Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: +00NLzhK27LTaZUxuFBSHFKBjfIMm3zvDVqbk13zVJM=
Subject key identifier: F8:EC:80:BB:16:89:51:2F:0C:E7:9A:51:9B:F6:89:30:3F:B5:83:C9
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0197470BC140F309B5C75B7BDA50AC24BC2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 157C
Signing time: Fri 06 Jun 2025 21:00:42 +0000
Manifest this update: Fri 06 Jun 2025 21:00:42 +0000
Manifest next update: Sat 07 Jun 2025 21:00:42 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: 2PQjHPsHR8yOxnEHbLJdbSXWHTg8v+GoOQCAXjP227Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:47:0b:c1:40:f3:09:b5:c7:5b:7b:da:50:ac:24:bc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Jun 6 21:00:42 2025 GMT
Not After : Jun 7 21:00:42 2025 GMT
Subject: CN=f8ec80bb1689512f0ce79a519bf689303fb583c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:20:29:8f:c7:a4:e2:5e:40:a8:20:41:c3:3f:
f8:ef:e1:48:b0:1e:2b:ea:25:b8:82:1a:87:43:3c:
05:1b:3b:ce:f7:3f:94:4f:10:bd:3b:1e:7d:1c:90:
98:bf:ac:34:8e:85:5d:e5:f3:af:d6:67:ff:9f:76:
c7:bb:c1:3e:3a:26:4f:96:11:b7:41:7f:3f:70:fd:
ed:a8:ea:55:c8:ab:47:aa:16:06:61:96:3a:1f:ad:
80:58:4f:ae:2f:da:53:1f:9c:8f:78:85:f4:80:07:
ab:19:d7:12:b1:24:1e:06:e8:4b:10:e8:42:01:61:
64:4d:1e:89:31:c3:53:9f:c6:c7:bc:e5:ab:e8:49:
f0:8c:a5:97:36:2e:c1:c3:97:45:b0:7c:72:5f:2c:
9b:84:62:59:bc:4b:12:d4:d8:12:a3:51:a9:b0:99:
2e:81:ba:12:4a:64:63:2e:c8:22:20:71:c0:74:ab:
0f:a5:2e:db:cf:ad:a6:0c:8c:1c:8e:7e:64:c8:d4:
cf:75:ea:07:91:b5:7f:8b:d6:e2:7c:9e:6c:48:b5:
cb:21:ae:f7:33:eb:6d:24:fe:32:72:e9:0b:08:a1:
8d:39:fb:6c:3b:c7:9f:b6:58:4f:ae:96:a3:0e:69:
f3:15:ff:40:8b:73:83:a9:86:ab:55:79:a8:75:02:
2d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EC:80:BB:16:89:51:2F:0C:E7:9A:51:9B:F6:89:30:3F:B5:83:C9
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:fd:3d:5b:53:5d:43:45:d7:c4:9b:bc:94:37:4d:24:f0:cc:
4c:64:a6:94:03:0a:7b:72:56:9d:f4:45:af:f6:f8:70:56:9f:
21:e8:86:5a:a5:9a:41:4f:ea:87:83:70:6f:d9:6a:f7:5f:55:
69:24:8b:02:c6:6d:7f:6b:eb:5e:fe:f8:9b:36:e4:54:76:83:
8f:24:89:1a:e5:d2:87:7f:38:09:41:c0:df:08:48:aa:c9:9e:
1c:13:cd:1a:7a:67:87:d7:c8:db:d2:b1:e5:ae:39:c2:8b:5c:
b7:42:23:5d:0f:48:7e:2a:e6:ee:d1:a7:53:fd:20:0b:a2:9f:
3e:48:88:34:db:a9:e8:53:0d:f5:90:e8:1b:ef:70:1b:8f:c2:
d5:0a:ba:af:15:ac:3f:2e:68:3e:d9:0f:6f:c6:f2:71:9f:a3:
08:c9:37:af:c3:0c:f4:76:39:77:7e:57:8e:20:43:4c:01:3a:
53:5f:40:05:b0:dc:68:b8:94:e7:5d:93:db:b4:b0:ac:ec:fb:
7b:7e:40:c3:81:17:66:2c:72:10:c3:cb:f8:84:ee:97:9d:95:
61:e5:1a:98:c2:da:3d:db:06:c9:4d:c6:33:f0:4f:1a:01:09:
80:7c:62:b2:21:33:61:d3:21:fa:52:a8:d1:aa:52:66:96:fd:
0a:b7:02:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC8FA8wm1x1t72lCsJLwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwNjA2MjEwMDQyWhcNMjUwNjA3MjEwMDQyWjAzMTEwLwYDVQQD
EyhmOGVjODBiYjE2ODk1MTJmMGNlNzlhNTE5YmY2ODkzMDNmYjU4M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yApj8ek4l5AqCBBwz/47+FIsB4r
6iW4ghqHQzwFGzvO9z+UTxC9Ox59HJCYv6w0joVd5fOv1mf/n3bHu8E+OiZPlhG3
QX8/cP3tqOpVyKtHqhYGYZY6H62AWE+uL9pTH5yPeIX0gAerGdcSsSQeBuhLEOhC
AWFkTR6JMcNTn8bHvOWr6EnwjKWXNi7Bw5dFsHxyXyybhGJZvEsS1NgSo1GpsJku
gboSSmRjLsgiIHHAdKsPpS7bz62mDIwcjn5kyNTPdeoHkbV/i9bifJ5sSLXLIa73
M+ttJP4ycukLCKGNOftsO8eftlhPrpajDmnzFf9Ai3ODqYarVXmodQItsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjsgLsWiVEvDOeaUZv2iTA/tYPJMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/09W1Nd
Q0XXxJu8lDdNJPDMTGSmlAMKe3JWnfRFr/b4cFafIeiGWqWaQU/qh4Nwb9lq919V
aSSLAsZtf2vrXv74mzbkVHaDjySJGuXSh384CUHA3whIqsmeHBPNGnpnh9fI29Kx
5a45wotct0IjXQ9Ifirm7tGnU/0gC6KfPkiINNup6FMN9ZDoG+9wG4/C1Qq6rxWs
Py5oPtkPb8bycZ+jCMk3r8MM9HY5d35XjiBDTAE6U19ABbDcaLiU512T27SwrOz7
e35Aw4EXZixyEMPL+ITul52VYeUamMLaPdsGyU3GM/BPGgEJgHxisiEzYdMh+lKo
0apSZpb9CrcCxA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:00:34 2025 by rpki-client