Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: 8QLm8W97r1l/XygwKVHdWAeSpobWD02BuS8aZtpt3yQ=
Subject key identifier: 82:5A:72:AC:F6:5E:FA:1E:20:3A:83:91:EB:46:B4:1B:5F:B4:7B:42
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019A733846ACB16D15E1FAA2E6C69567A532
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 1373
Signing time: Tue 11 Nov 2025 14:00:59 +0000
Manifest this update: Tue 11 Nov 2025 14:00:59 +0000
Manifest next update: Wed 12 Nov 2025 14:00:59 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: 5WT2lVwLUd1IVKvvJgPliTZicXKr4c2gUKotNHb804Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:46:ac:b1:6d:15:e1:fa:a2:e6:c6:95:67:a5:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Nov 11 14:00:59 2025 GMT
Not After : Nov 12 14:00:59 2025 GMT
Subject: CN=825a72acf65efa1e203a8391eb46b41b5fb47b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:7d:e0:b7:55:3b:d7:99:dc:e8:2b:fb:47:
2f:43:e7:fa:ec:cf:71:8c:af:6a:14:34:88:25:4e:
e4:37:88:d6:01:07:44:86:39:bd:ed:d6:4f:b5:01:
73:5a:b0:58:be:d2:93:bf:54:f0:6b:2a:e6:0f:67:
62:0e:b3:cb:0a:17:95:fa:86:43:d1:1b:27:d4:32:
7b:bf:6c:fd:7f:92:66:68:3b:4d:43:7b:0e:8e:03:
f6:8d:a9:15:76:a9:66:74:64:5f:bc:13:ad:bb:33:
e9:7b:82:30:42:29:1a:e1:d8:ed:c9:44:ea:17:be:
ea:59:53:fc:7e:af:67:eb:7f:8e:f3:65:cb:91:d0:
eb:11:3f:81:ad:97:c6:ce:47:58:74:e5:35:11:ad:
b4:4e:f7:29:99:b4:82:fa:a2:07:0b:5c:93:e9:0c:
58:5c:fe:db:44:ba:a1:a3:a8:f8:d6:14:67:6a:70:
4f:7f:98:e9:d8:53:af:28:95:02:79:21:ec:f7:b0:
31:52:e8:49:86:1d:12:e3:81:2e:15:45:a5:0f:c0:
a9:dc:fb:72:79:56:2f:32:72:7a:5f:91:a9:e4:f1:
34:33:50:a6:59:d9:a2:8a:0b:44:be:b0:56:4d:6c:
c2:7e:3d:f3:55:2f:7b:57:e7:f6:fa:be:54:5c:c3:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5A:72:AC:F6:5E:FA:1E:20:3A:83:91:EB:46:B4:1B:5F:B4:7B:42
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:a4:fd:5c:3a:00:a5:82:81:45:da:60:27:22:12:80:6c:d3:
83:a9:41:95:38:7a:8c:9f:b2:16:62:e1:de:de:34:32:d4:96:
3f:ec:ad:72:16:d3:f3:1e:26:14:44:93:db:8d:d9:b3:3f:98:
6b:50:62:bc:55:b1:13:d2:86:11:88:20:ca:cc:5d:b1:dc:db:
ef:19:ad:73:83:aa:fc:77:08:18:83:db:44:b9:aa:d2:ca:a9:
57:4f:df:39:23:18:8a:5b:dd:48:24:48:f4:6c:4d:fe:1c:76:
2a:a0:7d:0f:ad:b6:4e:0e:6d:1b:76:43:67:29:ae:2d:d8:ec:
91:98:8a:7c:e9:f5:1c:f8:0e:ef:30:3f:b7:ce:c3:75:9f:bc:
10:a7:40:6f:ff:f5:09:65:75:4b:af:33:f0:35:81:09:c9:cf:
97:16:f4:e1:d3:37:f5:a7:37:af:ed:fa:93:84:19:eb:22:c6:
96:7e:2a:6b:7a:64:53:8f:01:fe:08:e8:da:ea:1f:c1:3f:49:
40:89:b3:69:c1:67:ec:8e:e4:2d:93:3d:69:82:ce:ff:bd:67:
e9:09:86:2c:d1:71:27:b4:63:54:6e:f2:c6:28:24:65:57:36:
04:e3:b5:74:54:81:72:43:90:65:72:6e:23:7b:e8:61:ad:2f:
bf:cd:9f:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOEassW0V4fqi5saVZ6UyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUxMTExMTQwMDU5WhcNMjUxMTEyMTQwMDU5WjAzMTEwLwYDVQQD
Eyg4MjVhNzJhY2Y2NWVmYTFlMjAzYTgzOTFlYjQ2YjQxYjVmYjQ3YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ll94LdVO9eZ3Ogr+0cvQ+f67M9x
jK9qFDSIJU7kN4jWAQdEhjm97dZPtQFzWrBYvtKTv1TwayrmD2diDrPLCheV+oZD
0Rsn1DJ7v2z9f5JmaDtNQ3sOjgP2jakVdqlmdGRfvBOtuzPpe4IwQika4djtyUTq
F77qWVP8fq9n63+O82XLkdDrET+BrZfGzkdYdOU1Ea20TvcpmbSC+qIHC1yT6QxY
XP7bRLqho6j41hRnanBPf5jp2FOvKJUCeSHs97AxUuhJhh0S44EuFUWlD8Cp3Pty
eVYvMnJ6X5Gp5PE0M1CmWdmiigtEvrBWTWzCfj3zVS97V+f2+r5UXMPXTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJacqz2XvoeIDqDketGtBtftHtCMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIqT9XDoA
pYKBRdpgJyISgGzTg6lBlTh6jJ+yFmLh3t40MtSWP+ytchbT8x4mFEST243Zsz+Y
a1BivFWxE9KGEYggysxdsdzb7xmtc4Oq/HcIGIPbRLmq0sqpV0/fOSMYilvdSCRI
9GxN/hx2KqB9D622Tg5tG3ZDZymuLdjskZiKfOn1HPgO7zA/t87DdZ+8EKdAb//1
CWV1S68z8DWBCcnPlxb04dM39ac3r+36k4QZ6yLGln4qa3pkU48B/gjo2uofwT9J
QImzacFn7I7kLZM9aYLO/71n6QmGLNFxJ7RjVG7yxigkZVc2BOO1dFSBckOQZXJu
I3voYa0vv82fRg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:40:23 2025 by rpki-client