Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: ZwGOkGOrRFmdWQQG5hj9IUJ0KLNFR4B1RREi5cMJjl4=
Subject key identifier: 7B:EC:C1:66:F8:4A:6A:69:12:4E:B2:03:C0:43:F0:AF:97:D1:FF:6C
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 019A27B03EB6FC67AB27468A4E2847A0C0EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 16FB
Signing time: Mon 27 Oct 2025 22:00:53 +0000
Manifest this update: Mon 27 Oct 2025 22:00:53 +0000
Manifest next update: Tue 28 Oct 2025 22:00:53 +0000
Files and hashes: 1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: uJmp0t4Tg8Wc/kTvkHe7pcUIXY83jHrneiRYL7mP5fc=)
3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 22:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:b0:3e:b6:fc:67:ab:27:46:8a:4e:28:47:a0:c0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Oct 27 22:00:53 2025 GMT
Not After : Oct 28 22:00:53 2025 GMT
Subject: CN=7becc166f84a6a69124eb203c043f0af97d1ff6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c9:10:6c:fe:b5:a4:f2:98:68:39:a7:45:cb:
bf:68:5f:3a:b9:6f:51:e9:fa:fd:e9:3c:2c:db:d6:
6f:53:02:82:22:94:03:83:90:f7:69:f2:f9:f8:bb:
a6:e5:10:71:c9:71:29:68:4d:bb:cf:94:38:9e:48:
db:71:1c:97:44:62:db:bd:fb:6d:b5:a9:5c:71:02:
aa:0e:70:ab:83:1d:89:d4:58:20:fb:c7:d2:df:d6:
b6:ae:83:07:fc:73:bd:a2:12:36:89:66:37:cc:7c:
b4:37:4a:85:9d:83:83:8c:2c:0e:58:1c:3c:b7:9a:
8a:26:78:61:85:28:28:0c:4d:83:ce:ab:62:cc:39:
c6:d1:14:76:64:55:5a:a7:d2:85:61:eb:58:6b:32:
ee:c1:61:a2:e6:82:55:e9:83:6e:0d:9f:54:02:a8:
6f:a9:d1:08:b1:f7:56:c6:5c:8c:bb:70:ce:eb:2a:
dc:15:8e:09:17:3d:f2:d5:01:e3:5c:5a:a1:ff:9d:
a7:fc:95:7b:5a:db:f5:b4:79:5d:0d:76:80:b4:22:
13:40:03:f8:0b:82:19:1f:90:e7:fe:bd:fd:e8:a0:
c7:e8:23:23:a0:4e:6e:9d:47:0d:47:a2:15:f3:e6:
c6:89:28:cd:5e:49:da:46:19:7b:15:42:22:e4:ed:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EC:C1:66:F8:4A:6A:69:12:4E:B2:03:C0:43:F0:AF:97:D1:FF:6C
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:63:11:54:32:e1:67:78:b3:9c:c7:01:72:ba:18:40:b3:1e:
3b:d8:63:c6:b0:aa:79:85:44:0a:ce:a1:c7:7b:cc:61:f9:e5:
38:7c:c8:40:23:4a:07:3e:b9:48:5d:2f:dd:7a:10:6e:88:e1:
92:d1:ed:75:dc:b1:b7:9b:c0:06:64:24:38:37:1e:9b:c0:2b:
55:0f:bb:c9:e0:ff:c9:2a:c4:c7:0b:c5:ae:e2:df:a7:b5:98:
7d:25:e9:ff:5d:8e:c5:f5:34:6c:8e:03:26:87:09:48:d5:17:
3a:db:b4:a0:37:47:09:1e:7e:7f:c4:fc:2d:bb:1f:6d:b8:27:
ea:b8:a9:80:eb:6c:1d:36:5d:68:a8:0b:c7:00:7c:e1:2c:4b:
e1:5e:af:d2:65:70:75:a2:ce:e1:5a:88:c5:fb:28:84:d8:ba:
ac:e6:90:26:99:9e:e8:67:34:a6:9b:b9:11:35:07:27:3b:7d:
4b:93:7d:97:44:5f:34:48:a9:41:90:3a:ab:74:2d:97:c9:61:
ac:c4:2a:0a:81:b5:31:83:9b:36:25:d2:48:99:4d:09:48:71:
89:37:94:76:2c:3d:8b:4f:c1:f3:29:06:e5:30:1f:54:40:49:
86:0b:8b:e4:1f:50:7b:8c:02:92:83:69:5b:70:ab:10:67:db:
28:1b:be:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZonsD62/GerJ0aKTihHoMDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUxMDI3MjIwMDUzWhcNMjUxMDI4MjIwMDUzWjAzMTEwLwYDVQQD
Eyg3YmVjYzE2NmY4NGE2YTY5MTI0ZWIyMDNjMDQzZjBhZjk3ZDFmZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArskQbP61pPKYaDmnRcu/aF86uW9R
6fr96Tws29ZvUwKCIpQDg5D3afL5+Lum5RBxyXEpaE27z5Q4nkjbcRyXRGLbvftt
talccQKqDnCrgx2J1Fgg+8fS39a2roMH/HO9ohI2iWY3zHy0N0qFnYODjCwOWBw8
t5qKJnhhhSgoDE2DzqtizDnG0RR2ZFVap9KFYetYazLuwWGi5oJV6YNuDZ9UAqhv
qdEIsfdWxlyMu3DO6yrcFY4JFz3y1QHjXFqh/52n/JV7Wtv1tHldDXaAtCITQAP4
C4IZH5Dn/r396KDH6CMjoE5unUcNR6IV8+bGiSjNXknaRhl7FUIi5O04bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvswWb4SmppEk6yA8BD8K+X0f9sMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmMRVDLh
Z3iznMcBcroYQLMeO9hjxrCqeYVECs6hx3vMYfnlOHzIQCNKBz65SF0v3XoQbojh
ktHtddyxt5vABmQkODcem8ArVQ+7yeD/ySrExwvFruLfp7WYfSXp/12OxfU0bI4D
JocJSNUXOtu0oDdHCR5+f8T8Lbsfbbgn6ripgOtsHTZdaKgLxwB84SxL4V6v0mVw
daLO4VqIxfsohNi6rOaQJpme6Gc0ppu5ETUHJzt9S5N9l0RfNEipQZA6q3Qtl8lh
rMQqCoG1MYObNiXSSJlNCUhxiTeUdiw9i0/B8ykG5TAfVEBJhguL5B9Qe4wCkoNp
W3CrEGfbKBu+PQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 08:29:53 2025 by rpki-client