Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: EhpUuSRFbvgevKKasqtDIHIxIAjzRau+gZnl6lNSEU0=
Subject key identifier: DE:18:CA:94:E4:91:5A:DB:4A:AC:B4:77:DA:28:4F:65:39:B3:5C:23
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 019A2478654A734C80CCE3C72A63430CD631
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 0462
Signing time: Mon 27 Oct 2025 07:01:01 +0000
Manifest this update: Mon 27 Oct 2025 07:01:01 +0000
Manifest next update: Tue 28 Oct 2025 07:01:01 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: jfPEOBJjOd3noJlIRc8Ygk+AkS5vIOctIHLE8f/pg+Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:78:65:4a:73:4c:80:cc:e3:c7:2a:63:43:0c:d6:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Oct 27 07:01:01 2025 GMT
Not After : Oct 28 07:01:01 2025 GMT
Subject: CN=de18ca94e4915adb4aacb477da284f6539b35c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:6d:5b:25:23:2c:29:09:f3:1d:e9:ad:1d:
02:4f:c8:52:5b:3f:06:23:9f:5b:7d:e5:50:7c:83:
ff:80:4d:7c:3f:5a:b1:22:e8:79:16:37:5c:82:c6:
1c:87:02:15:57:40:1f:bf:b0:4b:5a:f7:5f:94:b7:
6b:01:7d:fa:e4:59:c3:cd:b6:58:be:08:43:39:15:
79:01:3a:e5:26:64:b0:b5:95:45:68:f0:26:a4:c2:
67:6e:39:1e:c6:cd:ed:2b:d4:1d:3d:36:84:77:f5:
79:36:66:c4:1a:8d:e4:44:3d:64:d9:fc:c2:f6:83:
1a:91:c9:f6:c6:06:bf:28:7d:52:ae:42:5c:ef:06:
77:33:42:cd:55:23:34:89:de:d5:16:81:e4:94:48:
ab:6b:64:8c:c6:91:cd:48:8a:a2:84:d5:39:08:75:
d5:36:84:ba:38:29:9e:27:74:bc:bc:20:dd:2a:ee:
00:f1:9a:05:64:26:10:8a:f1:57:15:08:0d:76:67:
3e:54:2f:84:e6:88:80:3e:16:ce:23:54:e0:dc:9e:
30:87:87:ac:ba:d6:83:2f:99:18:02:ef:13:bd:9d:
c6:87:93:d0:5e:15:5e:6c:c0:56:02:53:76:87:34:
f8:ec:48:89:cd:e8:9e:c0:94:0e:d4:3b:4b:5f:38:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:18:CA:94:E4:91:5A:DB:4A:AC:B4:77:DA:28:4F:65:39:B3:5C:23
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:e5:b8:20:c1:3c:4d:d7:af:1c:03:9b:67:f9:20:3f:31:1e:
08:eb:d0:cb:db:d9:4e:b4:53:73:e5:d6:4d:07:6f:0f:be:ba:
10:46:ad:7e:34:c8:81:e6:ba:62:52:82:bc:41:ef:b3:1a:e0:
c8:25:12:1e:c0:17:e5:73:70:ca:99:96:b4:bc:a6:39:dd:13:
95:f0:26:c4:c0:8c:16:96:21:2c:02:87:bf:ec:fb:34:fe:bf:
7d:ba:9a:86:93:2d:8f:7d:32:2f:05:d5:cf:61:01:b2:ba:7f:
e6:12:e3:90:40:10:29:87:b5:b5:e3:b1:6e:26:4a:9c:a1:f9:
57:03:a1:ce:d5:2a:81:cc:26:f0:46:ba:41:3b:25:92:23:a3:
be:8a:d4:a7:6c:78:db:82:ad:8c:e3:1c:e3:83:3a:ea:e6:22:
6d:f0:c6:47:37:9c:75:f6:fa:55:12:9c:4d:92:f3:f7:f0:95:
36:b3:86:af:e2:3a:ce:91:29:6a:dc:df:90:c4:f9:92:0b:98:
7c:fe:6f:28:b1:9d:0b:2d:7d:1c:29:67:52:2c:2a:de:41:53:
54:4e:cb:06:05:b6:e2:43:c4:f1:57:56:32:ba:e9:0b:ac:56:
b1:f7:5b:04:01:35:0b:e6:c0:39:96:a0:fb:5f:b0:e9:f6:8a:
3f:be:be:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeGVKc0yAzOPHKmNDDNYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUxMDI3MDcwMTAxWhcNMjUxMDI4MDcwMTAxWjAzMTEwLwYDVQQD
EyhkZTE4Y2E5NGU0OTE1YWRiNGFhY2I0NzdkYTI4NGY2NTM5YjM1YzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZtWyUjLCkJ8x3prR0CT8hSWz8G
I59bfeVQfIP/gE18P1qxIuh5FjdcgsYchwIVV0Afv7BLWvdflLdrAX365FnDzbZY
vghDORV5ATrlJmSwtZVFaPAmpMJnbjkexs3tK9QdPTaEd/V5NmbEGo3kRD1k2fzC
9oMakcn2xga/KH1SrkJc7wZ3M0LNVSM0id7VFoHklEira2SMxpHNSIqihNU5CHXV
NoS6OCmeJ3S8vCDdKu4A8ZoFZCYQivFXFQgNdmc+VC+E5oiAPhbOI1Tg3J4wh4es
utaDL5kYAu8TvZ3Gh5PQXhVebMBWAlN2hzT47EiJzeiewJQO1DtLXzgtvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4YypTkkVrbSqy0d9ooT2U5s1wjMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuW4IME8
TdevHAObZ/kgPzEeCOvQy9vZTrRTc+XWTQdvD766EEatfjTIgea6YlKCvEHvsxrg
yCUSHsAX5XNwypmWtLymOd0TlfAmxMCMFpYhLAKHv+z7NP6/fbqahpMtj30yLwXV
z2EBsrp/5hLjkEAQKYe1teOxbiZKnKH5VwOhztUqgcwm8Ea6QTslkiOjvorUp2x4
24KtjOMc44M66uYibfDGRzecdfb6VRKcTZLz9/CVNrOGr+I6zpEpatzfkMT5kguY
fP5vKLGdCy19HClnUiwq3kFTVE7LBgW24kPE8VdWMrrpC6xWsfdbBAE1C+bAOZag
+1+w6faKP76+mA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:43:00 2025 by rpki-client