Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft
File: AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft (raw, json)
Hash identifier: bUJhMldq5Bna+WsRWW3t5pGrLk0XLiE9loVxxCNt3S4=
Subject key identifier: 0D:17:A6:39:37:7F:53:E0:16:FF:69:5E:2B:D6:BE:76:B6:57:F5:F0
Authority key identifier: 01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1
Certificate issuer: /CN=017c90654653ac150028562b32431491b52147d1
Certificate serial: 019A72266E15CC7D3075036D8A8123682B74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft
Manifest number: 0EFE
Signing time: Tue 11 Nov 2025 09:01:52 +0000
Manifest this update: Tue 11 Nov 2025 09:01:52 +0000
Manifest next update: Wed 12 Nov 2025 09:01:52 +0000
Files and hashes: 1: AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl (hash: iMuNaP6G0QrnFSABALYc20PXo4UAwu3/B7Sw7lVar7I=)
2: L2lE8nOnlyxmaD3x1ZRACrDCMP8.roa (hash: ZXu28qkdGNNh4liAxQWetF6CZII1uCDb6IiGf6WW5Vw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:6e:15:cc:7d:30:75:03:6d:8a:81:23:68:2b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=017c90654653ac150028562b32431491b52147d1
Validity
Not Before: Nov 11 09:01:52 2025 GMT
Not After : Nov 12 09:01:52 2025 GMT
Subject: CN=0d17a639377f53e016ff695e2bd6be76b657f5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3e:dd:d0:40:a1:d6:88:3c:af:c6:8f:a5:8a:
12:22:48:22:05:57:4d:2b:7f:1e:78:01:f2:23:33:
e3:8e:e7:15:f3:5a:d9:15:21:79:cf:ec:69:6f:50:
ca:ff:42:7d:41:9e:66:f9:89:dc:b2:18:b4:83:1b:
a2:38:4f:b0:84:12:f0:8d:03:ae:da:63:41:fa:84:
85:aa:1e:94:57:ef:c2:ca:ef:e3:bd:c2:80:96:03:
20:b1:41:9d:83:62:ac:99:54:5c:d9:b7:d1:73:01:
f7:83:97:03:9b:0e:df:42:dd:20:47:2d:dd:aa:59:
5e:2c:8a:54:ad:61:75:8f:46:d1:a3:eb:04:b3:d2:
7a:7a:6b:90:0c:60:88:a7:f1:bf:15:ea:44:b7:9d:
e2:78:29:ff:03:86:59:7f:32:e3:a8:52:7f:21:b2:
9a:51:61:7c:fd:2c:47:df:a0:63:40:d2:ec:df:62:
12:c2:16:5f:31:4c:35:fe:ca:a7:6a:73:b9:6e:35:
c2:d7:f9:db:6a:53:9c:78:6b:a8:ea:62:55:4e:b9:
92:83:e4:5a:87:b9:54:fd:da:6f:94:58:cb:e1:ed:
c1:03:78:da:b6:28:90:b5:7a:20:4c:ee:d7:df:f9:
9b:bb:41:98:d9:32:78:89:ec:9e:ab:2b:bf:18:3c:
45:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:17:A6:39:37:7F:53:E0:16:FF:69:5E:2B:D6:BE:76:B6:57:F5:F0
X509v3 Authority Key Identifier:
keyid:01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:bd:17:51:65:c0:6c:6e:29:71:37:dd:c1:b6:c4:a6:19:a4:
b5:a0:ba:d6:20:f7:7e:72:4d:8b:7c:c3:56:20:35:b5:9b:db:
86:ee:48:d0:27:70:53:6f:6f:ba:13:33:13:a9:f8:88:f1:6a:
d3:de:5b:17:df:83:54:0d:6d:4e:c0:78:55:7c:95:5d:94:e6:
09:f4:68:c9:44:bd:24:96:cb:6f:06:d6:59:51:53:8b:e0:db:
39:bd:bb:30:69:40:19:bd:85:39:0a:95:e7:2f:af:ea:52:cb:
6b:ce:49:bb:83:8e:85:28:a7:4e:a0:66:72:88:ad:7c:0c:cd:
7a:1d:fc:5f:30:09:2c:5f:b2:25:cd:8b:fd:85:83:17:76:1b:
74:46:fc:e1:43:44:cc:a6:75:32:33:7c:26:2c:e1:82:03:ca:
2c:32:59:42:c8:e2:54:8b:07:9d:97:c0:42:69:7c:8f:19:0c:
ac:1b:a4:6b:41:05:b9:4a:2f:84:01:84:8c:62:5e:4b:5f:48:
dc:2c:31:e8:ef:35:b1:b7:ba:21:87:e7:07:d0:70:ea:15:f0:
96:a6:a2:c9:a7:c2:63:b3:83:46:c7:61:1a:05:b5:70:23:69:
11:28:66:83:12:4b:ca:c0:85:9e:7c:e5:c9:9b:70:f6:83:54:
cc:57:8b:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm4VzH0wdQNtioEjaCt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxN2M5MDY1NDY1M2FjMTUwMDI4NTYyYjMyNDMxNDkxYjUy
MTQ3ZDEwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EygwZDE3YTYzOTM3N2Y1M2UwMTZmZjY5NWUyYmQ2YmU3NmI2NTdmNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z7d0ECh1og8r8aPpYoSIkgiBVdN
K38eeAHyIzPjjucV81rZFSF5z+xpb1DK/0J9QZ5m+Yncshi0gxuiOE+whBLwjQOu
2mNB+oSFqh6UV+/Cyu/jvcKAlgMgsUGdg2KsmVRc2bfRcwH3g5cDmw7fQt0gRy3d
qlleLIpUrWF1j0bRo+sEs9J6emuQDGCIp/G/FepEt53ieCn/A4ZZfzLjqFJ/IbKa
UWF8/SxH36BjQNLs32ISwhZfMUw1/sqnanO5bjXC1/nbalOceGuo6mJVTrmSg+Ra
h7lU/dpvlFjL4e3BA3jatiiQtXogTO7X3/mbu0GY2TJ4ieyeqyu/GDxFBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0Xpjk3f1PgFv9pXivWvna2V/XwMB8GA1UdIwQY
MBaAFAF8kGVGU6wVAChWKzJDFJG1IUfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYt
NzAxM2E2YzQzOTg1LzEvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYtNzAxM2E2YzQzOTg1
LzEvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm70XUWXA
bG4pcTfdwbbEphmktaC61iD3fnJNi3zDViA1tZvbhu5I0CdwU29vuhMzE6n4iPFq
095bF9+DVA1tTsB4VXyVXZTmCfRoyUS9JJbLbwbWWVFTi+DbOb27MGlAGb2FOQqV
5y+v6lLLa85Ju4OOhSinTqBmcoitfAzNeh38XzAJLF+yJc2L/YWDF3YbdEb84UNE
zKZ1MjN8JizhggPKLDJZQsjiVIsHnZfAQml8jxkMrBuka0EFuUovhAGEjGJeS19I
3Cwx6O81sbe6IYfnB9Bw6hXwlqaiyafCY7ODRsdhGgW1cCNpEShmgxJLysCFnnzl
yZtw9oNUzFeLBg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:14:01 2025 by rpki-client