Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier: bbUY0jSfVFa5Qf3bWXt0LP1tJzPt/EmhA2UYq01Pcgc=
Subject key identifier: 27:93:B3:69:60:A2:9B:58:7C:B1:4F:D2:C2:31:86:FD:EB:03:92:57
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer: /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial: 019A71B9410FFAE2B7146A1C2A043D19C0FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number: 141C
Signing time: Tue 11 Nov 2025 07:02:37 +0000
Manifest this update: Tue 11 Nov 2025 07:02:37 +0000
Manifest next update: Wed 12 Nov 2025 07:02:37 +0000
Files and hashes: 1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: W65biI7F2cq9OPe4r7tYNK/TQDo1T038DJGy9SRSSr4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:41:0f:fa:e2:b7:14:6a:1c:2a:04:3d:19:c0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
Validity
Not Before: Nov 11 07:02:37 2025 GMT
Not After : Nov 12 07:02:37 2025 GMT
Subject: CN=2793b36960a29b587cb14fd2c23186fdeb039257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:d8:29:5f:d2:e5:0d:d8:60:ad:92:86:e6:
0c:89:d4:84:57:cc:ac:17:67:db:0b:33:33:35:c1:
2f:07:cd:3e:df:47:a6:98:a8:7e:3e:f5:90:52:ef:
98:6a:09:9d:71:3a:cb:5d:87:d8:38:ab:3e:0e:3b:
2c:30:21:cd:a7:c1:85:bb:1a:cb:c4:b9:e9:82:67:
d8:37:3c:ad:e9:53:66:1c:52:e1:54:c2:b0:fb:1a:
91:51:17:16:e4:07:26:81:52:2b:12:8c:33:5f:8e:
1b:6e:8f:16:dc:55:db:48:3f:55:19:3f:42:1d:92:
24:13:64:d0:de:8a:3d:d9:b2:db:f6:d7:ac:db:80:
37:4d:e1:36:4b:31:f6:f6:de:9c:27:ba:0f:d0:80:
80:90:4e:2f:fb:60:2c:89:57:da:e8:e4:49:77:f6:
e1:a7:a5:f4:4d:8c:15:7a:f2:bd:de:8a:70:dd:9e:
83:e9:5b:d6:57:4e:5c:cc:d2:c8:26:73:22:d4:61:
3d:eb:6e:91:2d:87:6e:a5:be:53:7e:01:1d:ec:0f:
8b:87:ce:f1:b1:86:4b:1a:ad:af:28:d2:3b:0c:6c:
e2:c1:5c:94:1c:fb:c5:9b:16:54:e2:ba:27:a3:ca:
51:2b:88:59:56:e2:0a:f1:e2:7b:d4:43:53:bf:58:
90:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:93:B3:69:60:A2:9B:58:7C:B1:4F:D2:C2:31:86:FD:EB:03:92:57
X509v3 Authority Key Identifier:
keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:10:59:46:de:e6:45:f0:ae:85:4e:16:51:8f:41:8a:de:d0:
97:75:8b:f1:fc:0f:63:d3:61:b9:dd:c7:cd:e2:d6:ea:ee:39:
4b:aa:f1:89:45:cf:23:11:db:f0:3e:e4:37:f4:ea:3e:40:44:
b4:15:f6:b4:80:24:7e:28:94:40:ad:67:7f:7a:74:49:a0:47:
da:dd:7e:11:52:0b:0a:5f:be:40:f4:38:a1:96:37:72:aa:40:
80:36:c7:74:25:79:8b:68:ce:5e:dc:dd:ab:4e:1d:42:82:10:
d3:0c:db:cc:d9:b2:e2:89:4d:0f:d6:08:80:cc:70:00:43:0f:
ef:e1:c0:38:b8:d5:05:c8:56:03:4a:fe:1e:23:d4:fc:16:ee:
1e:68:93:79:12:d3:4a:99:c2:ad:98:cf:50:4b:45:93:3b:71:
2b:d6:bd:28:0b:c7:10:42:a9:43:6a:87:ba:52:cd:39:40:9b:
73:98:9b:83:d9:27:c8:13:88:b9:d9:23:29:43:53:9e:6d:b7:
f0:cc:80:62:ed:0a:94:4b:95:7f:ce:cd:7d:97:7f:a8:d0:c5:
3c:9a:cd:e5:ba:f2:36:b6:c5:02:e4:2b:87:40:6c:b4:31:db:
75:78:50:66:a1:77:c0:50:f2:35:37:6d:9d:c1:91:eb:df:9f:
e9:97:cd:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuUEP+uK3FGocKgQ9GcD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjUxMTExMDcwMjM3WhcNMjUxMTEyMDcwMjM3WjAzMTEwLwYDVQQD
EygyNzkzYjM2OTYwYTI5YjU4N2NiMTRmZDJjMjMxODZmZGViMDM5MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2DYKV/S5Q3YYK2ShuYMidSEV8ys
F2fbCzMzNcEvB80+30emmKh+PvWQUu+YagmdcTrLXYfYOKs+DjssMCHNp8GFuxrL
xLnpgmfYNzyt6VNmHFLhVMKw+xqRURcW5AcmgVIrEowzX44bbo8W3FXbSD9VGT9C
HZIkE2TQ3oo92bLb9tes24A3TeE2SzH29t6cJ7oP0ICAkE4v+2AsiVfa6ORJd/bh
p6X0TYwVevK93opw3Z6D6VvWV05czNLIJnMi1GE9626RLYdupb5TfgEd7A+Lh87x
sYZLGq2vKNI7DGziwVyUHPvFmxZU4rono8pRK4hZVuIK8eJ71ENTv1iQPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeTs2lgoptYfLFP0sIxhv3rA5JXMB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBBZRt7m
RfCuhU4WUY9Bit7Ql3WL8fwPY9Nhud3HzeLW6u45S6rxiUXPIxHb8D7kN/TqPkBE
tBX2tIAkfiiUQK1nf3p0SaBH2t1+EVILCl++QPQ4oZY3cqpAgDbHdCV5i2jOXtzd
q04dQoIQ0wzbzNmy4olND9YIgMxwAEMP7+HAOLjVBchWA0r+HiPU/BbuHmiTeRLT
SpnCrZjPUEtFkztxK9a9KAvHEEKpQ2qHulLNOUCbc5ibg9knyBOIudkjKUNTnm23
8MyAYu0KlEuVf87NfZd/qNDFPJrN5bryNrbFAuQrh0BstDHbdXhQZqF3wFDyNTdt
ncGR69+f6ZfNiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:21:53 2025 by rpki-client