Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
File: FAa0-f1RaOt3gegksUU-mfXmVTw.mft (raw, json)
Hash identifier: 4RHeKngQVjLC63Cf4Lwp/V0PdMgCcKyZVUHWQaSx4tA=
Subject key identifier: 1A:FC:13:37:80:18:F7:DF:B4:11:99:8B:60:74:26:85:1C:28:33:1F
Authority key identifier: 14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
Certificate issuer: /CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Certificate serial: 019A714A173307FE4C98CE11DD8CD70767B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 05:01:11 +0000
Manifest this update: Tue 11 Nov 2025 05:01:11 +0000
Manifest next update: Wed 12 Nov 2025 05:01:11 +0000
Files and hashes: 1: FAa0-f1RaOt3gegksUU-mfXmVTw.crl (hash: xulNP2nan3IGnvtvpcX3Zz2RUGVIpWMjhtdciARzibc=)
2: c3go-15xGcBaQkyMFCkLYeR3zYQ.roa (hash: 4H2iOu8gLLffNi536xCsuCivAwnItfPi2vTZ/W207ew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:17:33:07:fe:4c:98:ce:11:dd:8c:d7:07:67:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Validity
Not Before: Nov 11 05:01:11 2025 GMT
Not After : Nov 12 05:01:11 2025 GMT
Subject: CN=1afc13378018f7dfb411998b607426851c28331f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:6a:2e:92:d8:52:b2:ac:7f:8a:b0:5b:bc:
80:9f:d6:47:de:91:f1:45:f2:be:57:73:9b:2e:54:
0a:c5:63:04:dd:ef:bf:d5:57:c7:ea:2b:24:88:2b:
25:b4:52:9c:00:a2:97:d2:f9:bf:a8:43:e6:ff:67:
9b:33:29:cf:82:99:03:f6:c7:0d:61:39:fc:f9:f9:
ee:24:11:15:86:59:b7:c5:df:ae:28:07:74:60:c8:
f5:14:cc:48:c9:d5:ea:86:81:f9:35:d3:36:0c:28:
fe:8a:72:bf:fd:57:d2:24:7e:91:ac:bf:9f:aa:22:
d1:09:24:44:aa:19:6c:3c:8e:ad:68:c2:09:51:4a:
de:73:e3:5d:eb:bb:ad:1e:e5:12:2f:eb:d3:fe:db:
60:b8:45:e6:6d:6f:13:d0:26:bb:fd:9e:35:69:bb:
64:97:b7:4d:18:26:25:42:de:f5:43:77:e7:65:81:
b1:0a:62:51:1b:20:80:4d:20:e4:a8:32:61:a9:e5:
71:d9:9f:f6:a8:2e:35:69:81:8e:65:ca:ad:8f:e5:
16:4d:ba:df:fb:61:cc:68:8f:5e:d1:10:f0:15:06:
1e:50:fb:6d:02:52:6c:0b:80:8c:74:10:f7:6b:94:
43:d8:41:dd:ba:52:24:33:7c:1b:9b:85:2b:28:56:
03:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FC:13:37:80:18:F7:DF:B4:11:99:8B:60:74:26:85:1C:28:33:1F
X509v3 Authority Key Identifier:
keyid:14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:62:f8:1a:55:a1:26:fb:3a:34:45:16:70:77:0b:b9:85:2f:
87:19:53:d8:2d:2b:38:69:98:59:f1:49:54:0f:60:7a:c2:61:
be:3c:40:4a:8f:11:69:62:ff:ad:3c:81:8b:66:c9:81:0f:02:
8d:0f:b3:cd:0f:59:63:5a:3a:01:f6:87:81:77:ac:88:99:4b:
41:e4:45:c0:49:a6:0c:33:35:30:fc:04:f0:26:28:0c:04:2c:
5a:93:4a:2f:14:19:82:db:ef:d7:5e:b2:ed:9b:34:bb:4a:31:
43:d6:63:78:33:5b:ef:03:79:21:11:9f:ff:69:0a:aa:73:c5:
ca:aa:d3:17:2f:01:59:55:79:d3:41:07:8a:68:a9:28:1e:f3:
19:c8:df:cf:d4:f0:44:dd:79:9e:5e:b2:84:fc:50:0c:10:c0:
e7:92:fb:5e:2c:8e:cd:4f:fb:8e:18:f8:2f:96:a5:0f:e8:7b:
fc:e1:49:8b:0e:4d:0b:39:2c:8a:0b:8a:7d:55:7b:eb:80:38:
ee:6a:27:2c:19:25:51:4d:dc:46:13:15:00:87:0a:d6:4c:c2:
5e:17:55:34:69:60:54:e1:0d:7c:ce:b2:2f:aa:7f:cc:f5:4b:
db:b7:69:d9:1e:10:57:fb:81:17:50:71:77:a0:1f:ce:56:81:
4a:c9:f1:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShczB/5MmM4R3YzXB2e1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDZiNGY5ZmQ1MTY4ZWI3NzgxZTgyNGIxNDUzZTk5ZjVl
NjU1M2MwHhcNMjUxMTExMDUwMTExWhcNMjUxMTEyMDUwMTExWjAzMTEwLwYDVQQD
EygxYWZjMTMzNzgwMThmN2RmYjQxMTk5OGI2MDc0MjY4NTFjMjgzMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKVqLpLYUrKsf4qwW7yAn9ZH3pHx
RfK+V3ObLlQKxWME3e+/1VfH6iskiCsltFKcAKKX0vm/qEPm/2ebMynPgpkD9scN
YTn8+fnuJBEVhlm3xd+uKAd0YMj1FMxIydXqhoH5NdM2DCj+inK//VfSJH6RrL+f
qiLRCSREqhlsPI6taMIJUUrec+Nd67utHuUSL+vT/ttguEXmbW8T0Ca7/Z41abtk
l7dNGCYlQt71Q3fnZYGxCmJRGyCATSDkqDJhqeVx2Z/2qC41aYGOZcqtj+UWTbrf
+2HMaI9e0RDwFQYeUPttAlJsC4CMdBD3a5RD2EHdulIkM3wbm4UrKFYDOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBr8EzeAGPfftBGZi2B0JoUcKDMfMB8GA1UdIwQY
MBaAFBQGtPn9UWjrd4HoJLFFPpn15lU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAt
YzE2MTI0NmM4MjVhLzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAtYzE2MTI0NmM4MjVh
LzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZGL4GlWh
Jvs6NEUWcHcLuYUvhxlT2C0rOGmYWfFJVA9gesJhvjxASo8RaWL/rTyBi2bJgQ8C
jQ+zzQ9ZY1o6AfaHgXesiJlLQeRFwEmmDDM1MPwE8CYoDAQsWpNKLxQZgtvv116y
7Zs0u0oxQ9ZjeDNb7wN5IRGf/2kKqnPFyqrTFy8BWVV500EHimipKB7zGcjfz9Tw
RN15nl6yhPxQDBDA55L7XiyOzU/7jhj4L5alD+h7/OFJiw5NCzksiguKfVV764A4
7monLBklUU3cRhMVAIcK1kzCXhdVNGlgVOENfM6yL6p/zPVL27dp2R4QV/uBF1Bx
d6AfzlaBSsnxwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:54:33 2025 by rpki-client