Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: OFaYAQEQxeI5kw5JqUPuAALWbTRmYyFeFVwp6SlesVM=
Subject key identifier: 58:E0:08:FD:2B:D4:01:77:FE:EB:A6:36:EA:9B:0D:CA:2A:E2:78:CF
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019A20D21A1EE405356FA36297BE95770904
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 1701
Signing time: Sun 26 Oct 2025 14:00:31 +0000
Manifest this update: Sun 26 Oct 2025 14:00:31 +0000
Manifest next update: Mon 27 Oct 2025 14:00:31 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: nDo8ZYwpIwNegKr8EbCyripgOtO/9gM5iSn+9L7iv8Q=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:20:d2:1a:1e:e4:05:35:6f:a3:62:97:be:95:77:09:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Oct 26 14:00:31 2025 GMT
Not After : Oct 27 14:00:31 2025 GMT
Subject: CN=58e008fd2bd40177feeba636ea9b0dca2ae278cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d1:a3:3b:e0:63:fb:14:4d:77:65:67:bb:70:
a0:34:77:db:d1:c1:c0:c9:76:b3:97:43:30:0c:70:
a8:40:39:bd:5d:b8:eb:2e:c5:0a:87:c0:e6:36:ea:
13:66:ee:e7:14:ed:4f:f6:58:9d:8f:ca:3f:e8:f7:
3a:75:82:22:b9:60:89:72:4d:3d:0c:ac:74:32:61:
31:a5:46:b8:26:2f:d7:13:35:52:9d:dc:af:e4:f0:
6d:80:c8:e1:de:89:f3:41:86:00:d4:d6:33:08:94:
91:ba:ff:52:c4:13:28:ea:0d:32:e6:fd:b7:4b:39:
a1:6a:3a:48:6c:b7:f6:f3:41:61:20:d2:65:a8:16:
68:5a:2e:ef:a0:9d:a8:cf:64:5e:5d:fd:d4:4b:99:
69:10:48:57:24:76:2b:bc:2e:3a:51:80:d2:f7:4c:
21:74:6f:49:28:92:52:43:c6:c2:f4:c7:1b:dd:09:
c3:de:f4:a4:98:e4:66:eb:0f:86:a2:9c:d7:cd:c6:
63:9e:dd:0c:1c:4c:eb:5f:38:ad:35:70:cb:a2:5e:
c0:e0:78:04:ed:be:c5:5b:12:44:d8:00:cb:99:e9:
d9:cc:0f:ae:1f:80:f3:9c:5b:ea:ea:86:51:3d:ff:
6d:7f:3a:f9:41:c7:8a:a7:7d:a8:12:51:2b:7b:aa:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E0:08:FD:2B:D4:01:77:FE:EB:A6:36:EA:9B:0D:CA:2A:E2:78:CF
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:74:c4:2f:b0:29:a1:86:4f:38:0c:eb:b9:1d:c3:d0:30:01:
c4:96:6c:29:18:0b:3d:e7:28:aa:20:3f:fd:fa:62:d9:f0:fe:
59:89:4a:de:9c:4d:39:9f:79:c0:66:63:01:62:b3:aa:c7:a5:
3d:d6:f8:47:23:27:31:8c:73:17:d5:6e:df:91:42:fc:4b:8c:
06:14:60:ef:68:fe:1d:64:bd:bc:95:28:f1:0d:da:60:39:27:
3e:8c:51:1e:ef:ab:d6:ce:02:20:01:13:a8:59:5e:19:20:4a:
1d:f5:05:49:51:03:72:42:7c:9c:03:b4:02:76:a8:96:31:7d:
10:d3:21:3e:f9:9f:00:c3:68:0c:a0:4e:8b:ea:f4:89:f9:d2:
82:b9:10:df:c9:b4:91:cd:d0:d7:73:75:b3:88:48:10:f1:5f:
42:2b:a5:41:4e:00:67:6d:45:17:f4:dd:6f:77:0d:32:dd:82:
bc:26:e6:32:e0:4e:9b:d7:a7:02:aa:66:c8:50:ac:5a:d5:67:
0e:84:51:82:a1:53:8c:1e:0e:e1:95:ee:30:c9:2c:c8:27:01:
48:47:a9:db:40:cf:62:e9:57:b0:10:cf:7e:c7:9e:34:db:60:
78:81:4b:cb:a3:58:a0:d0:78:f8:6b:e6:5b:c9:5e:5e:bf:f6:
33:00:76:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZog0hoe5AU1b6Nil76VdwkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUxMDI2MTQwMDMxWhcNMjUxMDI3MTQwMDMxWjAzMTEwLwYDVQQD
Eyg1OGUwMDhmZDJiZDQwMTc3ZmVlYmE2MzZlYTliMGRjYTJhZTI3OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69GjO+Bj+xRNd2Vnu3CgNHfb0cHA
yXazl0MwDHCoQDm9XbjrLsUKh8DmNuoTZu7nFO1P9lidj8o/6Pc6dYIiuWCJck09
DKx0MmExpUa4Ji/XEzVSndyv5PBtgMjh3onzQYYA1NYzCJSRuv9SxBMo6g0y5v23
SzmhajpIbLf280FhINJlqBZoWi7voJ2oz2ReXf3US5lpEEhXJHYrvC46UYDS90wh
dG9JKJJSQ8bC9Mcb3QnD3vSkmORm6w+GopzXzcZjnt0MHEzrXzitNXDLol7A4HgE
7b7FWxJE2ADLmenZzA+uH4DznFvq6oZRPf9tfzr5QceKp32oElEre6qvzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjgCP0r1AF3/uumNuqbDcoq4njPMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHTEL7Ap
oYZPOAzruR3D0DABxJZsKRgLPecoqiA//fpi2fD+WYlK3pxNOZ95wGZjAWKzqsel
Pdb4RyMnMYxzF9Vu35FC/EuMBhRg72j+HWS9vJUo8Q3aYDknPoxRHu+r1s4CIAET
qFleGSBKHfUFSVEDckJ8nAO0AnaoljF9ENMhPvmfAMNoDKBOi+r0ifnSgrkQ38m0
kc3Q13N1s4hIEPFfQiulQU4AZ21FF/Tdb3cNMt2CvCbmMuBOm9enAqpmyFCsWtVn
DoRRgqFTjB4O4ZXuMMksyCcBSEep20DPYulXsBDPfseeNNtgeIFLy6NYoNB4+Gvm
W8leXr/2MwB2xg==
-----END CERTIFICATE-----
Generated at Sun Oct 26 20:37:30 2025 by rpki-client