Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File: rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier: kOXerrnyec1jylv5v4s6uFlRI6uWAngse7FjQBX2kbY=
Subject key identifier: B5:75:0F:68:9F:CA:47:89:1C:EC:F4:7E:20:3F:1D:A7:C4:F0:7F:3C
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer: /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial: 019A72259C56CE13BAE0F91966B29EC429EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number: 0B2E
Signing time: Tue 11 Nov 2025 09:00:58 +0000
Manifest this update: Tue 11 Nov 2025 09:00:58 +0000
Manifest next update: Wed 12 Nov 2025 09:00:58 +0000
Files and hashes: 1: QsrgGtjjVfYUdnjVBy3FKVxOReM.roa (hash: /bct/glFTr5+fLpXRU1WLa/LnjLyQigL1zGVjyxrPQI=)
2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: n+E6pv3STdDhDPboNgrvykE4Kp5RbaZ+SfIafzc5bFI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:9c:56:ce:13:ba:e0:f9:19:66:b2:9e:c4:29:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Validity
Not Before: Nov 11 09:00:58 2025 GMT
Not After : Nov 12 09:00:58 2025 GMT
Subject: CN=b5750f689fca47891cecf47e203f1da7c4f07f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:1d:4d:99:48:dc:06:c6:9e:36:8e:b4:de:
33:ae:b6:31:42:c6:de:bc:c8:ed:0a:2f:ba:bb:cf:
bb:9b:43:e9:81:95:85:b4:f6:46:7f:87:a2:58:d2:
bf:5e:56:c5:06:b7:b5:73:98:57:eb:5b:11:5e:c6:
2d:63:63:30:bc:7a:35:dd:da:05:e3:e8:56:f2:6d:
ec:fc:87:ff:a7:12:52:80:0d:b1:4e:99:42:2d:fb:
87:e4:56:60:d2:42:76:77:f6:19:1f:ee:3b:a3:ba:
91:5e:7c:64:95:e8:4f:c4:ce:79:92:ff:21:4f:fc:
c2:3c:55:05:db:d9:52:fc:07:5b:9b:45:e0:92:f2:
7a:b5:0b:81:90:2d:67:19:63:f1:9b:45:58:ab:03:
d0:cd:dd:1f:8c:88:f4:f1:20:2e:22:6b:05:b4:15:
5b:f9:7e:49:e8:b1:b5:b0:f3:0c:69:0c:cd:8c:b4:
4e:06:76:b2:59:fa:5a:92:8e:e5:f9:6b:f5:d5:ae:
12:0a:e0:40:df:cb:8c:c9:b3:b8:62:f9:12:b1:82:
b8:10:09:c4:16:27:5e:32:8b:ed:f3:20:33:ff:1f:
82:50:5d:03:2e:16:a7:90:ca:9b:4a:a4:ea:75:d9:
17:f3:d4:22:da:3c:c5:2a:57:08:ec:c8:f9:b3:1f:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:75:0F:68:9F:CA:47:89:1C:EC:F4:7E:20:3F:1D:A7:C4:F0:7F:3C
X509v3 Authority Key Identifier:
keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:e2:5b:dd:d5:d4:0b:e9:cd:7d:d4:f9:e4:26:36:d3:86:53:
ce:d8:67:88:37:b4:1b:5d:fc:63:07:59:e4:bf:ee:8d:7d:e3:
a4:14:cb:3f:8b:68:52:6c:86:04:69:e5:d6:3b:8d:36:e2:9c:
12:ac:42:0b:c9:d7:9b:9c:d4:e4:ea:70:34:1c:92:c5:a3:d5:
5f:bb:a2:7b:ac:07:87:3f:8d:21:e2:99:21:26:99:b8:0e:bd:
53:2e:28:75:6d:4d:c0:52:a5:07:33:1a:07:0d:53:cb:bb:b3:
2b:ab:93:af:49:6f:bf:a8:17:e0:45:94:b1:3d:bc:17:bb:3f:
67:4f:12:ab:c7:84:12:c3:7a:d9:0e:7b:2f:28:03:fe:23:0e:
c8:ba:8d:9b:04:37:e3:93:ec:12:84:07:82:1d:44:79:52:43:
fc:9d:ae:1d:e5:02:88:b9:9a:37:d7:b9:00:da:3d:cf:1c:14:
df:ba:e4:60:a3:41:9e:59:26:03:de:e9:6b:14:e5:07:f6:c1:
5d:61:5b:02:83:11:2f:1d:a8:2a:7f:f4:6c:f7:ff:ec:00:e9:
55:70:9e:e9:03:84:8b:d2:21:6c:17:70:f3:67:5b:b1:d3:a5:
7e:5c:3d:53:d3:32:cb:92:ce:81:31:d2:08:94:85:c8:0a:36:
74:d8:66:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZxWzhO64PkZZrKexCnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
EyhiNTc1MGY2ODlmY2E0Nzg5MWNlY2Y0N2UyMDNmMWRhN2M0ZjA3ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXodTZlI3AbGnjaOtN4zrrYxQsbe
vMjtCi+6u8+7m0PpgZWFtPZGf4eiWNK/XlbFBre1c5hX61sRXsYtY2MwvHo13doF
4+hW8m3s/If/pxJSgA2xTplCLfuH5FZg0kJ2d/YZH+47o7qRXnxklehPxM55kv8h
T/zCPFUF29lS/Adbm0XgkvJ6tQuBkC1nGWPxm0VYqwPQzd0fjIj08SAuImsFtBVb
+X5J6LG1sPMMaQzNjLROBnayWfpako7l+Wv11a4SCuBA38uMybO4YvkSsYK4EAnE
FideMovt8yAz/x+CUF0DLhankMqbSqTqddkX89Qi2jzFKlcI7Mj5sx81vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLV1D2ifykeJHOz0fiA/HafE8H88MB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuJb3dXU
C+nNfdT55CY204ZTzthniDe0G138YwdZ5L/ujX3jpBTLP4toUmyGBGnl1juNNuKc
EqxCC8nXm5zU5OpwNBySxaPVX7uie6wHhz+NIeKZISaZuA69Uy4odW1NwFKlBzMa
Bw1Ty7uzK6uTr0lvv6gX4EWUsT28F7s/Z08Sq8eEEsN62Q57LygD/iMOyLqNmwQ3
45PsEoQHgh1EeVJD/J2uHeUCiLmaN9e5ANo9zxwU37rkYKNBnlkmA97paxTlB/bB
XWFbAoMRLx2oKn/0bPf/7ADpVXCe6QOEi9IhbBdw82dbsdOlflw9U9Myy5LOgTHS
CJSFyAo2dNhm7w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:58 2025 by rpki-client