Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
File: 1AYg6l2vilSq6hfyy57N8114UwY.mft (raw, json)
Hash identifier: NK+0yhv1fglGbgxgQmSfaYyIuFGe1mDulngTjuc8UbQ=
Subject key identifier: FA:CA:AD:2C:B8:73:EA:FD:56:29:01:D2:BC:B4:D7:8C:B7:B0:F8:EE
Authority key identifier: D4:06:20:EA:5D:AF:8A:54:AA:EA:17:F2:CB:9E:CD:F3:5D:78:53:06
Certificate issuer: /CN=d40620ea5daf8a54aaea17f2cb9ecdf35d785306
Certificate serial: 019A71B77C61905F0DB507632D3ABCE592ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
Manifest number: 11F7
Signing time: Tue 11 Nov 2025 07:00:41 +0000
Manifest this update: Tue 11 Nov 2025 07:00:41 +0000
Manifest next update: Wed 12 Nov 2025 07:00:41 +0000
Files and hashes: 1: 1AYg6l2vilSq6hfyy57N8114UwY.crl (hash: a8Ql5zqCwzyfgO2qrfn4P1EquPziMlh/6i5q3/lv5G4=)
2: gGx-x2iRamyRfnlhx5me1YxCw6s.roa (hash: JLnMtxeLdoGYGRa/pvkNkIdX/aY0zlXxd7zsjwME0tw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:7c:61:90:5f:0d:b5:07:63:2d:3a:bc:e5:92:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d40620ea5daf8a54aaea17f2cb9ecdf35d785306
Validity
Not Before: Nov 11 07:00:41 2025 GMT
Not After : Nov 12 07:00:41 2025 GMT
Subject: CN=facaad2cb873eafd562901d2bcb4d78cb7b0f8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:e5:bc:d6:d7:21:6c:ba:8c:6b:d7:2f:dd:
f3:5f:10:16:86:33:13:2d:9f:1e:45:10:42:4d:54:
fb:08:a1:24:91:2e:e7:b9:9e:76:1d:e3:8e:65:81:
15:27:5f:b8:79:65:89:b7:81:4d:43:5c:a1:c3:f5:
5a:28:6d:75:fc:07:ba:1d:57:b7:c0:79:ad:e7:63:
59:d7:7a:bf:ec:4f:b9:4e:da:4a:fd:6a:e8:cd:73:
42:45:2f:3b:3d:51:54:32:6e:41:ec:45:07:40:ec:
29:33:66:59:8d:a1:57:7e:40:95:9a:ac:ef:e0:f2:
a2:08:bd:52:e1:23:64:18:c4:6b:fe:dd:d8:9f:fc:
bd:25:80:5c:db:b9:6a:7c:c4:58:a5:b8:62:2d:3a:
83:8b:21:3c:2a:ce:6b:81:a9:0e:f3:fa:34:99:5a:
09:54:e1:1c:27:dc:ec:3a:49:c1:9e:f2:a0:4b:07:
44:07:4f:63:b2:b0:3d:47:99:cf:9c:5c:e7:6b:18:
32:34:ab:26:f4:51:39:61:bd:df:c1:66:b5:0e:1a:
39:70:2b:32:21:b7:d5:00:d0:49:94:59:1b:16:0c:
f5:ac:44:9f:30:b7:15:0f:f0:91:74:b5:be:de:6b:
55:39:86:98:b6:d8:fd:30:07:f2:8a:c9:4e:8b:e3:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CA:AD:2C:B8:73:EA:FD:56:29:01:D2:BC:B4:D7:8C:B7:B0:F8:EE
X509v3 Authority Key Identifier:
keyid:D4:06:20:EA:5D:AF:8A:54:AA:EA:17:F2:CB:9E:CD:F3:5D:78:53:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1AYg6l2vilSq6hfyy57N8114UwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/798fc5-b54c-41c1-8afe-f09e46c69bf8/1/1AYg6l2vilSq6hfyy57N8114UwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:d4:5e:10:3f:b8:02:81:08:84:18:9b:67:7c:30:32:97:5b:
88:d9:04:92:a6:96:9e:02:dc:1a:e0:53:af:23:96:b5:73:85:
e4:46:aa:d6:38:f9:4e:d8:f7:82:a1:9f:31:4b:d7:b9:bf:90:
67:2e:17:75:40:52:8d:38:30:31:27:e0:cb:10:f9:ec:e5:78:
75:d0:8a:eb:cc:b2:d4:6f:42:af:65:1f:10:16:65:b6:53:df:
29:83:75:6c:f3:f7:e7:60:f1:74:54:6d:6f:3c:d4:21:2f:81:
1e:d0:df:39:b9:a3:47:0d:33:d5:c5:97:1b:4e:7a:44:c1:a5:
02:53:c1:98:4e:dd:04:b6:dc:ac:10:77:ba:23:fa:19:e9:fe:
11:d4:d1:3c:ac:95:3a:7c:1a:ae:4c:a6:11:f4:ad:11:fd:9c:
68:de:56:a5:53:65:a2:3a:1a:4d:dd:65:c7:18:10:fb:8c:85:
1e:08:04:7e:a2:fd:3e:5a:df:df:41:33:82:bc:bc:e1:b7:5f:
00:ef:db:19:e0:ed:33:f8:11:f6:d6:44:1f:00:25:82:8a:9c:
55:ca:7c:3c:11:ec:05:84:3b:1a:98:d1:d8:42:6a:6f:73:66:
00:92:93:26:de:8e:fe:ea:90:ff:11:89:54:b4:cd:78:37:8b:
f1:6f:32:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3xhkF8NtQdjLTq85ZLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MDYyMGVhNWRhZjhhNTRhYWVhMTdmMmNiOWVjZGYzNWQ3
ODUzMDYwHhcNMjUxMTExMDcwMDQxWhcNMjUxMTEyMDcwMDQxWjAzMTEwLwYDVQQD
EyhmYWNhYWQyY2I4NzNlYWZkNTYyOTAxZDJiY2I0ZDc4Y2I3YjBmOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL7lvNbXIWy6jGvXL93zXxAWhjMT
LZ8eRRBCTVT7CKEkkS7nuZ52HeOOZYEVJ1+4eWWJt4FNQ1yhw/VaKG11/Ae6HVe3
wHmt52NZ13q/7E+5TtpK/WrozXNCRS87PVFUMm5B7EUHQOwpM2ZZjaFXfkCVmqzv
4PKiCL1S4SNkGMRr/t3Yn/y9JYBc27lqfMRYpbhiLTqDiyE8Ks5rgakO8/o0mVoJ
VOEcJ9zsOknBnvKgSwdEB09jsrA9R5nPnFznaxgyNKsm9FE5Yb3fwWa1Dho5cCsy
IbfVANBJlFkbFgz1rESfMLcVD/CRdLW+3mtVOYaYttj9MAfyislOi+M0gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrKrSy4c+r9VikB0ry014y3sPjuMB8GA1UdIwQY
MBaAFNQGIOpdr4pUquoX8suezfNdeFMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OThmYzUtYjU0Yy00MWMxLThhZmUt
ZjA5ZTQ2YzY5YmY4LzEvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83OThmYzUtYjU0Yy00MWMxLThhZmUtZjA5ZTQ2YzY5YmY4
LzEvMUFZZzZsMnZpbFNxNmhmeXk1N044MTE0VXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9ReED+4
AoEIhBibZ3wwMpdbiNkEkqaWngLcGuBTryOWtXOF5Eaq1jj5Ttj3gqGfMUvXub+Q
Zy4XdUBSjTgwMSfgyxD57OV4ddCK68yy1G9Cr2UfEBZltlPfKYN1bPP352DxdFRt
bzzUIS+BHtDfObmjRw0z1cWXG056RMGlAlPBmE7dBLbcrBB3uiP6Gen+EdTRPKyV
OnwarkymEfStEf2caN5WpVNlojoaTd1lxxgQ+4yFHggEfqL9Plrf30Ezgry84bdf
AO/bGeDtM/gR9tZEHwAlgoqcVcp8PBHsBYQ7GpjR2EJqb3NmAJKTJt6O/uqQ/xGJ
VLTNeDeL8W8yTQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:15 2025 by rpki-client