Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: uwPHGAptpbY8n4jrHaaacIHudBqJF3i9fefaoD+v+So=
Subject key identifier: D4:E6:4D:62:D7:25:E0:C0:BF:8E:FA:2E:6D:C2:F2:A5:88:5C:71:89
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 019A725C4C4DAAE3107BEEFB62F67E5A9257
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0E29
Signing time: Tue 11 Nov 2025 10:00:42 +0000
Manifest this update: Tue 11 Nov 2025 10:00:42 +0000
Manifest next update: Wed 12 Nov 2025 10:00:42 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: 6n60Dxn0hZ0thmRssDDCZMdBFKJDqhIF9i8m3VAZaPg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:4c:4d:aa:e3:10:7b:ee:fb:62:f6:7e:5a:92:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Nov 11 10:00:42 2025 GMT
Not After : Nov 12 10:00:42 2025 GMT
Subject: CN=d4e64d62d725e0c0bf8efa2e6dc2f2a5885c7189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:43:8b:ca:09:d1:31:70:74:9e:9e:f8:3d:65:
57:a1:6f:76:40:0e:2a:68:e1:56:b4:db:a5:23:05:
7f:0f:3d:62:c7:d9:64:87:df:52:a1:0f:4c:d0:01:
8e:60:5d:4a:c6:53:65:b6:df:2f:c8:fe:55:d2:8c:
06:02:16:d9:bb:d4:87:64:a2:cd:d3:42:b0:e8:fd:
5f:f7:a2:d2:10:b5:f2:ae:4e:5f:3f:e0:cc:4d:b0:
4f:3f:8c:40:eb:71:b9:ee:1a:84:0c:d8:7a:5e:83:
ca:32:17:9a:e2:bd:53:7b:7f:65:55:bd:fd:dd:26:
30:80:b2:fa:e9:d4:8e:5c:83:31:a9:5f:6b:08:80:
93:0d:70:61:0c:6c:75:47:d8:c0:7a:8b:2d:0b:a5:
bf:a1:be:60:36:af:ac:c1:7d:af:d0:41:6f:36:4b:
d7:09:b4:55:c4:9d:85:3a:21:99:e4:7e:89:2a:a7:
9e:3b:84:5e:8f:4c:25:f9:1a:07:7c:28:49:4c:06:
af:7b:82:f9:e8:21:ce:1c:ae:c0:df:23:f7:d6:da:
c7:08:ac:be:40:72:67:24:16:0e:2d:a2:6b:a7:91:
04:f7:84:8b:e6:2a:c8:14:8d:b4:31:9c:89:38:f6:
7f:25:c7:96:c8:50:ed:4e:bc:4a:db:6f:41:de:a3:
ef:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E6:4D:62:D7:25:E0:C0:BF:8E:FA:2E:6D:C2:F2:A5:88:5C:71:89
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:fd:d2:01:21:03:97:d6:a1:e1:df:fb:0d:ed:f0:dd:05:bd:
66:03:37:da:f4:ce:02:c8:7c:4d:07:cd:3a:15:02:46:71:6e:
18:0a:90:28:10:cd:f3:1d:7f:58:df:09:e7:6c:29:49:6b:91:
21:89:da:1f:ad:79:4f:d8:78:0d:7d:fd:d9:c7:42:cf:48:d4:
f4:9b:ee:cd:c7:59:7b:74:57:d3:b5:20:a1:b5:26:ab:74:75:
65:d1:b6:06:87:21:6d:03:39:7c:f9:a7:5e:6d:79:08:f2:e6:
36:2f:c3:6d:6f:44:be:a4:8c:c9:19:a9:4c:d2:80:13:25:10:
f4:6d:ca:93:83:e6:7a:05:65:e7:da:8c:46:c0:8f:c0:32:fe:
ea:97:6d:60:bb:ed:27:90:44:46:f3:a2:2c:91:c6:0c:ae:79:
53:e2:e1:d2:ba:b1:27:8e:78:20:b9:68:c3:93:15:94:d7:25:
71:76:3b:c6:56:f0:17:4c:a4:08:c5:be:27:de:d8:e7:e3:e2:
a0:fe:53:24:a8:fd:0b:96:eb:20:7a:7a:fb:0a:55:c3:1c:34:
7a:fc:d4:ed:06:c7:39:49:a8:e7:4b:eb:24:e0:87:7e:88:ac:
9b:3d:b7:65:e6:0a:bc:d8:45:52:17:78:85:05:0e:c8:23:e8:
d6:05:07:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXExNquMQe+77YvZ+WpJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUxMTExMTAwMDQyWhcNMjUxMTEyMTAwMDQyWjAzMTEwLwYDVQQD
EyhkNGU2NGQ2MmQ3MjVlMGMwYmY4ZWZhMmU2ZGMyZjJhNTg4NWM3MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0OLygnRMXB0np74PWVXoW92QA4q
aOFWtNulIwV/Dz1ix9lkh99SoQ9M0AGOYF1KxlNltt8vyP5V0owGAhbZu9SHZKLN
00Kw6P1f96LSELXyrk5fP+DMTbBPP4xA63G57hqEDNh6XoPKMhea4r1Te39lVb39
3SYwgLL66dSOXIMxqV9rCICTDXBhDGx1R9jAeostC6W/ob5gNq+swX2v0EFvNkvX
CbRVxJ2FOiGZ5H6JKqeeO4Rej0wl+RoHfChJTAave4L56CHOHK7A3yP31trHCKy+
QHJnJBYOLaJrp5EE94SL5irIFI20MZyJOPZ/JceWyFDtTrxK229B3qPv+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTmTWLXJeDAv476Lm3C8qWIXHGJMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxv3SASED
l9ah4d/7De3w3QW9ZgM32vTOAsh8TQfNOhUCRnFuGAqQKBDN8x1/WN8J52wpSWuR
IYnaH615T9h4DX392cdCz0jU9JvuzcdZe3RX07UgobUmq3R1ZdG2BochbQM5fPmn
Xm15CPLmNi/DbW9EvqSMyRmpTNKAEyUQ9G3Kk4PmegVl59qMRsCPwDL+6pdtYLvt
J5BERvOiLJHGDK55U+Lh0rqxJ454ILlow5MVlNclcXY7xlbwF0ykCMW+J97Y5+Pi
oP5TJKj9C5brIHp6+wpVwxw0evzU7QbHOUmo50vrJOCHfoismz23ZeYKvNhFUhd4
hQUOyCPo1gUHFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:48 2025 by rpki-client