Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
File: gmAVLt1HazFwhARFKVhhW2Xdywo.mft (raw, json)
Hash identifier: dHd7iR1cYb9tOaYHL2K/fKxNIgSE+xfwHf61hlEokIs=
Subject key identifier: 7B:33:95:C9:1B:3D:A7:0F:57:A7:CD:DE:B3:FE:0F:96:9D:27:6F:2F
Authority key identifier: 82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A
Certificate issuer: /CN=8260152edd476b31708404452958615b65ddcb0a
Certificate serial: 019A706DE54FCE8C1A90E75AFFA196DB033B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 01:00:41 +0000
Manifest this update: Tue 11 Nov 2025 01:00:41 +0000
Manifest next update: Wed 12 Nov 2025 01:00:41 +0000
Files and hashes: 1: ABnX77DVikk7gn2fQ6SCyXZp5CY.roa (hash: tGweD2UyMDN3jg0C7H8c7WDDk9iUdxSAoQTdTpfDf5g=)
2: gmAVLt1HazFwhARFKVhhW2Xdywo.crl (hash: ZpbUpQiJ3e5PB/+oJPK4m5iKMZlEBZC1dXIycEruFZg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6d:e5:4f:ce:8c:1a:90:e7:5a:ff:a1:96:db:03:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8260152edd476b31708404452958615b65ddcb0a
Validity
Not Before: Nov 11 01:00:41 2025 GMT
Not After : Nov 12 01:00:41 2025 GMT
Subject: CN=7b3395c91b3da70f57a7cddeb3fe0f969d276f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:57:3d:67:9a:0e:f0:8d:5e:c5:89:c4:b1:
99:c5:d9:5d:78:9a:9b:28:a6:aa:72:b2:2c:23:65:
c6:81:02:92:e2:b2:b4:ab:c7:ea:db:e0:94:70:a8:
88:e7:58:1d:a3:05:9f:f9:f1:f1:21:95:cd:a3:5d:
e9:f2:ef:d7:77:ac:6c:7e:68:52:8c:5c:b2:9f:79:
8d:92:35:15:05:f3:fc:3b:00:56:88:89:bd:79:f2:
a2:0c:c9:e7:4a:49:ac:4f:3a:aa:ac:75:4a:30:15:
c4:85:b7:9b:0a:1d:3b:fd:ed:99:32:ee:43:56:ab:
20:fe:2f:c6:f9:8f:79:0d:17:87:45:80:b8:e6:9b:
63:dc:15:01:ed:17:8d:20:5d:f4:88:ed:d5:d4:7c:
a1:4d:df:33:a9:bc:b0:b7:0b:22:97:7e:c2:28:64:
78:10:6d:18:6a:94:81:2e:b7:0f:db:b5:26:fb:3d:
95:f5:11:5a:69:81:db:5b:8e:ad:0c:1d:e6:ac:61:
26:8e:79:d8:96:74:fd:0a:8e:e9:88:d0:ff:ad:63:
57:24:67:04:ae:60:3c:ea:01:9c:9e:52:3f:b8:05:
ef:46:61:a4:2f:87:19:a1:f1:01:75:6c:fb:4a:f7:
48:a4:72:88:e6:57:89:39:94:93:6a:aa:76:23:4e:
c9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:33:95:C9:1B:3D:A7:0F:57:A7:CD:DE:B3:FE:0F:96:9D:27:6F:2F
X509v3 Authority Key Identifier:
keyid:82:60:15:2E:DD:47:6B:31:70:84:04:45:29:58:61:5B:65:DD:CB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmAVLt1HazFwhARFKVhhW2Xdywo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/49f40c-5448-4217-956f-ccf9b0f0e227/1/gmAVLt1HazFwhARFKVhhW2Xdywo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:ad:0c:d1:97:bb:a7:9e:a5:12:b3:16:d3:4d:ec:45:c0:d0:
22:63:50:5a:ac:d7:d0:57:a8:1d:24:fc:cc:ba:97:fc:bb:de:
88:80:f7:03:02:a6:93:9e:b3:1a:12:27:a7:fd:9a:50:42:06:
3d:75:0b:69:43:1d:73:bb:74:7b:e5:5a:10:c3:4c:32:90:55:
cd:9f:94:73:b0:32:fa:fe:77:55:6e:33:5b:ef:df:2d:80:eb:
80:4c:ee:ad:06:c3:7f:53:69:0f:a9:46:01:4b:c9:c0:37:88:
25:a8:c1:db:58:37:2d:36:0f:58:12:c9:7b:dd:26:ea:a6:21:
3c:2b:15:09:6d:b9:0a:db:2f:64:03:48:d3:6f:d6:13:ab:88:
07:5e:51:37:03:bb:af:6d:d8:6d:3b:02:65:a8:26:f6:e6:8d:
92:03:b4:75:f7:3f:f4:54:05:4e:12:87:22:22:6b:4d:0a:fb:
4b:3a:fc:e6:b9:24:f4:7b:06:04:bb:8f:51:e9:49:3d:bf:5d:
d7:78:0f:a1:ac:67:ea:56:44:bd:0e:4e:d1:0b:86:09:d6:14:
2a:e7:41:b5:df:52:10:aa:96:f8:d6:47:75:52:fa:55:75:96:
57:d7:c2:a5:62:96:b0:40:6e:45:f9:6f:42:f1:c5:80:b0:a5:
2b:5d:94:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbeVPzowakOda/6GW2wM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjAxNTJlZGQ0NzZiMzE3MDg0MDQ0NTI5NTg2MTViNjVk
ZGNiMGEwHhcNMjUxMTExMDEwMDQxWhcNMjUxMTEyMDEwMDQxWjAzMTEwLwYDVQQD
Eyg3YjMzOTVjOTFiM2RhNzBmNTdhN2NkZGViM2ZlMGY5NjlkMjc2ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0VXPWeaDvCNXsWJxLGZxdldeJqb
KKaqcrIsI2XGgQKS4rK0q8fq2+CUcKiI51gdowWf+fHxIZXNo13p8u/Xd6xsfmhS
jFyyn3mNkjUVBfP8OwBWiIm9efKiDMnnSkmsTzqqrHVKMBXEhbebCh07/e2ZMu5D
Vqsg/i/G+Y95DReHRYC45ptj3BUB7ReNIF30iO3V1HyhTd8zqbywtwsil37CKGR4
EG0YapSBLrcP27Um+z2V9RFaaYHbW46tDB3mrGEmjnnYlnT9Co7piND/rWNXJGcE
rmA86gGcnlI/uAXvRmGkL4cZofEBdWz7SvdIpHKI5leJOZSTaqp2I07J/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHszlckbPacPV6fN3rP+D5adJ28vMB8GA1UdIwQY
MBaAFIJgFS7dR2sxcIQERSlYYVtl3csKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80OWY0MGMtNTQ0OC00MjE3LTk1NmYt
Y2NmOWIwZjBlMjI3LzEvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80OWY0MGMtNTQ0OC00MjE3LTk1NmYtY2NmOWIwZjBlMjI3
LzEvZ21BVkx0MUhhekZ3aEFSRktWaGhXMlhkeXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp60M0Ze7
p56lErMW003sRcDQImNQWqzX0FeoHST8zLqX/LveiID3AwKmk56zGhInp/2aUEIG
PXULaUMdc7t0e+VaEMNMMpBVzZ+Uc7Ay+v53VW4zW+/fLYDrgEzurQbDf1NpD6lG
AUvJwDeIJajB21g3LTYPWBLJe90m6qYhPCsVCW25CtsvZANI02/WE6uIB15RNwO7
r23YbTsCZagm9uaNkgO0dfc/9FQFThKHIiJrTQr7Szr85rkk9HsGBLuPUelJPb9d
13gPoaxn6lZEvQ5O0QuGCdYUKudBtd9SEKqW+NZHdVL6VXWWV9fCpWKWsEBuRflv
QvHFgLClK12UsA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:21 2025 by rpki-client