Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.mft
File: AIVd2JclbobaPL5plOlM4ulpryY.mft (raw, json)
Hash identifier: Gu15oK8hM2CmVIW7arO+e7Iuk3YnXm5nbVb/sXk5s1Q=
Subject key identifier: AD:A5:5F:02:FE:95:FF:F5:8A:1C:37:6D:EC:3D:E1:14:8E:50:47:AE
Authority key identifier: 00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
Certificate issuer: /CN=00855dd897256e86da3cbe6994e94ce2e969af26
Certificate serial: 019A7226703A6498F754D80FA7BEF9E1C90B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:52 +0000
Manifest this update: Tue 11 Nov 2025 09:01:52 +0000
Manifest next update: Wed 12 Nov 2025 09:01:52 +0000
Files and hashes: 1: AIVd2JclbobaPL5plOlM4ulpryY.crl (hash: MD1bIn79uZCTjEbdWdwghin1yvRq0ijYnYClcTGTrM4=)
2: MgGDvxLOtMPwXMbYQuh7K6Nu5E0.roa (hash: R8z9BxbXd7Dke2ejYNt/dzLTxcDWFrg7+4k/8QPKV/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:70:3a:64:98:f7:54:d8:0f:a7:be:f9:e1:c9:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00855dd897256e86da3cbe6994e94ce2e969af26
Validity
Not Before: Nov 11 09:01:52 2025 GMT
Not After : Nov 12 09:01:52 2025 GMT
Subject: CN=ada55f02fe95fff58a1c376dec3de1148e5047ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c6:75:e0:bb:d9:3d:c7:07:45:2a:32:2b:d4:
a6:5b:51:78:ce:d4:8e:be:e1:4f:ab:af:1d:17:78:
da:ef:95:e4:ae:b7:44:3b:2e:a0:75:40:83:2a:36:
d4:4d:52:e3:7c:d6:5d:62:82:40:99:ad:8b:c9:26:
1c:fa:65:c0:cf:46:c9:98:08:b9:07:bd:a4:67:98:
8b:50:e2:b3:fb:23:9c:d9:3d:66:3e:e9:3b:2a:b7:
d8:6f:77:82:f6:fb:e0:67:96:3f:43:d0:2b:86:06:
94:97:94:8f:3b:57:d6:7a:3e:5d:87:a0:7d:de:57:
80:8e:4e:70:2a:dc:c3:c8:62:1a:3b:b6:25:ae:8b:
01:32:a7:82:3c:04:1d:1c:88:bb:7b:7d:7f:96:2e:
33:8f:b4:36:dc:07:e7:94:18:92:69:bb:72:a6:45:
a1:3d:c4:24:2a:4f:37:8a:75:0a:84:95:62:26:80:
b7:90:44:6c:5e:dc:49:c9:7d:b6:43:63:10:f4:23:
df:24:c8:59:d2:24:0a:3c:44:7a:f0:ab:87:1a:b4:
ed:06:33:cf:a0:51:34:52:6b:09:dc:b7:15:cf:a0:
4b:d1:a4:e4:86:7c:93:3e:b0:c8:35:0f:af:a7:55:
24:10:d8:29:e8:9f:13:bf:ea:a5:35:30:48:fe:87:
21:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A5:5F:02:FE:95:FF:F5:8A:1C:37:6D:EC:3D:E1:14:8E:50:47:AE
X509v3 Authority Key Identifier:
keyid:00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:f4:38:64:ca:60:be:d4:b6:f9:41:9f:50:89:0c:95:31:90:
96:f8:cb:22:67:9a:b2:7b:66:d3:3e:e7:10:72:e8:dd:1e:28:
6c:62:a3:b2:ec:1d:31:4f:91:03:c6:98:5d:01:9f:de:6f:2a:
44:d0:1f:39:54:9b:04:16:9f:3d:1a:01:8c:54:19:2d:1d:2f:
e1:f4:2a:25:00:1a:7f:8e:97:ef:62:a3:d9:2a:58:eb:38:e0:
79:fb:cc:15:1d:5b:62:2b:26:b8:8b:6b:e6:4d:7b:bd:3e:65:
9c:75:59:51:2e:6b:68:73:53:4d:e5:63:b2:28:3d:67:a9:70:
71:31:4b:13:a0:f6:e9:30:29:f4:f5:68:a0:c0:3a:4d:95:2c:
ee:81:52:16:07:d0:91:2f:7e:0c:12:c2:ed:97:8d:6b:2a:fc:
5a:cf:0e:5b:7d:44:4e:1a:d5:b9:ba:bd:2a:b0:eb:6c:e2:c3:
52:a8:6b:41:6a:06:7f:b0:43:1b:cf:c0:55:22:2e:cd:87:26:
2d:ca:5a:39:05:83:5c:19:32:92:d0:b5:05:07:f6:c0:fa:2a:
2f:87:df:0a:01:a5:e2:a7:9d:95:65:7f:12:4c:0f:ad:ff:1c:
98:5e:db:49:3b:c7:60:fd:c7:1c:12:7c:b7:72:95:1b:56:42:
f9:c9:8e:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJnA6ZJj3VNgPp7754ckLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODU1ZGQ4OTcyNTZlODZkYTNjYmU2OTk0ZTk0Y2UyZTk2
OWFmMjYwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EyhhZGE1NWYwMmZlOTVmZmY1OGExYzM3NmRlYzNkZTExNDhlNTA0N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMZ14LvZPccHRSoyK9SmW1F4ztSO
vuFPq68dF3ja75XkrrdEOy6gdUCDKjbUTVLjfNZdYoJAma2LySYc+mXAz0bJmAi5
B72kZ5iLUOKz+yOc2T1mPuk7KrfYb3eC9vvgZ5Y/Q9ArhgaUl5SPO1fWej5dh6B9
3leAjk5wKtzDyGIaO7YlrosBMqeCPAQdHIi7e31/li4zj7Q23AfnlBiSabtypkWh
PcQkKk83inUKhJViJoC3kERsXtxJyX22Q2MQ9CPfJMhZ0iQKPER68KuHGrTtBjPP
oFE0UmsJ3LcVz6BL0aTkhnyTPrDINQ+vp1UkENgp6J8Tv+qlNTBI/och2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2lXwL+lf/1ihw3bew94RSOUEeuMB8GA1UdIwQY
MBaAFACFXdiXJW6G2jy+aZTpTOLpaa8mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUlWZDJKY2xib2JhUEw1cGxPbE00dWxwcnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZmMzOTUtOThiYy00YWVkLTkzOWUt
ODg2ZjY2YmI2ZWU4LzEvQUlWZDJKY2xib2JhUEw1cGxPbE00dWxwcnlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZmMzOTUtOThiYy00YWVkLTkzOWUtODg2ZjY2YmI2ZWU4
LzEvQUlWZDJKY2xib2JhUEw1cGxPbE00dWxwcnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwvQ4ZMpg
vtS2+UGfUIkMlTGQlvjLImeasntm0z7nEHLo3R4obGKjsuwdMU+RA8aYXQGf3m8q
RNAfOVSbBBafPRoBjFQZLR0v4fQqJQAaf46X72Kj2SpY6zjgefvMFR1bYismuItr
5k17vT5lnHVZUS5raHNTTeVjsig9Z6lwcTFLE6D26TAp9PVooMA6TZUs7oFSFgfQ
kS9+DBLC7ZeNayr8Ws8OW31EThrVubq9KrDrbOLDUqhrQWoGf7BDG8/AVSIuzYcm
LcpaOQWDXBkyktC1BQf2wPoqL4ffCgGl4qedlWV/EkwPrf8cmF7bSTvHYP3HHBJ8
t3KVG1ZC+cmOzw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:24 2025 by rpki-client