Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.mft
File: aVJaNi6HcFoewCLRZWDydtWc7h0.mft (raw, json)
Hash identifier: izI+nypb0c/0me19mkcfeEGx7NEQizOyHUzi6JW89+Y=
Subject key identifier: 89:57:61:34:B1:FA:E0:08:18:B1:50:79:A6:38:E4:7F:4D:E4:31:F3
Authority key identifier: 69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
Certificate issuer: /CN=69525a362e87705a1ec022d16560f276d59cee1d
Certificate serial: 019A1B0713753F7886FA193EA9A91EA13FE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.mft
Manifest number: 08CB
Signing time: Sat 25 Oct 2025 11:00:39 +0000
Manifest this update: Sat 25 Oct 2025 11:00:39 +0000
Manifest next update: Sun 26 Oct 2025 11:00:39 +0000
Files and hashes: 1: aHJU3TtGM9M9L2c33hiqaeAD6-M.roa (hash: Jnk6c3GJ5E4y6b+inckEyRoPVADxMl1TsyYlid/Y0Y0=)
2: aVJaNi6HcFoewCLRZWDydtWc7h0.crl (hash: KjHdjRRLxfIkO2JwrAN6ydnwmVF3dqdP/gdMqJSuPCk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:07:13:75:3f:78:86:fa:19:3e:a9:a9:1e:a1:3f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69525a362e87705a1ec022d16560f276d59cee1d
Validity
Not Before: Oct 25 11:00:39 2025 GMT
Not After : Oct 26 11:00:39 2025 GMT
Subject: CN=89576134b1fae00818b15079a638e47f4de431f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:34:db:eb:58:21:bd:eb:5d:22:e4:0f:e6:d1:
a8:76:ee:87:9f:20:97:5a:37:ec:73:f0:74:09:16:
e6:da:a8:62:9b:6f:0f:9f:c7:30:fd:2f:5b:fe:0e:
7b:63:59:3a:6b:07:48:d6:e4:d1:00:1f:54:7e:16:
97:f3:75:7f:c6:fe:20:0c:60:af:cb:ac:ae:2a:3b:
52:90:e1:fc:b7:90:cd:b9:05:45:72:18:ea:d4:0f:
0e:1e:e5:37:6f:e8:df:05:da:67:39:7e:11:f7:0e:
16:d3:b7:75:f3:33:46:ff:87:7b:2e:53:8c:28:72:
3f:c0:1f:80:56:42:2e:90:06:05:e9:e4:f7:f4:87:
d0:11:32:8d:6a:2b:b0:20:75:28:5b:57:b3:43:fd:
af:c5:c9:63:36:89:47:1c:58:ce:ab:88:4a:b6:ee:
06:cd:fb:b7:bd:e2:fe:ef:86:7a:8a:9d:fc:93:f6:
e5:23:f9:2b:b4:fa:d6:0e:87:1e:d3:fa:af:85:38:
cc:c5:a9:de:3b:ae:60:2b:54:08:16:4a:f9:7c:3b:
fa:9d:52:40:7f:4a:c6:55:3c:49:b7:73:83:be:ca:
81:ad:b1:60:9a:14:a0:68:fe:ea:e1:a0:37:06:15:
0b:3b:2c:17:55:b5:05:28:8b:f2:a0:3e:cd:b2:76:
5f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:57:61:34:B1:FA:E0:08:18:B1:50:79:A6:38:E4:7F:4D:E4:31:F3
X509v3 Authority Key Identifier:
keyid:69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:6a:16:f8:0a:09:87:1b:5c:85:6a:63:1a:c7:26:58:bf:ee:
6e:ae:8d:b0:4e:45:94:f5:29:e0:2c:31:e9:dc:73:02:f7:d3:
08:a1:b1:52:10:24:9c:bd:e2:ab:6b:b3:33:5e:f9:8e:ae:a8:
2c:42:4a:11:20:6e:2b:c7:43:56:7f:1d:31:89:4c:33:f3:50:
f2:c7:4d:da:04:82:70:40:72:e5:98:3a:ad:e4:c9:f4:2c:44:
7a:00:64:d6:93:6e:6a:55:07:a5:dd:aa:0b:c1:0b:58:aa:3b:
d1:f5:c4:dd:f2:4e:ec:fd:ec:5b:d7:e5:3e:ec:45:69:d6:c4:
49:1e:81:71:a8:33:a9:47:78:33:18:34:6d:ab:1c:49:46:f1:
46:1e:ba:51:75:f3:aa:4b:3b:ac:bf:d7:87:8d:57:6a:eb:df:
83:d0:d3:0c:27:e5:4e:f6:a1:d4:00:a1:7b:77:aa:db:f0:d3:
57:46:c7:5f:c9:6d:62:e7:08:da:60:f2:28:3f:26:7d:23:54:
69:7c:b2:8f:ee:4c:e1:e9:41:32:61:92:a0:93:2b:32:14:eb:
63:21:77:12:0b:28:85:41:bf:c9:5d:f0:e7:02:ea:ff:83:eb:
d2:67:ac:98:08:62:f5:50:64:e0:33:39:ea:ed:e2:ad:5b:76:
c4:da:f2:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZobBxN1P3iG+hk+qakeoT/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTI1YTM2MmU4NzcwNWExZWMwMjJkMTY1NjBmMjc2ZDU5
Y2VlMWQwHhcNMjUxMDI1MTEwMDM5WhcNMjUxMDI2MTEwMDM5WjAzMTEwLwYDVQQD
Eyg4OTU3NjEzNGIxZmFlMDA4MThiMTUwNzlhNjM4ZTQ3ZjRkZTQzMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TTb61ghvetdIuQP5tGodu6HnyCX
Wjfsc/B0CRbm2qhim28Pn8cw/S9b/g57Y1k6awdI1uTRAB9UfhaX83V/xv4gDGCv
y6yuKjtSkOH8t5DNuQVFchjq1A8OHuU3b+jfBdpnOX4R9w4W07d18zNG/4d7LlOM
KHI/wB+AVkIukAYF6eT39IfQETKNaiuwIHUoW1ezQ/2vxcljNolHHFjOq4hKtu4G
zfu3veL+74Z6ip38k/blI/krtPrWDoce0/qvhTjMxaneO65gK1QIFkr5fDv6nVJA
f0rGVTxJt3ODvsqBrbFgmhSgaP7q4aA3BhULOywXVbUFKIvyoD7NsnZfdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIlXYTSx+uAIGLFQeaY45H9N5DHzMB8GA1UdIwQY
MBaAFGlSWjYuh3BaHsAi0WVg8nbVnO4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzkt
NjVkNmNhM2Y0OWQ4LzEvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzktNjVkNmNhM2Y0OWQ4
LzEvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACWoW+AoJ
hxtchWpjGscmWL/ubq6NsE5FlPUp4Cwx6dxzAvfTCKGxUhAknL3iq2uzM175jq6o
LEJKESBuK8dDVn8dMYlMM/NQ8sdN2gSCcEBy5Zg6reTJ9CxEegBk1pNualUHpd2q
C8ELWKo70fXE3fJO7P3sW9flPuxFadbESR6BcagzqUd4Mxg0bascSUbxRh66UXXz
qks7rL/Xh41Xauvfg9DTDCflTvah1AChe3eq2/DTV0bHX8ltYucI2mDyKD8mfSNU
aXyyj+5M4elBMmGSoJMrMhTrYyF3EgsohUG/yV3w5wLq/4Pr0mesmAhi9VBk4DM5
6u3irVt2xNry6A==
-----END CERTIFICATE-----
Generated at Sat Oct 25 13:15:33 2025 by rpki-client