Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: sygwdaPu+dOdLzx36qJSWhdsSBKlfX2vQFbOn9C/sNc=
Subject key identifier: C6:4C:3C:78:94:E1:60:83:8C:D9:E2:91:6F:1F:92:14:C6:C9:42:60
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 019A70DC1DE338A5ED08C53D11F25EE88B15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 13B3
Signing time: Tue 11 Nov 2025 03:01:05 +0000
Manifest this update: Tue 11 Nov 2025 03:01:05 +0000
Manifest next update: Wed 12 Nov 2025 03:01:05 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: 9x/3U6lyGN8ktcRWJXFtusThjAxZ9r/zs+h6sqowuuE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:1d:e3:38:a5:ed:08:c5:3d:11:f2:5e:e8:8b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Nov 11 03:01:05 2025 GMT
Not After : Nov 12 03:01:05 2025 GMT
Subject: CN=c64c3c7894e160838cd9e2916f1f9214c6c94260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:65:33:d5:d3:9d:10:6e:d3:b1:cf:61:20:aa:
70:f2:84:77:fa:91:f1:b9:5d:ed:ac:36:8c:b4:77:
0a:ff:ea:d3:88:a4:04:f8:5c:83:51:1c:21:f7:8c:
a2:6d:d1:bb:a3:de:56:37:ee:19:ba:b3:b3:d9:7f:
e0:e5:e2:1f:01:df:ec:f5:d5:6f:02:25:93:46:b5:
93:94:39:49:b2:9c:d6:ca:4c:58:67:44:ed:d6:d7:
3a:fc:4b:e7:42:93:1b:85:7f:e2:b8:25:d4:84:bd:
1e:0c:27:3c:5f:c2:b6:d7:49:f8:13:70:c6:7d:7f:
d0:24:2c:06:46:40:86:7f:34:0f:37:e0:cf:da:a8:
63:53:7b:b0:11:f9:19:2e:df:66:29:2d:05:de:25:
08:e9:27:b4:5a:45:5f:e8:a2:f7:e4:6e:c6:26:6a:
f5:38:ac:6b:5e:b5:21:87:26:0d:97:f1:8c:97:0d:
1d:20:62:32:5e:82:3f:e2:4a:61:30:62:bc:94:56:
c2:64:a9:40:1e:e2:5f:fa:29:ac:d0:27:23:ea:ba:
90:39:f2:b6:9c:1c:3d:7b:f9:48:5a:c6:63:1f:3f:
55:79:9e:cf:0b:2c:e1:8b:89:14:aa:59:9e:40:c6:
77:c5:23:03:a2:bc:ee:b3:f0:32:33:9e:77:37:07:
62:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4C:3C:78:94:E1:60:83:8C:D9:E2:91:6F:1F:92:14:C6:C9:42:60
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:9d:ab:58:59:e7:3a:41:a8:4c:bb:59:c0:ff:d7:1f:51:62:
d9:66:80:da:48:6e:0a:71:32:a7:56:f6:49:4c:3c:f6:89:28:
74:98:dd:30:82:58:12:45:b3:c2:40:37:6e:75:d2:f6:81:3e:
a4:22:e8:a7:3e:3f:ed:29:a5:cf:41:43:ca:d6:e5:28:fa:7a:
c1:b1:68:f1:30:65:36:0b:09:55:ac:1e:c7:f8:7f:dd:28:35:
ba:b4:57:29:e1:83:e2:c9:07:4d:3a:d1:2a:0c:4c:8e:e4:41:
ee:da:69:ab:29:c4:c1:20:62:db:da:b1:cd:cb:0d:69:fd:d4:
6d:3c:5f:00:24:1d:1f:40:35:31:cb:b0:38:cf:40:07:c9:d8:
b0:b6:e8:71:b0:72:34:25:fc:d7:3d:ce:fe:bd:35:e0:f1:72:
d1:23:cb:26:1a:15:57:dd:de:3a:30:ce:16:00:94:77:38:bc:
9f:9f:9e:b7:44:f2:3b:46:a0:d6:bc:e4:8f:09:55:63:81:53:
66:de:77:78:3d:47:9f:b6:10:89:eb:06:9c:b5:29:73:06:bb:
4c:04:54:84:f5:a0:a8:81:eb:48:5a:98:c0:55:09:ea:c7:80:
fc:46:a6:b2:3d:a5:62:10:34:56:f8:36:1a:08:1f:1d:4d:c9:
d7:6d:a1:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3B3jOKXtCMU9EfJe6IsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUxMTExMDMwMTA1WhcNMjUxMTEyMDMwMTA1WjAzMTEwLwYDVQQD
EyhjNjRjM2M3ODk0ZTE2MDgzOGNkOWUyOTE2ZjFmOTIxNGM2Yzk0MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWUz1dOdEG7Tsc9hIKpw8oR3+pHx
uV3trDaMtHcK/+rTiKQE+FyDURwh94yibdG7o95WN+4ZurOz2X/g5eIfAd/s9dVv
AiWTRrWTlDlJspzWykxYZ0Tt1tc6/EvnQpMbhX/iuCXUhL0eDCc8X8K210n4E3DG
fX/QJCwGRkCGfzQPN+DP2qhjU3uwEfkZLt9mKS0F3iUI6Se0WkVf6KL35G7GJmr1
OKxrXrUhhyYNl/GMlw0dIGIyXoI/4kphMGK8lFbCZKlAHuJf+ims0Ccj6rqQOfK2
nBw9e/lIWsZjHz9VeZ7PCyzhi4kUqlmeQMZ3xSMDorzus/AyM553NwdiOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZMPHiU4WCDjNnikW8fkhTGyUJgMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG52rWFnn
OkGoTLtZwP/XH1Fi2WaA2khuCnEyp1b2SUw89okodJjdMIJYEkWzwkA3bnXS9oE+
pCLopz4/7Smlz0FDytblKPp6wbFo8TBlNgsJVawex/h/3Sg1urRXKeGD4skHTTrR
KgxMjuRB7tppqynEwSBi29qxzcsNaf3UbTxfACQdH0A1McuwOM9AB8nYsLbocbBy
NCX81z3O/r014PFy0SPLJhoVV93eOjDOFgCUdzi8n5+et0TyO0ag1rzkjwlVY4FT
Zt53eD1Hn7YQiesGnLUpcwa7TARUhPWgqIHrSFqYwFUJ6seA/Eamsj2lYhA0Vvg2
GggfHU3J122hjw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:30 2025 by rpki-client