Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
File: AA0P7izVZpZcoI21UGY8sgtBI0M.mft (raw, json)
Hash identifier: kDwJDJ+PsPmRBk5LZF1bOa07tVsU+9edMG0yvQZTXGM=
Subject key identifier: 47:96:18:F3:7B:2A:1F:29:EB:3F:76:68:9B:6D:23:1F:13:8D:68:4D
Authority key identifier: 00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
Certificate issuer: /CN=000d0fee2cd566965ca08db550663cb20b412343
Certificate serial: 019A70A56E86A4698131FA324112DC5EE894
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
Manifest number: 0CE9
Signing time: Tue 11 Nov 2025 02:01:21 +0000
Manifest this update: Tue 11 Nov 2025 02:01:21 +0000
Manifest next update: Wed 12 Nov 2025 02:01:21 +0000
Files and hashes: 1: AA0P7izVZpZcoI21UGY8sgtBI0M.crl (hash: DXspdj4duOePIktWrHACuYT1bFzstSNW1brO2dNSHqs=)
2: c2eVtCtVjsi6i3vPHgLATuNVfoM.roa (hash: tozwRqmwgoJZSoOdc4bKHZ1xB9xQYRcf64jJhmtl4S4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:6e:86:a4:69:81:31:fa:32:41:12:dc:5e:e8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=000d0fee2cd566965ca08db550663cb20b412343
Validity
Not Before: Nov 11 02:01:21 2025 GMT
Not After : Nov 12 02:01:21 2025 GMT
Subject: CN=479618f37b2a1f29eb3f76689b6d231f138d684d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:39:7f:e9:47:87:98:db:82:cd:72:3f:ac:2c:
5e:1c:e5:cd:8c:18:13:30:cd:e3:47:80:87:ea:62:
86:44:c5:55:8f:63:7d:24:5e:5a:a3:ce:c9:b9:aa:
25:39:4b:0d:87:ab:02:c6:4d:f7:7e:f3:1a:fe:97:
f2:81:d3:3c:83:e9:b6:f4:e5:1e:42:b5:47:e6:07:
49:96:ea:58:d1:9a:22:a0:77:5e:bc:cf:c6:b6:28:
b6:e4:3b:06:5e:31:6d:80:fa:ff:cd:dc:f4:e7:8e:
ea:ad:e4:60:d1:6c:67:f6:60:96:34:02:1d:86:1a:
53:92:f3:e8:41:c2:fe:54:ab:1a:9d:d7:69:ad:71:
d6:44:f3:f5:f1:d8:ae:d1:93:af:51:98:c9:93:d7:
34:a6:e8:69:89:cd:4d:2e:25:ba:74:03:6e:6f:c1:
55:52:ad:b6:41:45:de:84:ed:1a:2f:5e:0b:90:d7:
bf:0c:82:ff:72:2b:4f:94:32:80:c0:71:ce:b3:b6:
78:59:86:50:89:64:3b:74:78:16:40:be:b6:34:11:
99:a8:66:c1:4a:eb:21:bc:99:be:30:ae:e2:03:d5:
0f:ed:d3:ac:f6:20:f1:50:57:5d:29:b4:86:ff:bb:
66:98:52:ea:ff:13:3c:c4:69:58:c6:68:13:22:69:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:96:18:F3:7B:2A:1F:29:EB:3F:76:68:9B:6D:23:1F:13:8D:68:4D
X509v3 Authority Key Identifier:
keyid:00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:23:cc:7f:e7:b4:eb:3f:51:7b:a3:10:e2:b1:30:68:03:aa:
7a:f7:19:dc:20:2f:e4:78:a6:d3:5f:c1:d0:cf:e2:f0:73:4c:
79:e6:88:04:ca:20:6e:1d:b5:6d:9d:ce:93:78:47:9e:bb:d7:
0c:28:0e:88:9d:a9:37:91:54:43:45:76:51:c6:02:fe:4b:c5:
a5:24:4c:93:fe:ad:b2:f6:54:33:66:77:ea:e0:c3:7f:19:69:
05:47:6d:f9:d9:38:22:f9:d7:10:ac:5e:3e:1a:21:7e:e5:83:
4e:ba:97:3d:5e:f0:32:23:16:97:f4:58:d1:1a:4f:85:a3:fc:
22:b4:12:b5:9d:55:2e:28:0b:3f:56:c0:59:54:43:46:9b:d7:
ed:a1:86:0d:c9:90:44:36:4b:b9:dd:54:c0:d5:bb:2e:06:28:
9c:46:02:8e:36:6e:cf:0a:42:34:34:ee:ea:30:45:56:3e:59:
23:de:4c:9c:0a:d8:70:9c:cd:5c:20:b6:be:47:2a:81:33:a6:
c3:68:45:b0:0d:11:94:bc:5e:0b:31:4d:ab:ce:2e:a3:9e:a1:
14:28:0f:a3:67:35:a2:2f:b9:77:6e:ca:a6:8e:51:7b:eb:1f:
0d:a1:2f:f0:67:0c:90:bc:3e:89:86:8b:d2:32:4e:c7:71:cd:
41:a4:2e:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpW6GpGmBMfoyQRLcXuiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMGQwZmVlMmNkNTY2OTY1Y2EwOGRiNTUwNjYzY2IyMGI0
MTIzNDMwHhcNMjUxMTExMDIwMTIxWhcNMjUxMTEyMDIwMTIxWjAzMTEwLwYDVQQD
Eyg0Nzk2MThmMzdiMmExZjI5ZWIzZjc2Njg5YjZkMjMxZjEzOGQ2ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Tl/6UeHmNuCzXI/rCxeHOXNjBgT
MM3jR4CH6mKGRMVVj2N9JF5ao87JuaolOUsNh6sCxk33fvMa/pfygdM8g+m29OUe
QrVH5gdJlupY0ZoioHdevM/Gtii25DsGXjFtgPr/zdz0547qreRg0Wxn9mCWNAId
hhpTkvPoQcL+VKsanddprXHWRPP18diu0ZOvUZjJk9c0puhpic1NLiW6dANub8FV
Uq22QUXehO0aL14LkNe/DIL/citPlDKAwHHOs7Z4WYZQiWQ7dHgWQL62NBGZqGbB
SushvJm+MK7iA9UP7dOs9iDxUFddKbSG/7tmmFLq/xM8xGlYxmgTImmwYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeWGPN7Kh8p6z92aJttIx8TjWhNMB8GA1UdIwQY
MBaAFAAND+4s1WaWXKCNtVBmPLILQSNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9lNmZlMDktYzIyZC00NWI3LWE1OTkt
Yjk0MWJhOTIxYjNmLzEvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9lNmZlMDktYzIyZC00NWI3LWE1OTktYjk0MWJhOTIxYjNm
LzEvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSPMf+e0
6z9Re6MQ4rEwaAOqevcZ3CAv5Him01/B0M/i8HNMeeaIBMogbh21bZ3Ok3hHnrvX
DCgOiJ2pN5FUQ0V2UcYC/kvFpSRMk/6tsvZUM2Z36uDDfxlpBUdt+dk4IvnXEKxe
PhohfuWDTrqXPV7wMiMWl/RY0RpPhaP8IrQStZ1VLigLP1bAWVRDRpvX7aGGDcmQ
RDZLud1UwNW7LgYonEYCjjZuzwpCNDTu6jBFVj5ZI95MnArYcJzNXCC2vkcqgTOm
w2hFsA0RlLxeCzFNq84uo56hFCgPo2c1oi+5d27Kpo5Re+sfDaEv8GcMkLw+iYaL
0jJOx3HNQaQu/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:14 2025 by rpki-client