2C:22:E0:23:B2:61:52:55:AD:CE:56:56:76:18
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:95:84:ec:4b:c4:1b:dc:1e:bb:28:a3:7b:d8:85:2b:01:19:
31:ed:84:71:9a:6d:18:72:f4:54:f3:e8:6b:cf:31:0a:b1:59:
46:95:be:4f:e0:cb:91:b8:36:17:61:a7:d7:ae:76:61:2f:ed:
95:44:1f:5d:c4:49:d7:ea:1c:bc:7a:d0:f8:de:84:15:b7:7f:
b5:4e:ed:f2:01:b2:e9:ea:ef:ba:10:76:41:83:8a:60:e0:d5:
10:2f:00:65:b6:fc:35:75:6f:c9:ee:fe:5f:bb:76:7b:cd:6b:
ab:7c:ce:84:76:d9:81:67:b4:98:b5:81:f1:75:75:78:9f:47:
7f:f0:bb:57:5b:53:2f:47:e9:ac:80:bd:77:03:05:f0:60:1a:
c9:bb:82:f6:53:7f:de:bc:56:38:1e:a5:50:41:53:f3:77:38:
de:9d:d0:37:62:c2:19:33:07:58:8e:da:c4:dc:34:43:44:51:
59:89:e6:24:87:b0:cc:e4:24:22:84:e9:98:d0:14:b3:af:93:
b5:56:62:cd:f7:66:59:c3:39:fa:c5:1e:23:d0:cc:0b:fa:56:
57:d3:ff:36:a8:82:02:c5:b7:11:4c:42:83:d7:a7:e3:9f:d5:
07:1f:c0:d4:2b:e0:e4:0b:76:78:8b:24:0d:cb:7d:38:bf:c3:
ec:db:3a:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk3XMynz3XnfABLDflgCimIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwOTExMDYwMDUyWhcNMjUwOTEyMDYwMDUyWjAzMTEwLwYDVQQD
EyhhNjMwMWUwOTE1ZDgyYzIyZTAyM2IyNjE1MjU1YWRjZTU2NTY3NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwgFkjlaX+FwetqsA2Hj63/c38O4
lYTL1ksrHCzzv9636KRh3pSVgqSuScojMkWS3/2myhOLd5rkHFjDq/iU1SQelbyO
XAni14JuB23TPDQ0FTj3LhpzHevlSWisbLgc2ncG0YDfyEbRKEmfD9ZKopoSP+ZM
M1nCyBdpTpDp62cNcyHIx1J/T5ecnYWTng+f7dfuUoxTog9syFbR9IrK+6pvM9hV
pHzy1I1nQGsoqm0cLn6cBH3xBUY2tEpdC+DV86jbdA2KATYHNb+pPNaaT6Bhe4ST
grGsTDtQVoAtDla0Urr0qguqYb9KMF3Caz0bEEDuJXIpmtDZgdVK62kufQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYwHgkV2Cwi4COyYVJVrc5WVnYYMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZWE7EvE
G9weuyije9iFKwEZMe2EcZptGHL0VPPoa88xCrFZRpW+T+DLkbg2F2Gn1652YS/t
lUQfXcRJ1+ocvHrQ+N6EFbd/tU7t8gGy6ervuhB2QYOKYODVEC8AZbb8NXVvye7+
X7t2e81rq3zOhHbZgWe0mLWB8XV1eJ9Hf/C7V1tTL0fprIC9dwMF8GAaybuC9lN/
3rxWOB6lUEFT83c43p3QN2LCGTMHWI7axNw0Q0RRWYnmJIewzOQkIoTpmNAUs6+T
tVZizfdmWcM5+sUeI9DMC/pWV9P/NqiCAsW3EUxCg9en45/VBx/A1Cvg5At2eIsk
Dct9OL/D7Ns6kQ==
-----END CERTIFICATE-----
Generated at Thu Sep 11 08:58:33 2025 by rpki-client