Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json)
Hash identifier: YNAOIitXl7HSlhQzw0ohXGQFZ+RfDfWTRmCM6p8MJlo=
Subject key identifier: F2:5E:EE:AE:5C:D5:46:98:CD:44:4C:11:75:B7:34:7C:36:FE:EA:C8
Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Certificate serial: 019A2A444813122D8701DB50443E69659813
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
Manifest number: 15BD
Signing time: Tue 28 Oct 2025 10:01:49 +0000
Manifest this update: Tue 28 Oct 2025 10:01:49 +0000
Manifest next update: Wed 29 Oct 2025 10:01:49 +0000
Files and hashes: 1: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: NasHsPmm5evK8jT1O2Hr/BJt/kCQvnsgJrCYhZAe0w8=)
2: jkQdp6EX7jHh6f31YxZYZhR0C8U.roa (hash: FmayEZ/+k7yvcImZRXEurVZdNlGpk+kZM2DFLPiqTu8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:44:48:13:12:2d:87:01:db:50:44:3e:69:65:98:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0
Validity
Not Before: Oct 28 10:01:49 2025 GMT
Not After : Oct 29 10:01:49 2025 GMT
Subject: CN=f25eeeae5cd54698cd444c1175b7347c36feeac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:6d:dc:ac:b4:6c:8e:c0:da:96:65:0e:e1:
71:d2:2c:59:f0:1a:08:a2:97:4e:af:b9:78:98:46:
88:91:89:aa:7f:59:3f:f4:22:fc:59:72:8e:28:be:
61:fd:27:12:6d:b0:4b:57:35:62:83:98:9a:33:bd:
59:fc:19:31:c3:af:9d:10:9b:bd:0e:58:6f:72:48:
63:a5:ea:f9:9b:8e:ed:a9:99:4d:8c:fd:3d:04:cb:
2f:10:6e:f4:a0:8c:0c:a6:fe:85:d4:ba:3e:96:32:
93:2e:81:30:93:a3:e6:ac:aa:1d:45:c0:66:81:c2:
51:63:95:fd:24:e1:8f:cc:fb:b1:fe:44:67:1a:0d:
64:03:61:9b:a8:6c:01:af:68:31:4c:3a:69:c6:a8:
25:74:5a:51:7f:4c:bc:3e:f9:aa:c1:dc:88:87:cb:
ef:70:a4:7b:48:28:14:82:c6:83:91:4a:83:ad:e4:
4d:86:f7:c0:7c:a0:24:4d:4d:4e:87:0b:d7:0e:7f:
70:9c:d8:45:e1:0a:0a:bc:24:58:cf:1e:a9:30:30:
51:7a:16:3b:72:08:4c:95:59:d3:fb:cf:41:f1:14:
7f:3d:b5:d6:ef:6d:6a:88:5f:90:69:55:ef:9b:9f:
fc:0d:4b:d4:ba:6c:4e:22:0d:23:c0:78:b8:6e:3e:
99:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5E:EE:AE:5C:D5:46:98:CD:44:4C:11:75:B7:34:7C:36:FE:EA:C8
X509v3 Authority Key Identifier:
keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:9d:b5:3a:05:99:56:fe:e2:ea:d7:3a:1f:59:fe:80:86:5d:
e3:00:60:50:4f:ec:b9:e3:22:85:f3:d4:7d:6b:e5:24:28:88:
63:50:35:c0:38:ff:54:85:27:af:05:e8:5c:9e:3b:23:67:77:
91:ed:b6:be:4a:4e:da:5c:c9:e9:c5:a2:61:26:4e:e8:4c:49:
11:be:91:9d:5c:35:2d:d0:74:67:5e:33:ac:b1:73:f1:3f:c5:
82:3e:77:e4:3b:ff:99:c2:2d:db:2b:d3:c4:3c:df:f7:a3:0f:
54:50:72:e1:b7:e9:09:38:cb:34:fe:51:25:86:0a:60:aa:36:
19:00:82:4a:b3:8e:5b:fc:7e:c7:8f:e1:2e:30:8f:4f:60:b2:
d0:77:27:b1:bc:1c:31:5d:a7:5c:b3:2a:e2:e4:5c:92:ed:fd:
05:e1:c3:87:e6:5d:e4:86:fd:61:06:df:57:98:09:ac:48:76:
1d:a7:28:c6:08:97:a3:ec:e4:52:0b:46:43:be:1c:f6:ca:8e:
ca:3a:4f:ed:8b:c9:e2:91:2f:a4:a3:34:fb:e5:49:f3:82:e4:
f5:54:b3:23:46:79:8f:7e:6c:a3:09:3f:91:fe:00:c8:d8:2d:
af:11:a1:91:b1:9d:16:d2:6f:21:3a:e9:1b:76:7f:25:a0:3a:
ac:09:ff:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqREgTEi2HAdtQRD5pZZgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2
OTc5ZDAwHhcNMjUxMDI4MTAwMTQ5WhcNMjUxMDI5MTAwMTQ5WjAzMTEwLwYDVQQD
EyhmMjVlZWVhZTVjZDU0Njk4Y2Q0NDRjMTE3NWI3MzQ3YzM2ZmVlYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqpt3Ky0bI7A2pZlDuFx0ixZ8BoI
opdOr7l4mEaIkYmqf1k/9CL8WXKOKL5h/ScSbbBLVzVig5iaM71Z/Bkxw6+dEJu9
Dlhvckhjper5m47tqZlNjP09BMsvEG70oIwMpv6F1Lo+ljKTLoEwk6PmrKodRcBm
gcJRY5X9JOGPzPux/kRnGg1kA2GbqGwBr2gxTDppxqgldFpRf0y8PvmqwdyIh8vv
cKR7SCgUgsaDkUqDreRNhvfAfKAkTU1OhwvXDn9wnNhF4QoKvCRYzx6pMDBRehY7
cghMlVnT+89B8RR/PbXW721qiF+QaVXvm5/8DUvUumxOIg0jwHi4bj6ZpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJe7q5c1UaYzURMEXW3NHw2/urIMB8GA1UdIwQY
MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt
Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx
LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZ21OgWZ
Vv7i6tc6H1n+gIZd4wBgUE/sueMihfPUfWvlJCiIY1A1wDj/VIUnrwXoXJ47I2d3
ke22vkpO2lzJ6cWiYSZO6ExJEb6RnVw1LdB0Z14zrLFz8T/Fgj535Dv/mcIt2yvT
xDzf96MPVFBy4bfpCTjLNP5RJYYKYKo2GQCCSrOOW/x+x4/hLjCPT2Cy0Hcnsbwc
MV2nXLMq4uRcku39BeHDh+Zd5Ib9YQbfV5gJrEh2HacoxgiXo+zkUgtGQ74c9sqO
yjpP7YvJ4pEvpKM0++VJ84Lk9VSzI0Z5j35sowk/kf4AyNgtrxGhkbGdFtJvITrp
G3Z/JaA6rAn/6Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 14:14:36 2025 by rpki-client