Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
File: GheAknBHDXwlZxEvtAqe9xJgBRY.mft (raw, json)
Hash identifier: RsqR8v4CKSSIRGcsPYqJ2OPK9eCcrYaR9h36wABpzu0=
Subject key identifier: 05:D2:60:1F:23:C7:39:E9:99:07:42:58:45:1A:87:8D:17:87:8D:49
Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516
Certificate serial: 0199529E4D46671E7AFCF798A2546F15E7E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
Manifest number: 168C
Signing time: Tue 16 Sep 2025 13:02:10 +0000
Manifest this update: Tue 16 Sep 2025 13:02:10 +0000
Manifest next update: Wed 17 Sep 2025 13:02:10 +0000
Files and hashes: 1: 3n_Nd4cUj6teASapK4pWavXgfU0.roa (hash: KngeXtbNNWR05hMf2WkynvKsVClU9oGlPMx0Mk7lMOM=)
2: GheAknBHDXwlZxEvtAqe9xJgBRY.crl (hash: p4j1ZvKI+BRg0WAWstBmaWbjQGJ1IIwUJc0q6LDn4aQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:9e:4d:46:67:1e:7a:fc:f7:98:a2:54:6f:15:e7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516
Validity
Not Before: Sep 16 13:02:10 2025 GMT
Not After : Sep 17 13:02:10 2025 GMT
Subject: CN=05d2601f23c739e999074258451a878d17878d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:2a:06:fb:78:de:4b:07:c1:de:45:27:f6:
31:80:42:7b:9d:43:fb:50:bf:f8:32:d1:42:eb:38:
45:2b:93:71:a3:61:f4:95:8f:89:03:c8:f2:2d:c0:
60:0a:99:77:8c:3f:11:19:9d:df:e2:25:64:6e:5d:
46:8c:f0:ec:65:74:3b:24:c8:b7:bd:1c:38:08:44:
21:da:90:a3:ac:e0:6b:0f:68:7f:db:e7:c7:83:d5:
e3:0e:5b:b4:28:78:ce:43:cf:aa:bf:89:9b:32:5e:
ff:d7:06:9f:2e:45:92:6b:2b:32:94:0c:9c:64:c5:
2d:c7:74:32:28:f0:5c:22:95:22:ad:8e:b2:ea:70:
8a:46:58:7e:94:ad:a3:cb:c3:12:5d:5a:2f:9c:df:
db:45:2d:3a:61:c7:62:0a:e4:73:98:07:ba:2d:9d:
17:cd:12:ec:a7:a0:df:7f:d0:e4:fb:08:0a:06:ed:
62:56:7f:d4:6f:76:9e:64:03:ba:58:61:3f:fb:d5:
73:e8:71:e0:57:82:9b:2e:76:bd:19:85:8f:4c:84:
06:0a:af:a9:1d:cc:1e:24:f0:b6:0e:6a:b5:88:7f:
e4:b9:64:04:2b:37:40:e4:e5:8b:77:00:c5:dc:3f:
29:c9:0e:de:0b:00:58:e0:7d:95:a6:ab:c5:53:71:
9e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D2:60:1F:23:C7:39:E9:99:07:42:58:45:1A:87:8D:17:87:8D:49
X509v3 Authority Key Identifier:
keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:1f:ec:94:bd:73:47:63:19:6c:a2:35:fa:08:dd:f9:a3:b4:
24:92:2b:19:97:0c:0b:1a:e4:9c:c2:bf:f6:b3:78:49:2d:9e:
88:40:a7:44:1d:43:a3:fa:96:85:6b:15:f8:a9:9f:52:1e:ca:
bc:12:74:bd:6a:d7:5b:48:f8:f2:3a:5f:a5:85:27:a3:98:7d:
ae:4d:7b:5c:e1:24:44:fa:71:0d:87:f1:fb:58:01:f9:2d:89:
86:34:25:64:45:fe:af:8b:fd:19:31:3b:7a:97:4d:af:6a:d5:
0d:53:16:3a:85:6e:47:bb:3b:ec:92:72:d3:15:69:f5:0a:c5:
85:5f:bc:a7:0e:5a:81:7d:23:d3:77:27:36:37:ce:32:d9:dc:
57:9d:8a:a8:36:16:b6:e3:04:d0:96:bf:c5:8d:75:83:f5:17:
c6:73:33:bf:0b:c5:f6:00:f4:26:18:d1:40:83:ad:f5:07:7d:
90:09:56:78:4b:71:62:7d:73:be:20:85:50:56:0f:77:18:0a:
b7:55:bd:e3:e7:f1:fc:07:98:cf:ba:3d:7f:f9:2a:00:f9:2a:
b1:12:ab:f7:3b:9f:98:03:60:9c:44:03:98:b6:ac:cf:9e:fe:
e9:ad:a7:7e:11:7f:64:a0:5d:58:0c:81:a9:46:05:60:ae:6a:
0e:f8:0a:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlSnk1GZx56/PeYolRvFefmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2
MDA1MTYwHhcNMjUwOTE2MTMwMjEwWhcNMjUwOTE3MTMwMjEwWjAzMTEwLwYDVQQD
EygwNWQyNjAxZjIzYzczOWU5OTkwNzQyNTg0NTFhODc4ZDE3ODc4ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDcqBvt43ksHwd5FJ/YxgEJ7nUP7
UL/4MtFC6zhFK5Nxo2H0lY+JA8jyLcBgCpl3jD8RGZ3f4iVkbl1GjPDsZXQ7JMi3
vRw4CEQh2pCjrOBrD2h/2+fHg9XjDlu0KHjOQ8+qv4mbMl7/1wafLkWSaysylAyc
ZMUtx3QyKPBcIpUirY6y6nCKRlh+lK2jy8MSXVovnN/bRS06YcdiCuRzmAe6LZ0X
zRLsp6Dff9Dk+wgKBu1iVn/Ub3aeZAO6WGE/+9Vz6HHgV4KbLna9GYWPTIQGCq+p
HcweJPC2Dmq1iH/kuWQEKzdA5OWLdwDF3D8pyQ7eCwBY4H2VpqvFU3GeZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXSYB8jxznpmQdCWEUah40Xh41JMB8GA1UdIwQY
MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt
OGFmYTc0ZDg3NjlmLzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm
LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmR/slL1z
R2MZbKI1+gjd+aO0JJIrGZcMCxrknMK/9rN4SS2eiECnRB1Do/qWhWsV+KmfUh7K
vBJ0vWrXW0j48jpfpYUno5h9rk17XOEkRPpxDYfx+1gB+S2JhjQlZEX+r4v9GTE7
epdNr2rVDVMWOoVuR7s77JJy0xVp9QrFhV+8pw5agX0j03cnNjfOMtncV52KqDYW
tuME0Ja/xY11g/UXxnMzvwvF9gD0JhjRQIOt9Qd9kAlWeEtxYn1zviCFUFYPdxgK
t1W94+fx/AeYz7o9f/kqAPkqsRKr9zufmANgnEQDmLasz57+6a2nfhF/ZKBdWAyB
qUYFYK5qDvgK6w==
-----END CERTIFICATE-----
Generated at Tue Sep 16 20:24:47 2025 by rpki-client