Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.mft
File: aUAlihpormBcBz-1g7E-E3a3eKc.mft (raw, json)
Hash identifier: yACwZNgbFlSm6mG7AguBIllopXiPgCbE1b4uPO9Cvxs=
Subject key identifier: 5D:65:63:B3:CC:25:61:6B:06:6D:CD:79:CD:67:D5:86:1B:12:E8:F8
Authority key identifier: 69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
Certificate issuer: /CN=6940258a1a68ae605c073fb583b13e1376b778a7
Certificate serial: 019A71EE7F56382A418ADB747DF3C55BD3DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 08:00:46 +0000
Manifest this update: Tue 11 Nov 2025 08:00:46 +0000
Manifest next update: Wed 12 Nov 2025 08:00:46 +0000
Files and hashes: 1: 2sc4xknukJW-o5vl5Fz96F0QucA.roa (hash: MbYv6i++8VmdaYHm6adLazhX2ff10i5IN4qgNm5FoPs=)
2: aUAlihpormBcBz-1g7E-E3a3eKc.crl (hash: 1BZDdNpaEMF+7xpBKbl4iVzMF3RdrK6Q31oDASrBegs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:7f:56:38:2a:41:8a:db:74:7d:f3:c5:5b:d3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6940258a1a68ae605c073fb583b13e1376b778a7
Validity
Not Before: Nov 11 08:00:46 2025 GMT
Not After : Nov 12 08:00:46 2025 GMT
Subject: CN=5d6563b3cc25616b066dcd79cd67d5861b12e8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:ee:11:37:0c:ad:bb:60:c8:69:b0:89:da:
dc:aa:ae:39:07:96:72:e1:5a:e9:ae:1d:63:00:ec:
5e:02:e2:b2:2e:5c:e0:84:48:60:ec:8e:c9:b1:7e:
36:20:30:d7:21:9f:cb:f9:36:85:a6:94:83:1a:64:
a3:a7:58:65:fb:bb:72:53:d2:48:2d:69:af:44:bf:
9b:7f:c6:49:11:d7:9d:5e:63:54:6e:2c:04:2d:97:
f1:f0:e2:60:d8:a4:bf:18:55:33:d2:d0:5c:70:50:
9f:3e:15:f2:e6:61:96:19:45:84:27:7d:df:5b:78:
1b:75:e9:2f:09:0a:b8:b0:ee:e2:0b:29:cd:07:17:
eb:1f:89:37:e5:be:fa:68:f2:22:1b:11:40:81:f7:
4f:21:e1:5b:c0:e8:d2:e4:bb:c3:08:11:05:13:4d:
24:c0:52:16:c6:1e:0a:d0:2c:f1:dd:5e:09:66:e6:
98:14:d6:ac:dd:69:4c:e6:f0:2f:14:f9:d8:f6:5a:
5f:22:ea:23:e1:7b:d1:63:01:dd:c9:1a:ff:11:f2:
93:72:98:68:0c:93:d5:a3:b6:1d:a6:da:1f:58:41:
f5:e7:fd:20:aa:c0:dd:a5:5d:8e:94:0d:5f:c9:b6:
1a:67:f1:4d:53:65:63:6d:0b:4e:4d:81:54:42:d9:
6c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:65:63:B3:CC:25:61:6B:06:6D:CD:79:CD:67:D5:86:1B:12:E8:F8
X509v3 Authority Key Identifier:
keyid:69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:82:aa:e8:5c:4a:47:ab:12:65:12:24:d6:00:78:72:83:b3:
64:81:62:05:45:73:fe:02:8c:2d:7f:be:99:6a:be:4f:f3:ba:
08:8f:ad:a4:d8:04:e9:bf:ef:3f:9f:69:d4:d3:4e:00:c0:90:
88:53:24:26:05:05:b0:7e:04:b6:4d:61:c8:3f:62:ee:a3:1f:
b1:07:64:d4:0c:91:60:ef:81:79:f3:11:fc:ec:58:f6:45:23:
36:7d:d8:0c:a0:e7:1b:0e:80:0b:4f:20:f6:3e:ae:05:ae:c5:
45:ef:dd:a2:5a:11:54:07:c4:dc:21:66:ea:f0:b7:2e:f3:91:
72:08:5c:1b:74:85:fe:8e:83:9f:25:d0:7c:14:a5:f4:cc:d8:
71:8d:5a:fb:0c:50:16:d6:97:c7:69:88:d8:42:fb:5f:ac:db:
98:e3:cb:a6:03:f7:a9:7c:95:e0:56:19:c2:d2:84:91:3c:00:
d7:70:c5:a4:9b:40:8e:c4:41:ea:ea:d0:7c:1b:43:34:2e:31:
47:d6:de:f8:66:44:35:ee:72:23:23:6c:d9:fc:43:2a:54:aa:
0d:58:b7:22:cf:71:a8:10:22:83:c1:cb:17:9a:11:24:1d:d3:
6f:8a:8d:dd:f3:f9:1b:b8:84:c9:40:ea:8f:5f:24:34:f2:12:
63:36:cf:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7n9WOCpBitt0ffPFW9PdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDAyNThhMWE2OGFlNjA1YzA3M2ZiNTgzYjEzZTEzNzZi
Nzc4YTcwHhcNMjUxMTExMDgwMDQ2WhcNMjUxMTEyMDgwMDQ2WjAzMTEwLwYDVQQD
Eyg1ZDY1NjNiM2NjMjU2MTZiMDY2ZGNkNzljZDY3ZDU4NjFiMTJlOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFvuETcMrbtgyGmwidrcqq45B5Zy
4Vrprh1jAOxeAuKyLlzghEhg7I7JsX42IDDXIZ/L+TaFppSDGmSjp1hl+7tyU9JI
LWmvRL+bf8ZJEdedXmNUbiwELZfx8OJg2KS/GFUz0tBccFCfPhXy5mGWGUWEJ33f
W3gbdekvCQq4sO7iCynNBxfrH4k35b76aPIiGxFAgfdPIeFbwOjS5LvDCBEFE00k
wFIWxh4K0Czx3V4JZuaYFNas3WlM5vAvFPnY9lpfIuoj4XvRYwHdyRr/EfKTcpho
DJPVo7YdptofWEH15/0gqsDdpV2OlA1fybYaZ/FNU2VjbQtOTYFUQtlsqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1lY7PMJWFrBm3Nec1n1YYbEuj4MB8GA1UdIwQY
MBaAFGlAJYoaaK5gXAc/tYOxPhN2t3inMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgt
NzQ5ZTk4MGVjMGI3LzEvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgtNzQ5ZTk4MGVjMGI3
LzEvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVYKq6FxK
R6sSZRIk1gB4coOzZIFiBUVz/gKMLX++mWq+T/O6CI+tpNgE6b/vP59p1NNOAMCQ
iFMkJgUFsH4Etk1hyD9i7qMfsQdk1AyRYO+BefMR/OxY9kUjNn3YDKDnGw6AC08g
9j6uBa7FRe/doloRVAfE3CFm6vC3LvORcghcG3SF/o6DnyXQfBSl9MzYcY1a+wxQ
FtaXx2mI2EL7X6zbmOPLpgP3qXyV4FYZwtKEkTwA13DFpJtAjsRB6urQfBtDNC4x
R9be+GZENe5yIyNs2fxDKlSqDVi3Is9xqBAig8HLF5oRJB3Tb4qN3fP5G7iEyUDq
j18kNPISYzbPCA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:00:53 2025 by rpki-client