Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
File: AlO5GdddwgTZyjjbeyihdINLOz0.mft (raw, json)
Hash identifier: Ejng88jYbH49ykOPafCdg8ggzTST0ZV0UBPeujekYRY=
Subject key identifier: 24:0C:B3:B4:30:0B:3E:8A:4C:09:AA:AC:BA:2E:1E:BA:A1:DF:8F:4F
Authority key identifier: 02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
Certificate issuer: /CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Certificate serial: 019A2409EE1EEEEECA60D881BF52BEDFD3A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
Manifest number: 0718
Signing time: Mon 27 Oct 2025 05:00:21 +0000
Manifest this update: Mon 27 Oct 2025 05:00:21 +0000
Manifest next update: Tue 28 Oct 2025 05:00:21 +0000
Files and hashes: 1: AlO5GdddwgTZyjjbeyihdINLOz0.crl (hash: wC5L+BmRogcaIyXfoQSXIA7hWHA44h+ZTPMcoJmoFyI=)
2: nHJdEaQAZSSucNQfqLdmnzvaEhg.roa (hash: PyiLEuElU0BAtn89yNXkLzFcjN6+3nnt5xk1DxkgTgc=)
3: uTJHpPw8MiXzvmoOasbIM18rO48.roa (hash: 417uE377R+rkUzMmjx7quT0IM4A+QC6t0Oyj6z4KxVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:09:ee:1e:ee:ee:ca:60:d8:81:bf:52:be:df:d3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Validity
Not Before: Oct 27 05:00:21 2025 GMT
Not After : Oct 28 05:00:21 2025 GMT
Subject: CN=240cb3b4300b3e8a4c09aaacba2e1ebaa1df8f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:dc:bf:b1:dd:f6:ba:83:9a:c2:ba:3c:95:
26:28:67:3e:86:32:58:3d:dd:34:47:18:da:ab:52:
7a:b7:1f:39:9e:90:69:5b:80:74:3a:ce:84:5f:5e:
8f:a5:be:57:ce:58:9a:4e:9a:40:ab:54:61:f5:83:
04:88:c8:93:71:05:25:92:85:56:18:98:cd:c3:b9:
80:d4:fa:0c:53:12:a2:9b:2d:d1:74:e4:3f:ac:54:
05:e4:7d:7a:79:04:cc:47:54:80:14:15:d5:74:8e:
11:5a:86:d8:d9:f0:85:04:c3:41:2c:a5:49:9d:24:
a9:cb:b0:b3:65:97:4f:7c:af:72:3c:57:60:19:3f:
b9:c1:ac:8b:63:cd:7a:b5:7b:1f:ab:70:18:78:af:
4f:cb:c2:96:03:e8:72:e2:d8:dd:79:80:2c:10:56:
5d:45:cc:ae:1b:71:28:b6:53:18:b7:85:49:46:08:
6b:f5:14:08:6b:42:72:6d:40:73:fd:db:f1:6b:70:
76:55:ee:e9:7b:95:8e:87:42:0f:21:c6:59:7e:f2:
3b:c3:26:0e:d2:9e:77:9a:54:7b:90:d7:f3:85:f0:
85:86:6b:a3:c0:4d:a8:55:61:2e:01:ee:49:d9:77:
44:2f:8e:80:9f:b2:30:fc:dd:4b:9d:fe:fc:a7:45:
5d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0C:B3:B4:30:0B:3E:8A:4C:09:AA:AC:BA:2E:1E:BA:A1:DF:8F:4F
X509v3 Authority Key Identifier:
keyid:02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:48:c0:9a:44:0d:0c:10:93:f6:4c:19:10:85:d2:ad:b6:90:
31:d0:99:d6:c6:16:6e:85:cf:3e:da:f7:b5:70:88:17:07:4a:
5c:9c:0d:85:48:fd:77:c0:c3:16:a3:87:a3:87:d3:b5:e0:b1:
31:0d:f9:6c:8d:0a:e8:45:e9:d0:58:a2:9b:3d:fa:4f:23:08:
f1:e4:ee:cb:57:7d:62:f5:e1:a2:1b:57:03:8e:98:2e:93:ac:
19:06:68:11:3d:63:8e:9c:57:dd:f3:86:a2:6c:4e:88:9e:5f:
3f:f7:49:ad:c9:e3:51:59:6e:68:f4:7b:3e:2d:79:c8:10:d5:
26:3d:8c:89:c4:2d:46:6d:8b:43:3c:43:e5:30:62:32:67:b7:
32:1f:dd:43:c7:1b:e6:00:cd:25:e1:29:b6:c8:5e:10:b2:42:
ef:89:e1:0c:55:87:d6:f0:a6:e6:a8:ab:b7:9a:85:14:98:86:
a9:78:51:4a:c5:f4:2a:34:6f:6f:ba:63:74:ea:67:cb:49:40:
5c:3a:85:03:80:ab:5c:62:b4:dd:cf:ec:72:2a:62:86:10:6d:
e2:d1:10:49:9f:53:14:75:57:2c:96:84:d7:3a:3a:a4:df:63:
12:88:fb:e4:5e:cd:79:df:70:e2:79:f2:67:20:fe:78:b9:6e:
75:78:28:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokCe4e7u7KYNiBv1K+39OgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTNiOTE5ZDc1ZGMyMDRkOWNhMzhkYjdiMjhhMTc0ODM0
YjNiM2QwHhcNMjUxMDI3MDUwMDIxWhcNMjUxMDI4MDUwMDIxWjAzMTEwLwYDVQQD
EygyNDBjYjNiNDMwMGIzZThhNGMwOWFhYWNiYTJlMWViYWExZGY4ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCHcv7Hd9rqDmsK6PJUmKGc+hjJY
Pd00Rxjaq1J6tx85npBpW4B0Os6EX16Ppb5XzliaTppAq1Rh9YMEiMiTcQUlkoVW
GJjNw7mA1PoMUxKimy3RdOQ/rFQF5H16eQTMR1SAFBXVdI4RWobY2fCFBMNBLKVJ
nSSpy7CzZZdPfK9yPFdgGT+5wayLY816tXsfq3AYeK9Py8KWA+hy4tjdeYAsEFZd
RcyuG3EotlMYt4VJRghr9RQIa0JybUBz/dvxa3B2Ve7pe5WOh0IPIcZZfvI7wyYO
0p53mlR7kNfzhfCFhmujwE2oVWEuAe5J2XdEL46An7Iw/N1Lnf78p0Vd1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQMs7QwCz6KTAmqrLouHrqh349PMB8GA1UdIwQY
MBaAFAJTuRnXXcIE2co423sooXSDSzs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2Yt
NzNkYjBmMjg0MWM5LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2YtNzNkYjBmMjg0MWM5
LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEjAmkQN
DBCT9kwZEIXSrbaQMdCZ1sYWboXPPtr3tXCIFwdKXJwNhUj9d8DDFqOHo4fTteCx
MQ35bI0K6EXp0Fiimz36TyMI8eTuy1d9YvXhohtXA46YLpOsGQZoET1jjpxX3fOG
omxOiJ5fP/dJrcnjUVluaPR7Pi15yBDVJj2MicQtRm2LQzxD5TBiMme3Mh/dQ8cb
5gDNJeEptsheELJC74nhDFWH1vCm5qirt5qFFJiGqXhRSsX0KjRvb7pjdOpny0lA
XDqFA4CrXGK03c/scipihhBt4tEQSZ9TFHVXLJaE1zo6pN9jEoj75F7Ned9w4nny
ZyD+eLludXgoeA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 13:26:19 2025 by rpki-client