Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
File: aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft (raw, json)
Hash identifier: OIzMPtq/w49VVMmlYfJpbZkIKao39ulz9JSF+YWDEzo=
Subject key identifier: 9C:79:75:66:B2:42:72:EA:23:DC:22:00:8A:AA:3D:9B:05:11:7D:C2
Authority key identifier: 68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
Certificate issuer: /CN=683b33dc7218b3fe883c49505134cb39a664fd28
Certificate serial: 019A71B919B04A6CB3E2538BBD03519DB5E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
Manifest number: 0B88
Signing time: Tue 11 Nov 2025 07:02:27 +0000
Manifest this update: Tue 11 Nov 2025 07:02:27 +0000
Manifest next update: Wed 12 Nov 2025 07:02:27 +0000
Files and hashes: 1: PecnHh8YFMYIBEgD1PQBC-sYFMY.roa (hash: G67Iyj0Q7isunYlJO9b465cfL0xQGyEo+TS/2SlDQcA=)
2: aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl (hash: 0R8ltCDiYvv4Q4y2NprsTM5VuBXC1kW0nk1QkLey/ZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:19:b0:4a:6c:b3:e2:53:8b:bd:03:51:9d:b5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=683b33dc7218b3fe883c49505134cb39a664fd28
Validity
Not Before: Nov 11 07:02:27 2025 GMT
Not After : Nov 12 07:02:27 2025 GMT
Subject: CN=9c797566b24272ea23dc22008aaa3d9b05117dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2a:52:92:ad:14:83:15:b9:d3:51:bb:2e:ff:
34:9c:68:5a:81:7b:4a:84:0c:e9:b5:da:44:f7:d7:
ba:6c:89:22:24:83:2c:91:03:cb:5a:c0:1d:4b:19:
92:52:9f:d8:f4:81:c5:d1:d6:51:f9:a5:5c:e6:da:
23:ca:fc:b8:ce:4f:14:e2:a3:ff:c0:dc:c8:37:de:
89:43:b4:49:34:c0:ac:94:4e:9f:92:a1:94:94:fd:
ff:c4:12:16:1e:2a:c2:f9:cc:7d:9d:ec:f5:3b:9f:
d6:45:f6:bc:b3:2f:79:c0:cd:ce:d3:0e:de:13:5b:
74:e1:3d:ae:35:16:88:17:82:41:3f:99:7c:bc:de:
a5:9d:7b:44:4c:1e:c7:05:c3:cd:af:29:fb:3a:69:
14:bb:a9:35:51:c7:c8:01:bc:30:75:e1:d4:6f:f4:
5a:3f:3d:a8:7f:56:7c:a4:3e:e8:57:64:c5:66:09:
4d:46:bb:e3:a9:97:72:ae:1e:6f:e5:6c:fb:75:62:
54:ef:86:4c:76:cd:fc:07:dd:ea:3d:94:ef:15:d7:
22:aa:fe:7a:cf:55:19:e5:78:0b:fd:08:84:f2:f1:
fa:76:fc:b3:83:aa:da:92:37:7f:92:60:9f:d3:9e:
c7:a4:68:29:39:d5:39:26:9b:6e:e4:cb:2a:5e:7f:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:79:75:66:B2:42:72:EA:23:DC:22:00:8A:AA:3D:9B:05:11:7D:C2
X509v3 Authority Key Identifier:
keyid:68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:a9:6c:c5:cc:f3:46:3d:4d:1b:14:3b:9b:33:1b:9f:af:47:
d5:b0:7f:d3:d2:d6:95:45:cb:e5:55:fc:dc:5c:dd:1d:1d:99:
26:f4:1e:f4:f7:34:23:2f:d2:c1:3e:23:aa:27:53:8a:75:57:
52:15:be:b4:9a:85:bc:1b:33:68:c3:5f:dd:86:2d:35:dd:bc:
dd:d8:95:e1:a6:3b:09:ba:8f:63:56:0e:8a:ca:2c:9b:5d:e2:
d5:36:3c:5b:ed:e1:2d:2f:52:a6:ae:a2:64:78:2f:da:9b:e4:
b8:83:19:96:b0:81:bd:7c:1f:15:07:87:57:29:49:75:2d:29:
57:21:a5:82:11:b3:b1:65:54:9f:b5:8b:c5:3e:1f:c0:e8:3d:
46:0a:ff:eb:45:53:69:bd:3f:1a:4e:52:b0:1b:71:ad:6f:67:
3e:5d:05:80:cd:20:ae:31:3c:26:3d:a0:7b:31:91:f6:ee:63:
3b:64:86:2a:0d:7d:65:b9:99:60:7d:c6:fa:7f:1c:8e:3d:d9:
0a:0e:a6:29:57:73:56:8a:67:87:fd:7e:97:03:12:42:95:a0:
eb:45:e3:75:28:2e:a5:57:3d:97:ef:80:e0:78:35:76:b8:aa:
72:5f:5e:f6:6b:21:02:da:59:dc:41:9f:fd:83:73:a6:4e:47:
a4:98:b8:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRmwSmyz4lOLvQNRnbXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4M2IzM2RjNzIxOGIzZmU4ODNjNDk1MDUxMzRjYjM5YTY2
NGZkMjgwHhcNMjUxMTExMDcwMjI3WhcNMjUxMTEyMDcwMjI3WjAzMTEwLwYDVQQD
Eyg5Yzc5NzU2NmIyNDI3MmVhMjNkYzIyMDA4YWFhM2Q5YjA1MTE3ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqypSkq0UgxW501G7Lv80nGhagXtK
hAzptdpE99e6bIkiJIMskQPLWsAdSxmSUp/Y9IHF0dZR+aVc5tojyvy4zk8U4qP/
wNzIN96JQ7RJNMCslE6fkqGUlP3/xBIWHirC+cx9nez1O5/WRfa8sy95wM3O0w7e
E1t04T2uNRaIF4JBP5l8vN6lnXtETB7HBcPNryn7OmkUu6k1UcfIAbwwdeHUb/Ra
Pz2of1Z8pD7oV2TFZglNRrvjqZdyrh5v5Wz7dWJU74ZMds38B93qPZTvFdciqv56
z1UZ5XgL/QiE8vH6dvyzg6rakjd/kmCf057HpGgpOdU5Jptu5MsqXn+tawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJx5dWayQnLqI9wiAIqqPZsFEX3CMB8GA1UdIwQY
MBaAFGg7M9xyGLP+iDxJUFE0yzmmZP0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEt
MTRjNmI5NTRkOTc2LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEtMTRjNmI5NTRkOTc2
LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKlsxczz
Rj1NGxQ7mzMbn69H1bB/09LWlUXL5VX83FzdHR2ZJvQe9Pc0Iy/SwT4jqidTinVX
UhW+tJqFvBszaMNf3YYtNd283diV4aY7CbqPY1YOisosm13i1TY8W+3hLS9Spq6i
ZHgv2pvkuIMZlrCBvXwfFQeHVylJdS0pVyGlghGzsWVUn7WLxT4fwOg9Rgr/60VT
ab0/Gk5SsBtxrW9nPl0FgM0grjE8Jj2gezGR9u5jO2SGKg19ZbmZYH3G+n8cjj3Z
Cg6mKVdzVopnh/1+lwMSQpWg60XjdSgupVc9l++A4Hg1driqcl9e9mshAtpZ3EGf
/YNzpk5HpJi4aA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:37 2025 by rpki-client