Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
File: aOi66pXUBANI8KiexOS9FSdfbDk.mft (raw, json)
Hash identifier: KsrwLmunSQpbGvdyd0kT4CDextKNJM0zem3qxDvGPv4=
Subject key identifier: 12:75:D9:96:A8:79:5A:E7:1A:04:AE:73:18:8D:BF:85:7C:ED:F1:6C
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 019A71134C54796198637063A168A6B74C88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 04:01:21 +0000
Manifest this update: Tue 11 Nov 2025 04:01:21 +0000
Manifest next update: Wed 12 Nov 2025 04:01:21 +0000
Files and hashes: 1: G3jkppDUZ7UShIbg3wj67wwITjQ.roa (hash: IM9aMDCOjn2pDhh5r2plZvteAbzhdwZ0L/lTf4RJayk=)
2: Tz1CIM1JoghruWTN6nGpazj8zTs.roa (hash: VV/wpFoAA0PEYjeaECSEYgoe19Q1uDYWZTbwDnhLY+0=)
3: aOi66pXUBANI8KiexOS9FSdfbDk.crl (hash: dm5rAPWztn/dAdnZkQWYRWc16TAtZ1FesE1uopQc4pU=)
4: qOyspdHf0vEJQuyvIz0XkgRHk_0.roa (hash: yR7LTFxNYmFcq/nxWYOH7mZupl2rRRW8SrPwUWcJB0k=)
5: uiGdfZv36ngdlEPtH0Dctu5_0kI.roa (hash: kwlBzu/ziaLKG7neS7FV84L3FCZ7YdUCR1fgHvPBMoI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:4c:54:79:61:98:63:70:63:a1:68:a6:b7:4c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Nov 11 04:01:21 2025 GMT
Not After : Nov 12 04:01:21 2025 GMT
Subject: CN=1275d996a8795ae71a04ae73188dbf857cedf16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f2:40:c0:10:49:11:05:09:11:b2:24:b2:9b:
84:c1:71:97:b2:15:1f:54:e8:ea:bb:e7:d3:a6:cd:
aa:14:1f:f6:b0:9b:f8:fd:8c:7c:2a:e2:42:1c:b8:
b1:9d:f1:34:43:c2:bd:51:39:88:26:df:9e:a6:73:
73:6a:5a:86:f7:20:16:70:34:cf:7c:2d:f6:dc:84:
d3:6c:57:8a:4c:a6:a9:b0:3f:55:ff:ea:fb:57:ab:
3c:fc:3e:ee:2f:d4:33:8a:d8:49:0b:aa:e8:0c:0a:
b8:27:7e:32:8b:00:a6:cc:e5:1e:a2:b5:0c:40:4b:
d6:9e:7b:87:38:b0:17:3a:85:58:c2:a0:12:0e:87:
d1:a6:63:ea:a0:f0:64:a4:92:54:b6:3a:c2:fd:01:
75:35:f9:fe:70:fd:d7:54:9b:a6:46:ad:39:ab:3b:
c6:e3:e8:d3:5e:03:ab:a6:fc:5e:dd:80:a3:60:f0:
bb:ca:ef:cb:c0:de:30:17:25:d7:7b:dc:a0:2f:64:
b0:91:b3:4e:85:dc:4d:6d:7f:81:a7:d7:b1:7c:a4:
0b:e7:11:34:cc:b9:d1:5b:5b:c9:f7:b1:6b:49:10:
99:3e:5d:8d:bf:b9:2f:78:a5:5c:11:6f:01:87:33:
79:66:8f:8f:93:a8:c4:1c:7d:f7:ed:8b:87:26:fd:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:75:D9:96:A8:79:5A:E7:1A:04:AE:73:18:8D:BF:85:7C:ED:F1:6C
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:86:50:d6:15:19:1d:67:da:ee:fb:c0:75:11:57:e2:01:6f:
95:20:7f:06:dc:06:bb:cd:28:81:f7:2d:0b:d1:35:52:c5:f6:
a9:2d:80:81:05:f6:4b:18:76:1a:be:a3:c4:1e:bd:49:6e:93:
44:44:3b:5b:fe:16:85:5a:8d:0e:b0:ad:2d:00:a1:85:ce:0e:
72:46:69:3e:a0:f1:4a:e9:2a:5e:2d:32:21:ef:c8:79:2e:c2:
a6:1d:fa:55:27:96:a3:05:7f:d6:80:19:11:3d:cd:46:b0:fb:
66:ab:98:07:e1:7d:51:03:d1:7e:ea:f1:86:2f:1d:af:70:3f:
c0:66:f1:5f:51:84:42:ff:6a:ed:ca:4d:94:42:1a:67:f3:c3:
ee:0d:a5:05:ba:00:43:f8:8a:cd:a4:68:72:0f:2a:06:a1:5f:
d5:b6:ff:7f:42:13:64:75:b8:7e:ed:37:b4:9e:86:10:42:4b:
8d:c9:10:43:2b:af:6f:cd:e9:a8:35:be:a3:de:6e:da:25:5a:
58:e9:07:15:be:92:ea:ed:b6:89:02:61:c6:e5:f5:46:2a:55:
f3:e0:17:a1:d5:8a:c6:b8:81:81:13:e1:a9:bc:39:a7:3c:45:
7a:67:43:dc:26:98:52:39:f7:d4:a9:fb:da:5f:4f:b0:4d:ab:
67:df:a5:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0xUeWGYY3BjoWimt0yIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjUxMTExMDQwMTIxWhcNMjUxMTEyMDQwMTIxWjAzMTEwLwYDVQQD
EygxMjc1ZDk5NmE4Nzk1YWU3MWEwNGFlNzMxODhkYmY4NTdjZWRmMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivJAwBBJEQUJEbIkspuEwXGXshUf
VOjqu+fTps2qFB/2sJv4/Yx8KuJCHLixnfE0Q8K9UTmIJt+epnNzalqG9yAWcDTP
fC323ITTbFeKTKapsD9V/+r7V6s8/D7uL9QzithJC6roDAq4J34yiwCmzOUeorUM
QEvWnnuHOLAXOoVYwqASDofRpmPqoPBkpJJUtjrC/QF1Nfn+cP3XVJumRq05qzvG
4+jTXgOrpvxe3YCjYPC7yu/LwN4wFyXXe9ygL2SwkbNOhdxNbX+Bp9exfKQL5xE0
zLnRW1vJ97FrSRCZPl2Nv7kveKVcEW8BhzN5Zo+Pk6jEHH337YuHJv0QeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJ12ZaoeVrnGgSucxiNv4V87fFsMB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgoZQ1hUZ
HWfa7vvAdRFX4gFvlSB/BtwGu80ogfctC9E1UsX2qS2AgQX2Sxh2Gr6jxB69SW6T
REQ7W/4WhVqNDrCtLQChhc4OckZpPqDxSukqXi0yIe/IeS7Cph36VSeWowV/1oAZ
ET3NRrD7ZquYB+F9UQPRfurxhi8dr3A/wGbxX1GEQv9q7cpNlEIaZ/PD7g2lBboA
Q/iKzaRocg8qBqFf1bb/f0ITZHW4fu03tJ6GEEJLjckQQyuvb83pqDW+o95u2iVa
WOkHFb6S6u22iQJhxuX1RipV8+AXodWKxriBgRPhqbw5pzxFemdD3CaYUjn31Kn7
2l9PsE2rZ9+l4g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:55:30 2025 by rpki-client