Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
File: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft (raw, json)
Hash identifier: 9Vdnd8NQVvmDB6U6wQNT/gw5+4yYJ3VWJtbxc4QpW8U=
Subject key identifier: 55:D0:9F:0F:EB:0F:6A:F1:A0:C7:6F:23:C5:C4:27:97:2B:B2:C4:2B
Authority key identifier: 03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E
Certificate issuer: /CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e
Certificate serial: 019A70DBE2ED30FF69AEBA204004B7E32616
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
Manifest number: 06AF
Signing time: Tue 11 Nov 2025 03:00:49 +0000
Manifest this update: Tue 11 Nov 2025 03:00:49 +0000
Manifest next update: Wed 12 Nov 2025 03:00:49 +0000
Files and hashes: 1: 1ofY17NAwbyhAHFj_yBzaevRgc4.roa (hash: FPWNmGXZmy3JcSLxjIHQ6BJRP2baM9xmkXSCswGMYik=)
2: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl (hash: zBgyZA9aUgVT89vcidc2o3eiFVltW36QQFCs1nCEeCs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:e2:ed:30:ff:69:ae:ba:20:40:04:b7:e3:26:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e
Validity
Not Before: Nov 11 03:00:49 2025 GMT
Not After : Nov 12 03:00:49 2025 GMT
Subject: CN=55d09f0feb0f6af1a0c76f23c5c427972bb2c42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0d:31:24:8c:8c:b4:c2:61:03:8a:28:80:b7:
4c:36:89:a3:db:91:ba:df:17:5d:b6:dd:ba:7b:db:
88:6b:3e:2f:c9:1e:c3:5c:ce:d4:53:18:db:b1:b6:
05:b9:27:b3:49:d5:34:7f:f6:81:5e:99:60:41:70:
54:0a:b9:85:6a:b2:cf:92:7f:ce:b5:23:ff:b4:ba:
e3:c5:ee:ad:0f:38:8c:6a:93:af:c7:db:99:bd:7f:
58:1c:e2:8b:4d:a9:c5:7f:d1:a0:26:37:13:d0:c5:
df:40:30:a2:ea:14:53:97:f2:62:81:2b:ec:59:42:
7a:41:76:12:62:30:5d:5a:9e:09:e2:56:3c:af:8d:
46:ea:f5:58:38:06:68:d2:48:c8:55:77:04:c6:1d:
3b:5a:12:5d:ff:27:7b:b4:ff:b9:40:6e:41:49:c1:
75:56:60:89:db:60:5b:7a:89:e4:0b:ed:cc:ee:0e:
91:9a:b3:1b:70:fb:d3:f5:b0:d4:77:47:b8:30:3f:
a8:28:9e:5e:e8:05:98:0a:94:de:71:c3:bc:9c:30:
17:1f:9a:4e:67:69:85:96:11:ef:69:cb:9b:ec:4b:
c8:7c:25:53:8b:c8:91:67:9e:04:59:71:42:d7:40:
ad:9a:9e:74:14:fb:5b:fa:02:16:c1:55:7b:91:01:
ae:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D0:9F:0F:EB:0F:6A:F1:A0:C7:6F:23:C5:C4:27:97:2B:B2:C4:2B
X509v3 Authority Key Identifier:
keyid:03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:d3:46:80:52:21:b7:ff:a0:73:47:23:ca:5d:69:9b:b6:65:
7b:3a:ec:b8:77:72:9f:3e:4b:4e:f9:54:68:a1:30:ce:4a:f1:
f4:86:fc:ad:0c:a6:59:fa:08:28:de:53:fe:f5:64:b8:6a:aa:
27:91:1c:6f:fa:e5:73:2d:bb:5f:53:05:19:74:d5:e4:96:9f:
8a:50:d0:89:02:67:7b:ad:18:fd:1f:a7:d5:2f:d8:17:64:22:
16:71:7c:6f:32:44:f2:a5:59:47:1e:ea:5d:5d:0f:a3:f1:3b:
53:4b:18:dd:fc:57:81:12:8b:11:54:47:8f:2f:d2:fb:82:f5:
cf:dc:bf:22:12:1e:66:43:84:68:cc:ff:cb:a7:73:75:ac:21:
3b:3c:3f:9d:33:f5:1f:43:65:0d:8f:29:cf:90:7d:5a:7d:78:
43:bb:5f:4a:60:5b:8a:ef:16:02:23:8e:2d:05:47:9a:f9:0b:
cf:07:4c:9f:52:7a:b4:78:ce:08:d6:96:67:74:ae:af:6b:a8:
b9:d8:55:a8:93:de:7e:81:78:74:d1:d3:96:2e:f4:6c:78:1a:
f4:e7:fc:59:72:fb:00:cc:6c:cf:28:06:55:ae:b5:c1:e5:cd:
e8:47:85:19:48:a6:e2:c8:d3:5c:8a:06:a4:e8:f5:46:73:6a:
4d:85:c6:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+LtMP9prrogQAS34yYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTg0NWY4NmNiYzNjZmE5ZTBlNzk4N2EwMzgyZDVkMGRk
N2NlM2UwHhcNMjUxMTExMDMwMDQ5WhcNMjUxMTEyMDMwMDQ5WjAzMTEwLwYDVQQD
Eyg1NWQwOWYwZmViMGY2YWYxYTBjNzZmMjNjNWM0Mjc5NzJiYjJjNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w0xJIyMtMJhA4oogLdMNomj25G6
3xddtt26e9uIaz4vyR7DXM7UUxjbsbYFuSezSdU0f/aBXplgQXBUCrmFarLPkn/O
tSP/tLrjxe6tDziMapOvx9uZvX9YHOKLTanFf9GgJjcT0MXfQDCi6hRTl/JigSvs
WUJ6QXYSYjBdWp4J4lY8r41G6vVYOAZo0kjIVXcExh07WhJd/yd7tP+5QG5BScF1
VmCJ22BbeonkC+3M7g6RmrMbcPvT9bDUd0e4MD+oKJ5e6AWYCpTeccO8nDAXH5pO
Z2mFlhHvacub7EvIfCVTi8iRZ54EWXFC10Ctmp50FPtb+gIWwVV7kQGuMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXQnw/rD2rxoMdvI8XEJ5crssQrMB8GA1UdIwQY
MBaAFANYRfhsvDz6ng55h6A4LV0N184+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAt
M2I4NGQ3OWFiZGFmLzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAtM2I4NGQ3OWFiZGFm
LzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9NGgFIh
t/+gc0cjyl1pm7ZlezrsuHdynz5LTvlUaKEwzkrx9Ib8rQymWfoIKN5T/vVkuGqq
J5Ecb/rlcy27X1MFGXTV5JafilDQiQJne60Y/R+n1S/YF2QiFnF8bzJE8qVZRx7q
XV0Po/E7U0sY3fxXgRKLEVRHjy/S+4L1z9y/IhIeZkOEaMz/y6dzdawhOzw/nTP1
H0NlDY8pz5B9Wn14Q7tfSmBbiu8WAiOOLQVHmvkLzwdMn1J6tHjOCNaWZ3Sur2uo
udhVqJPefoF4dNHTli70bHga9Of8WXL7AMxszygGVa61weXN6EeFGUim4sjTXIoG
pOj1RnNqTYXGfg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:03:49 2025 by rpki-client