Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
File: aL0515MSXGhN_ycviGIrrEMhgPA.mft (raw, json)
Hash identifier: 6vv+cDu7EKrj2vties6/rmJM5Ro5Dy4GxN1bL4ft7yA=
Subject key identifier: 16:5C:7E:1F:C5:CD:D9:AE:E7:01:59:7E:17:B3:27:AC:98:CB:F6:84
Authority key identifier: 68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0
Certificate issuer: /CN=68bd39d793125c684dff272f88622bac432180f0
Certificate serial: 019A70DC30DF38FF5CACDA79D4D1DB8B2C99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 03:01:09 +0000
Manifest this update: Tue 11 Nov 2025 03:01:09 +0000
Manifest next update: Wed 12 Nov 2025 03:01:09 +0000
Files and hashes: 1: aL0515MSXGhN_ycviGIrrEMhgPA.crl (hash: rW/F6CVZG+6nkd/jG3bVmxdoM6+HvSuVHx7tdEks+Kg=)
2: aUKOJrnyNsDVraosl-1-341781M.roa (hash: omnP8BEQZ4v0uR+9FGHR3kGU8+xYRsRiJd27fBInyzs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:30:df:38:ff:5c:ac:da:79:d4:d1:db:8b:2c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bd39d793125c684dff272f88622bac432180f0
Validity
Not Before: Nov 11 03:01:09 2025 GMT
Not After : Nov 12 03:01:09 2025 GMT
Subject: CN=165c7e1fc5cdd9aee701597e17b327ac98cbf684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:ee:2c:60:62:78:19:ac:ca:f4:96:f1:84:
4a:03:e9:6a:0a:02:9e:04:56:71:42:c4:79:96:e9:
b5:d5:05:57:d2:34:bb:88:e0:e4:a2:f0:26:f8:9d:
26:2e:58:df:3d:67:2e:cf:1c:17:93:bb:26:bc:46:
9a:83:89:4b:78:56:f4:1a:d5:c6:55:cf:3e:98:bf:
84:74:b5:7b:93:e5:dc:2b:a0:30:44:9f:fd:79:c6:
af:19:34:9f:8b:0c:d0:0f:93:17:4c:0f:6a:2e:63:
7b:35:ab:6f:33:d3:04:92:6d:08:4b:53:5d:b9:6d:
47:5e:48:96:56:6f:52:95:b3:67:77:b0:c1:67:18:
f9:7a:dc:38:38:45:66:11:9a:d9:2d:2e:3b:d9:68:
88:ae:b9:e2:69:9b:32:65:d9:14:6c:50:dc:ad:5e:
8b:f3:bc:12:a2:a9:e5:19:4f:01:a3:2d:cc:ac:cc:
eb:7f:73:03:46:a4:b3:eb:0e:e1:2f:46:5e:d5:20:
5f:23:08:02:fb:32:87:55:cd:0f:f2:a8:13:03:40:
94:ed:a2:b6:19:ee:b9:d0:de:f0:66:ff:41:f1:5a:
c0:a9:16:59:71:9c:45:e6:ee:0a:ea:20:17:1d:2c:
53:a1:fb:ab:f3:01:da:9f:fa:7f:c7:90:d7:52:cf:
e3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5C:7E:1F:C5:CD:D9:AE:E7:01:59:7E:17:B3:27:AC:98:CB:F6:84
X509v3 Authority Key Identifier:
keyid:68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:4d:de:95:e0:2d:49:03:a7:e3:3b:bf:40:7f:09:70:4c:ff:
97:fb:3b:d9:9a:80:2b:fe:97:2c:1f:13:8e:97:35:0d:16:e7:
d7:d4:1b:b9:fc:c9:52:48:43:13:20:71:57:cc:03:dc:fe:47:
dc:78:20:5b:fe:86:44:5f:94:9c:88:f7:5e:32:13:8e:53:dd:
4b:57:4c:f0:0d:0a:60:b9:ef:0f:a1:fe:66:f4:0d:91:83:a1:
04:a9:70:55:91:92:13:69:f1:3c:2e:53:31:12:ab:91:9d:e0:
1f:ad:91:8b:65:f4:7a:51:0a:17:49:d7:dd:ac:3d:f1:da:d8:
8c:79:e0:a9:50:81:48:81:f4:8f:05:47:2b:eb:12:4b:0b:84:
f5:15:56:8e:12:6c:7f:ca:f2:71:8e:c3:11:34:81:74:d2:fb:
da:0f:0b:ed:79:2c:9e:9a:47:3c:cc:0f:67:f1:a5:e5:3c:97:
6e:3f:b3:2e:88:97:fb:81:b0:9f:f3:61:54:2d:67:63:a8:90:
e8:81:84:d8:a8:f3:20:23:76:2e:86:d7:25:13:c1:6a:50:80:
71:71:49:ea:b9:50:fb:c9:ca:fe:7f:6e:ea:ba:93:f4:29:6d:
de:7b:7b:9c:09:7a:28:c9:85:70:81:10:cb:e2:9f:f4:fe:5a:
00:e1:34:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3DDfOP9crNp51NHbiyyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQzOWQ3OTMxMjVjNjg0ZGZmMjcyZjg4NjIyYmFjNDMy
MTgwZjAwHhcNMjUxMTExMDMwMTA5WhcNMjUxMTEyMDMwMTA5WjAzMTEwLwYDVQQD
EygxNjVjN2UxZmM1Y2RkOWFlZTcwMTU5N2UxN2IzMjdhYzk4Y2JmNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJjuLGBieBmsyvSW8YRKA+lqCgKe
BFZxQsR5lum11QVX0jS7iODkovAm+J0mLljfPWcuzxwXk7smvEaag4lLeFb0GtXG
Vc8+mL+EdLV7k+XcK6AwRJ/9ecavGTSfiwzQD5MXTA9qLmN7NatvM9MEkm0IS1Nd
uW1HXkiWVm9SlbNnd7DBZxj5etw4OEVmEZrZLS472WiIrrniaZsyZdkUbFDcrV6L
87wSoqnlGU8Boy3MrMzrf3MDRqSz6w7hL0Ze1SBfIwgC+zKHVc0P8qgTA0CU7aK2
Ge650N7wZv9B8VrAqRZZcZxF5u4K6iAXHSxTofur8wHan/p/x5DXUs/jvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZcfh/Fzdmu5wFZfhezJ6yYy/aEMB8GA1UdIwQY
MBaAFGi9OdeTElxoTf8nL4hiK6xDIYDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUt
MDg5MDUyMGI4ODQ2LzEvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUtMDg5MDUyMGI4ODQ2
LzEvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAok3eleAt
SQOn4zu/QH8JcEz/l/s72ZqAK/6XLB8Tjpc1DRbn19QbufzJUkhDEyBxV8wD3P5H
3HggW/6GRF+UnIj3XjITjlPdS1dM8A0KYLnvD6H+ZvQNkYOhBKlwVZGSE2nxPC5T
MRKrkZ3gH62Ri2X0elEKF0nX3aw98drYjHngqVCBSIH0jwVHK+sSSwuE9RVWjhJs
f8rycY7DETSBdNL72g8L7XksnppHPMwPZ/Gl5TyXbj+zLoiX+4Gwn/NhVC1nY6iQ
6IGE2KjzICN2LobXJRPBalCAcXFJ6rlQ+8nK/n9u6rqT9Clt3nt7nAl6KMmFcIEQ
y+Kf9P5aAOE0+A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:10 2025 by rpki-client