Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft
File: aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft (raw, json)
Hash identifier: CuxK1ww8a5NPsFQPgDfQYCPTpWalLMR2VGj+PniTMvo=
Subject key identifier: E4:29:62:E4:83:9B:96:56:72:B7:C6:94:42:9A:14:4E:CC:52:E6:65
Authority key identifier: 69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41
Certificate issuer: /CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41
Certificate serial: 019A725C4CAEBBA0AD461C25539DEFE0F5CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft
Manifest number: 0758
Signing time: Tue 11 Nov 2025 10:00:42 +0000
Manifest this update: Tue 11 Nov 2025 10:00:42 +0000
Manifest next update: Wed 12 Nov 2025 10:00:42 +0000
Files and hashes: 1: WhLENsO2y4UEzkuswA1wx41c4K4.roa (hash: qqWz2hpUFCfdOvnndjkfI9tgPQ2D7KLxkWgnxyi1reI=)
2: aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl (hash: u715qkno8MOT/IzGdn3VPffZSyfpd8udghtgjz4wyfo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:4c:ae:bb:a0:ad:46:1c:25:53:9d:ef:e0:f5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41
Validity
Not Before: Nov 11 10:00:42 2025 GMT
Not After : Nov 12 10:00:42 2025 GMT
Subject: CN=e42962e4839b965672b7c694429a144ecc52e665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:43:c7:18:eb:b8:47:62:25:98:36:e5:94:2b:
4d:bd:69:1d:1f:af:dd:21:a6:69:14:e5:a9:25:0b:
7c:13:4f:1a:24:bc:84:23:23:38:02:0c:b6:3a:51:
6a:7c:ce:f4:ae:ff:7b:ab:94:cd:b7:79:36:56:c0:
a2:5f:da:2c:37:0e:8d:df:a8:e2:9c:6b:c4:f3:c6:
4a:51:e1:d6:c4:81:bb:bd:08:b7:b6:64:ac:94:55:
5d:0c:97:9e:f3:ee:c0:9f:50:d6:b8:a3:bc:7c:b8:
ba:05:02:df:f2:bf:09:56:c0:9b:72:49:8b:2a:58:
bb:0b:7c:ac:08:0f:75:33:ad:01:3c:6a:3b:df:24:
81:8f:ee:0c:56:01:35:82:ae:c9:21:4a:4c:f8:13:
f0:4e:c8:8d:b5:f3:81:f3:44:25:df:fb:10:1a:3c:
72:63:7d:49:8c:47:f5:f5:9e:7c:0f:3e:bc:e5:6c:
bd:5e:98:73:3e:0d:87:21:7f:5b:c5:fc:3e:8f:49:
c7:30:a4:19:e7:1c:85:86:4f:b3:a4:80:f7:9b:50:
1c:f9:36:3b:7d:98:c9:80:55:b8:24:ba:37:54:76:
2d:4f:c4:47:37:8e:f1:89:9f:69:90:2c:1b:0a:80:
16:6e:75:4c:15:6b:98:6a:9c:b5:b4:8e:30:be:3d:
ab:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:29:62:E4:83:9B:96:56:72:B7:C6:94:42:9A:14:4E:CC:52:E6:65
X509v3 Authority Key Identifier:
keyid:69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:95:f2:d9:4f:99:2a:0a:a7:e1:fb:1b:07:3f:cb:1d:28:42:
6b:e8:2c:39:a8:6a:0d:bf:2c:ca:f5:57:40:d7:6e:02:7a:e3:
d8:06:09:98:89:18:97:ae:80:3f:63:e1:96:02:0e:c2:72:65:
7a:e5:93:28:0d:d1:d6:3a:b5:08:c3:55:b1:7c:0f:6c:36:ca:
48:9e:d7:49:51:c0:f4:0c:6a:ee:f7:5b:a5:70:45:51:0c:a8:
02:87:dc:57:cb:84:08:30:06:f7:e0:62:10:a0:a0:7b:53:b4:
25:f6:60:ac:6d:c6:04:dc:40:1d:8d:b6:7f:32:2f:b4:49:ce:
f8:54:49:37:88:27:62:01:75:18:5e:ff:ad:9e:02:07:75:b8:
d5:34:fc:12:4b:4e:3d:b0:06:5b:67:d7:3b:de:c8:30:8b:05:
9c:66:b9:d6:27:c4:3a:70:43:53:1a:53:5d:6a:a9:1a:03:dd:
70:86:a1:30:bb:4b:2a:4b:fb:f1:8b:e3:2f:cf:ce:93:5c:8f:
2f:b3:b6:01:cf:ae:40:64:9b:be:57:3d:4d:3b:a5:f7:70:3d:
0e:05:3f:f0:a7:b3:95:3d:ec:ea:2e:4f:8f:71:e9:10:37:78:
d3:e5:d4:c0:6f:08:db:68:74:77:45:63:25:9e:aa:a6:41:e3:
37:18:9d:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEyuu6CtRhwlU53v4PXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODI5YjQ0OGFkOGY5NjNhMGVjZmY4YjIyMTZjYTljZTlj
ZTZmNDEwHhcNMjUxMTExMTAwMDQyWhcNMjUxMTEyMTAwMDQyWjAzMTEwLwYDVQQD
EyhlNDI5NjJlNDgzOWI5NjU2NzJiN2M2OTQ0MjlhMTQ0ZWNjNTJlNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUPHGOu4R2IlmDbllCtNvWkdH6/d
IaZpFOWpJQt8E08aJLyEIyM4Agy2OlFqfM70rv97q5TNt3k2VsCiX9osNw6N36ji
nGvE88ZKUeHWxIG7vQi3tmSslFVdDJee8+7An1DWuKO8fLi6BQLf8r8JVsCbckmL
Kli7C3ysCA91M60BPGo73ySBj+4MVgE1gq7JIUpM+BPwTsiNtfOB80Ql3/sQGjxy
Y31JjEf19Z58Dz685Wy9XphzPg2HIX9bxfw+j0nHMKQZ5xyFhk+zpID3m1Ac+TY7
fZjJgFW4JLo3VHYtT8RHN47xiZ9pkCwbCoAWbnVMFWuYapy1tI4wvj2rzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQpYuSDm5ZWcrfGlEKaFE7MUuZlMB8GA1UdIwQY
MBaAFGmCm0SK2PljoOz/iyIWypzpzm9BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMt
ZTc2YjU0NDY2NjU0LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMtZTc2YjU0NDY2NjU0
LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX5Xy2U+Z
Kgqn4fsbBz/LHShCa+gsOahqDb8syvVXQNduAnrj2AYJmIkYl66AP2PhlgIOwnJl
euWTKA3R1jq1CMNVsXwPbDbKSJ7XSVHA9Axq7vdbpXBFUQyoAofcV8uECDAG9+Bi
EKCge1O0JfZgrG3GBNxAHY22fzIvtEnO+FRJN4gnYgF1GF7/rZ4CB3W41TT8EktO
PbAGW2fXO97IMIsFnGa51ifEOnBDUxpTXWqpGgPdcIahMLtLKkv78YvjL8/Ok1yP
L7O2Ac+uQGSbvlc9TTul93A9DgU/8KezlT3s6i5Pj3HpEDd40+XUwG8I22h0d0Vj
JZ6qpkHjNxidXg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:06 2025 by rpki-client