Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
File: aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json)
Hash identifier: keEiByCbqz0NhrlTE9nCaLP6+tFWBQKJpcIbxlfkmVc=
Subject key identifier: 02:5E:2E:5B:78:13:65:CE:7F:86:10:9D:5E:7F:02:B5:0E:CE:8F:4D
Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
Certificate issuer: /CN=6987d0047fb1d8912c63f911305a714f438b1e71
Certificate serial: 019A7225F090DC1A6216F85DE5E8F1CA75F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:01:20 +0000
Manifest this update: Tue 11 Nov 2025 09:01:20 +0000
Manifest next update: Wed 12 Nov 2025 09:01:20 +0000
Files and hashes: 1: Atkr4h8_-iWKS-lQ1C-yvRl84ME.roa (hash: 2T7HRH5eHvmAemXfiDHO7EMODqi7SWlhFBBbiZ8y44c=)
2: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: ClDzK0qO79m0jDzyBa9vFl3m7JxbFBBDxfDT1vJIHEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:f0:90:dc:1a:62:16:f8:5d:e5:e8:f1:ca:75:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71
Validity
Not Before: Nov 11 09:01:20 2025 GMT
Not After : Nov 12 09:01:20 2025 GMT
Subject: CN=025e2e5b781365ce7f86109d5e7f02b50ece8f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e9:56:4a:17:52:66:e7:1c:be:1e:aa:b1:3e:
80:8f:dc:86:5c:12:8f:03:3c:13:c2:22:45:86:2d:
0a:6e:38:d3:b9:07:90:9f:e5:b2:4e:5f:73:bd:0a:
d7:fd:f3:e1:fe:0f:fb:5e:57:49:78:91:d6:3f:24:
df:17:c1:89:28:9e:04:81:18:5b:d5:59:e3:7c:42:
03:93:55:ab:f5:79:58:18:f1:51:a5:3f:91:4d:fd:
32:45:91:11:84:dc:dd:85:b6:4c:65:4b:c3:d4:56:
f7:f1:df:e8:1c:c3:2b:7b:f9:bc:1f:e6:11:3a:aa:
ea:3b:08:51:56:e6:ca:7d:22:40:6d:ef:58:81:0d:
ef:18:35:65:0d:8e:95:fc:0d:56:22:b2:a9:ef:66:
28:fe:fa:27:0d:90:71:07:a0:7e:36:3e:9f:14:be:
93:bc:3e:87:a2:a3:5b:0c:e0:54:b9:50:f0:26:09:
cd:30:4c:ce:28:12:48:91:f3:24:d3:be:64:12:03:
fa:65:24:42:68:a8:83:ef:f3:9c:02:e7:b0:d8:ab:
43:da:c6:42:4f:fd:7f:78:07:a7:36:f4:de:d2:b9:
83:75:31:75:da:d7:36:4d:c1:05:d0:3c:96:33:4a:
8a:c9:2b:48:5c:a5:c9:5b:69:98:8e:54:74:d4:1f:
9a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5E:2E:5B:78:13:65:CE:7F:86:10:9D:5E:7F:02:B5:0E:CE:8F:4D
X509v3 Authority Key Identifier:
keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:3f:1e:4a:7d:22:47:f0:7a:cd:d2:6f:8b:45:10:df:9a:cd:
6f:7d:81:ef:61:d2:87:34:ec:f2:66:ac:88:a9:1b:28:a6:d8:
ec:b1:39:22:26:3a:bd:7e:95:41:3e:aa:7d:35:35:e3:48:cf:
c9:80:d0:6b:48:03:f2:91:43:27:1a:75:f3:79:f9:39:34:70:
72:2b:eb:30:3a:6e:b7:9b:ac:c4:70:db:08:85:f3:4e:6b:e3:
0a:00:e2:58:b6:d9:85:b8:87:3c:e6:58:e9:42:1c:27:b1:87:
e3:5d:7e:1a:31:db:56:6c:b6:e1:0c:6b:c1:75:91:2e:93:ec:
a2:64:fa:85:25:04:67:cf:74:1c:10:13:9a:c3:1d:01:10:13:
2f:5a:0f:0a:0c:07:0b:c1:ed:f0:3d:2a:af:e9:c6:2b:a9:25:
50:2b:7b:a8:45:07:79:9a:35:16:c9:fd:c1:93:4d:27:91:b6:
77:67:a5:56:ad:ac:20:ce:db:1d:47:7d:67:59:99:57:f7:32:
00:7a:12:d8:58:4a:3d:c5:5d:26:89:2b:a7:6c:62:69:60:bc:
a6:d1:9e:e2:9b:bb:34:7a:74:b6:d0:b1:f8:98:50:7e:2f:66:
e9:e5:1b:24:df:9a:8a:b5:45:cc:8c:95:06:f7:d4:4d:7e:ae:
4f:15:7a:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfCQ3BpiFvhd5ejxynX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4
YjFlNzEwHhcNMjUxMTExMDkwMTIwWhcNMjUxMTEyMDkwMTIwWjAzMTEwLwYDVQQD
EygwMjVlMmU1Yjc4MTM2NWNlN2Y4NjEwOWQ1ZTdmMDJiNTBlY2U4ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoulWShdSZuccvh6qsT6Aj9yGXBKP
AzwTwiJFhi0KbjjTuQeQn+WyTl9zvQrX/fPh/g/7XldJeJHWPyTfF8GJKJ4EgRhb
1VnjfEIDk1Wr9XlYGPFRpT+RTf0yRZERhNzdhbZMZUvD1Fb38d/oHMMre/m8H+YR
OqrqOwhRVubKfSJAbe9YgQ3vGDVlDY6V/A1WIrKp72Yo/vonDZBxB6B+Nj6fFL6T
vD6HoqNbDOBUuVDwJgnNMEzOKBJIkfMk075kEgP6ZSRCaKiD7/OcAuew2KtD2sZC
T/1/eAenNvTe0rmDdTF12tc2TcEF0DyWM0qKyStIXKXJW2mYjlR01B+aewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJeLlt4E2XOf4YQnV5/ArUOzo9NMB8GA1UdIwQY
MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt
NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0
LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGz8eSn0i
R/B6zdJvi0UQ35rNb32B72HShzTs8masiKkbKKbY7LE5IiY6vX6VQT6qfTU140jP
yYDQa0gD8pFDJxp183n5OTRwcivrMDput5usxHDbCIXzTmvjCgDiWLbZhbiHPOZY
6UIcJ7GH411+GjHbVmy24QxrwXWRLpPsomT6hSUEZ890HBATmsMdARATL1oPCgwH
C8Ht8D0qr+nGK6klUCt7qEUHeZo1Fsn9wZNNJ5G2d2elVq2sIM7bHUd9Z1mZV/cy
AHoS2FhKPcVdJokrp2xiaWC8ptGe4pu7NHp0ttCx+JhQfi9m6eUbJN+airVFzIyV
BvfUTX6uTxV6Ow==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:27 2025 by rpki-client