Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier: YcKAY+KctywH0Epvrduq2XZA7FscPuOJ+y0G0X+xxBg=
Subject key identifier: 17:B1:38:F0:76:80:53:41:B9:B2:E3:91:FE:C9:42:91:00:72:07:0C
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 019A356B9D02CA1D4E576DF50FB79DBD92DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number: 1700
Signing time: Thu 30 Oct 2025 14:00:36 +0000
Manifest this update: Thu 30 Oct 2025 14:00:36 +0000
Manifest next update: Fri 31 Oct 2025 14:00:36 +0000
Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: idxXQkrk+KWV5GS+2VtD1lwopPMbnieYhEWYtLh7lsY=)
2: nJZ2h-CE2RpObbNuUbuQAsAe9wo.roa (hash: XjXLrJ8ZAfMXOtdh84OSK02UeKqf16aa2sgmGiELBao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:6b:9d:02:ca:1d:4e:57:6d:f5:0f:b7:9d:bd:92:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Oct 30 14:00:36 2025 GMT
Not After : Oct 31 14:00:36 2025 GMT
Subject: CN=17b138f076805341b9b2e391fec942910072070c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d4:5f:8b:e4:3c:ad:c5:3a:ec:60:6b:74:61:
53:71:3e:f7:7a:8c:b0:f8:f3:89:0f:c3:3c:56:1f:
2b:a5:22:f9:82:3a:d3:ee:31:f4:10:bb:6a:56:c6:
34:8b:e6:db:d1:db:95:93:a7:45:cf:d5:88:70:f0:
9f:0d:d3:82:22:58:ba:b5:80:a6:76:59:ff:37:2e:
65:7b:90:b7:e7:9e:57:78:42:d4:b9:db:9f:e2:76:
8d:a8:9e:85:9e:68:68:cb:a1:7f:1b:49:e2:0b:f6:
cc:04:a2:16:d3:12:63:91:a5:10:85:c8:6f:62:dd:
14:0d:26:88:de:6b:d3:55:f8:84:20:57:21:5e:19:
ed:b3:3f:28:17:37:84:49:ce:86:d0:14:c8:bb:46:
97:81:5b:aa:99:20:db:7d:f0:70:a6:43:58:f8:a2:
d9:c5:b1:ed:21:95:15:c5:58:47:4e:3c:c3:06:b5:
b8:d4:c2:8d:dd:0a:9c:a9:3d:ca:f9:11:40:20:1e:
f9:59:b8:c7:3b:55:f2:55:eb:f2:49:73:57:43:56:
e0:81:79:24:de:41:f4:d1:95:3b:35:b0:a8:0a:8e:
74:4e:fa:6a:03:bc:ea:54:0d:3d:cf:6c:03:b2:65:
bc:ad:e4:49:a2:a1:96:1d:6a:2a:9a:62:e6:b0:ee:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B1:38:F0:76:80:53:41:B9:B2:E3:91:FE:C9:42:91:00:72:07:0C
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:c3:6b:24:61:a0:18:1d:29:da:e9:2e:42:a8:4a:18:9d:8b:
56:7a:c6:1c:65:ae:80:31:9b:f4:7d:5d:9d:bf:f3:37:66:f2:
54:cc:07:81:4c:af:ec:ea:1f:88:27:51:a1:84:a2:cf:b3:bf:
5b:99:29:94:ef:00:d3:26:61:a3:65:cc:3e:1f:da:ae:d3:8d:
f4:5b:9c:62:30:64:1d:15:ac:39:7c:2a:53:5f:9a:01:56:ba:
32:44:16:dc:97:36:d9:c8:bf:8e:11:15:ab:08:09:b1:91:7f:
36:36:d2:42:14:d9:fb:69:a1:cd:36:f1:ba:0a:2a:50:5c:6a:
f7:9d:12:36:4a:83:6a:ec:00:5e:80:6f:d4:08:26:e3:e1:0a:
f8:5c:33:ab:2c:0d:6d:5b:30:9c:1a:cb:bc:3d:c0:8e:99:63:
50:6b:91:70:c9:fb:18:48:54:3e:32:72:50:34:19:93:07:d4:
88:52:e8:fe:5f:44:c9:ef:2c:6b:62:11:a3:84:39:69:cb:7b:
e7:76:24:39:a7:3b:2a:f1:f4:c3:93:fd:64:22:6d:b7:ed:f4:
85:77:09:2c:bb:e2:11:f7:0c:5c:dc:ef:1f:f6:e2:b4:96:f3:
ef:dc:2b:2e:64:17:f3:44:08:d8:e9:73:04:f1:37:4a:d7:cd:
b5:84:d6:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo1a50Cyh1OV231D7edvZLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjUxMDMwMTQwMDM2WhcNMjUxMDMxMTQwMDM2WjAzMTEwLwYDVQQD
EygxN2IxMzhmMDc2ODA1MzQxYjliMmUzOTFmZWM5NDI5MTAwNzIwNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtRfi+Q8rcU67GBrdGFTcT73eoyw
+POJD8M8Vh8rpSL5gjrT7jH0ELtqVsY0i+bb0duVk6dFz9WIcPCfDdOCIli6tYCm
dln/Ny5le5C3555XeELUuduf4naNqJ6Fnmhoy6F/G0niC/bMBKIW0xJjkaUQhchv
Yt0UDSaI3mvTVfiEIFchXhntsz8oFzeESc6G0BTIu0aXgVuqmSDbffBwpkNY+KLZ
xbHtIZUVxVhHTjzDBrW41MKN3QqcqT3K+RFAIB75WbjHO1XyVevySXNXQ1bggXkk
3kH00ZU7NbCoCo50TvpqA7zqVA09z2wDsmW8reRJoqGWHWoqmmLmsO5iDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBexOPB2gFNBubLjkf7JQpEAcgcMMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcNrJGGg
GB0p2ukuQqhKGJ2LVnrGHGWugDGb9H1dnb/zN2byVMwHgUyv7OofiCdRoYSiz7O/
W5kplO8A0yZho2XMPh/artON9FucYjBkHRWsOXwqU1+aAVa6MkQW3Jc22ci/jhEV
qwgJsZF/NjbSQhTZ+2mhzTbxugoqUFxq950SNkqDauwAXoBv1Agm4+EK+FwzqywN
bVswnBrLvD3AjpljUGuRcMn7GEhUPjJyUDQZkwfUiFLo/l9Eye8sa2IRo4Q5act7
53YkOac7KvH0w5P9ZCJtt+30hXcJLLviEfcMXNzvH/bitJbz79wrLmQX80QI2Olz
BPE3StfNtYTWSA==
-----END CERTIFICATE-----
Generated at Thu Oct 30 18:11:46 2025 by rpki-client