Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json)
Hash identifier: DMp4FfxE0hLMI+BOztX1C81zLlu2PURsFbewBQCZkXo=
Subject key identifier: 81:97:28:D3:29:07:25:6C:32:27:5F:9D:5D:34:70:F1:DD:12:50:A9
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019A72CA4AD592E42CF2EF834230FEE8F2A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
Manifest number: 143A
Signing time: Tue 11 Nov 2025 12:00:51 +0000
Manifest this update: Tue 11 Nov 2025 12:00:51 +0000
Manifest next update: Wed 12 Nov 2025 12:00:51 +0000
Files and hashes: 1: CcO4X5owbp8OTsQUAi4Se0U0bGo.roa (hash: Rjhil4a1bZ7IivISF1+emC+myyX4/SSXPPEDg9r6bJ4=)
2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: f0iKVIY9NnM+0FnV2+mzLkLSZULfM/Bmsvkv3Vh86F8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:4a:d5:92:e4:2c:f2:ef:83:42:30:fe:e8:f2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Nov 11 12:00:51 2025 GMT
Not After : Nov 12 12:00:51 2025 GMT
Subject: CN=819728d32907256c32275f9d5d3470f1dd1250a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:b0:e0:72:2a:72:9f:8c:00:00:24:7e:16:
5c:4f:1f:d8:24:1b:c8:7d:01:e8:a4:a7:e1:df:6e:
41:1e:7a:d3:14:cc:4a:c0:14:51:2f:b0:b7:93:50:
35:08:ac:a9:c3:c2:ed:53:b6:eb:8e:71:72:c7:7a:
d2:fa:ba:bd:d0:88:30:bc:02:93:3e:ee:a5:6c:ff:
77:42:ba:f2:6f:91:6e:2b:2f:74:0f:e4:90:bc:41:
27:81:eb:0d:1a:c1:0c:77:9d:c8:d6:a7:8b:8a:a8:
0b:aa:6b:19:30:02:ea:5a:a2:34:58:f2:5a:e5:9a:
51:20:4a:58:cf:9d:bc:95:c2:e6:c0:90:de:16:2e:
7d:97:45:8e:1a:44:95:66:d7:16:28:04:f6:b4:43:
1b:76:0d:b0:73:41:e0:54:75:12:b6:5b:a5:fb:e3:
c8:80:e0:fc:81:be:ac:b7:3b:29:a3:62:10:5a:ec:
bf:92:c3:21:97:8b:4d:b0:40:d2:3c:66:4f:e2:d0:
66:96:89:1c:d2:8c:e5:18:9f:e8:27:44:25:2f:ca:
92:5b:d8:7a:cc:26:f1:5a:b4:4e:fd:b5:cc:25:71:
2e:5b:fc:53:b9:6d:d4:88:3c:26:fa:37:d0:d4:44:
68:fa:8c:49:23:e7:37:54:ac:5a:7b:dd:f3:a2:70:
1e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:97:28:D3:29:07:25:6C:32:27:5F:9D:5D:34:70:F1:DD:12:50:A9
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:e2:2f:f0:37:fa:9a:bc:e6:bd:5e:05:75:a6:50:f2:18:27:
a0:2e:9a:7c:4c:6e:9f:7a:6f:0f:13:2c:cf:37:bc:aa:9b:d0:
e3:07:d8:6e:2e:0e:1f:27:0f:6c:ec:08:ba:28:13:16:0c:30:
1d:ca:e6:ba:46:96:70:ec:73:3e:02:89:0a:64:a7:b2:96:3d:
06:a5:08:08:5c:54:ac:e2:c3:0f:01:60:5f:7d:6d:81:65:d3:
de:af:ee:84:21:89:4e:1e:79:44:06:33:c9:b0:9c:ab:51:cd:
7d:8a:08:73:2c:e7:09:e7:a2:4e:62:c8:98:7f:88:00:65:0e:
a5:54:b3:c6:2c:8e:3f:ad:da:5b:0a:bf:4f:b8:1b:64:5e:6d:
d4:28:79:42:9a:85:bd:57:70:51:b1:3b:6d:b9:18:d2:96:5e:
e9:21:60:b1:86:0f:89:05:48:a1:a3:4d:7f:c6:97:40:ee:de:
92:e4:d1:84:c4:dc:8f:88:4b:c7:e4:04:03:33:6f:3b:cd:3d:
95:c6:a6:43:c1:e0:30:62:7f:87:f5:d7:c8:15:c3:72:46:03:
6a:26:b4:47:e1:16:d9:12:25:0e:b5:de:50:13:39:3b:a0:16:
d3:5f:68:83:12:32:2c:5b:2d:58:c3:63:b1:04:ce:c7:b8:7e:
c5:89:39:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykrVkuQs8u+DQjD+6PKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjUxMTExMTIwMDUxWhcNMjUxMTEyMTIwMDUxWjAzMTEwLwYDVQQD
Eyg4MTk3MjhkMzI5MDcyNTZjMzIyNzVmOWQ1ZDM0NzBmMWRkMTI1MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngiw4HIqcp+MAAAkfhZcTx/YJBvI
fQHopKfh325BHnrTFMxKwBRRL7C3k1A1CKypw8LtU7brjnFyx3rS+rq90IgwvAKT
Pu6lbP93Qrryb5FuKy90D+SQvEEngesNGsEMd53I1qeLiqgLqmsZMALqWqI0WPJa
5ZpRIEpYz528lcLmwJDeFi59l0WOGkSVZtcWKAT2tEMbdg2wc0HgVHUStlul++PI
gOD8gb6stzspo2IQWuy/ksMhl4tNsEDSPGZP4tBmlokc0ozlGJ/oJ0QlL8qSW9h6
zCbxWrRO/bXMJXEuW/xTuW3UiDwm+jfQ1ERo+oxJI+c3VKxae93zonAecQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGXKNMpByVsMidfnV00cPHdElCpMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl+Iv8Df6
mrzmvV4FdaZQ8hgnoC6afExun3pvDxMszze8qpvQ4wfYbi4OHycPbOwIuigTFgww
HcrmukaWcOxzPgKJCmSnspY9BqUICFxUrOLDDwFgX31tgWXT3q/uhCGJTh55RAYz
ybCcq1HNfYoIcyznCeeiTmLImH+IAGUOpVSzxiyOP63aWwq/T7gbZF5t1Ch5QpqF
vVdwUbE7bbkY0pZe6SFgsYYPiQVIoaNNf8aXQO7ekuTRhMTcj4hLx+QEAzNvO809
lcamQ8HgMGJ/h/XXyBXDckYDaia0R+EW2RIlDrXeUBM5O6AW019ogxIyLFstWMNj
sQTOx7h+xYk58w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:51 2025 by rpki-client