Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.mft
File: 1AjPCbarAFupM7KnpKbSfqa7cso.mft (raw, json)
Hash identifier: bogb4Of8/e9QKbuHziAJQIeNUajJJmaRodi9zzLBOUo=
Subject key identifier: 3F:8F:13:37:A2:E0:D4:7A:45:F8:8E:31:ED:51:95:A2:29:5D:F8:51
Authority key identifier: D4:08:CF:09:B6:AB:00:5B:A9:33:B2:A7:A4:A6:D2:7E:A6:BB:72:CA
Certificate issuer: /CN=d408cf09b6ab005ba933b2a7a4a6d27ea6bb72ca
Certificate serial: 019A22F787FC168BD823893C015A289D0BCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1AjPCbarAFupM7KnpKbSfqa7cso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.mft
Manifest number: 040F
Signing time: Mon 27 Oct 2025 00:00:38 +0000
Manifest this update: Mon 27 Oct 2025 00:00:38 +0000
Manifest next update: Tue 28 Oct 2025 00:00:38 +0000
Files and hashes: 1: 1AjPCbarAFupM7KnpKbSfqa7cso.crl (hash: BbpVNgA0pLhytBdlizSOkLKYYi1M5YcdEuc282B7Nco=)
2: mjk_9mBIX2K41ASneFahi5WxQms.roa (hash: qL7nGWS3Awht9PmP0vDzSTXhKhc/jIpjX536PZtB9fQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.mft
rsync://rpki.ripe.net/repository/DEFAULT/1AjPCbarAFupM7KnpKbSfqa7cso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:f7:87:fc:16:8b:d8:23:89:3c:01:5a:28:9d:0b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d408cf09b6ab005ba933b2a7a4a6d27ea6bb72ca
Validity
Not Before: Oct 27 00:00:38 2025 GMT
Not After : Oct 28 00:00:38 2025 GMT
Subject: CN=3f8f1337a2e0d47a45f88e31ed5195a2295df851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:35:91:2f:a6:74:39:d8:45:3e:26:0d:f3:3a:
d4:9f:35:1f:f5:31:0b:71:05:b7:3a:b1:91:bf:52:
e4:ad:f0:ad:5c:51:75:6a:48:ef:1b:c9:ae:30:8b:
0a:ac:e4:48:e2:58:03:df:63:6c:48:32:fa:a2:65:
0e:4f:e4:31:1d:ff:67:ae:83:49:09:d5:96:78:30:
c7:e0:23:c0:39:5d:75:4c:9a:e9:96:1f:7f:61:3b:
c1:2e:80:d8:63:f9:2b:28:cf:ad:0c:c4:5c:47:0a:
5a:06:cb:32:c3:4f:cd:00:c5:29:cc:f3:2a:49:d5:
4d:7a:eb:f4:f1:75:17:5b:45:d0:9a:3b:a9:f5:2f:
1f:96:37:7a:22:92:9c:40:79:a3:16:40:2a:93:d6:
9a:91:1f:75:a8:c0:74:e2:76:02:cc:9e:1f:98:3f:
02:f9:1f:80:b1:c9:1e:9c:43:4a:9c:87:1b:de:fa:
9c:c2:aa:89:f2:98:c2:70:55:f5:d7:07:dd:88:75:
f6:e9:78:6c:4a:d1:ed:7e:65:e7:d2:2c:d4:f4:f1:
86:1d:b0:93:fa:08:8d:a3:85:e5:90:22:23:bc:79:
89:5d:74:31:a6:14:6f:c4:52:41:fd:29:af:9f:6e:
8d:5b:9e:58:bb:58:b1:14:9c:32:a6:44:1a:61:d8:
b8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8F:13:37:A2:E0:D4:7A:45:F8:8E:31:ED:51:95:A2:29:5D:F8:51
X509v3 Authority Key Identifier:
keyid:D4:08:CF:09:B6:AB:00:5B:A9:33:B2:A7:A4:A6:D2:7E:A6:BB:72:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1AjPCbarAFupM7KnpKbSfqa7cso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:ae:a5:8b:39:a6:4e:6f:ad:5f:cf:a8:78:bf:4d:f4:46:b3:
0b:00:1e:58:e8:e1:9b:55:e3:f2:f9:6a:2c:df:05:2f:fe:44:
d1:9d:ed:37:7f:f9:0d:54:c0:ca:5c:b6:4d:2a:a2:36:c0:12:
0f:cc:53:7d:14:c4:4b:ec:74:ea:3f:02:4f:0b:c5:89:9d:0e:
3e:c6:88:ac:e7:b0:fe:f0:f8:a8:d0:94:e4:54:35:2d:71:cd:
3c:11:46:ca:ae:d2:56:49:25:34:cb:ad:da:be:95:c8:84:48:
45:b6:c3:fc:b4:db:7f:70:96:15:5b:64:5e:1a:4c:ff:0a:05:
94:dd:3a:da:84:f4:bb:cb:fc:2a:45:f6:a1:39:e2:51:aa:3a:
e6:aa:a6:34:86:2c:c2:37:d5:fe:e4:07:14:1d:d9:80:6d:ef:
b3:ae:a8:ba:8a:8b:4c:09:78:4b:25:d5:ae:73:49:46:6f:9a:
b1:49:cb:b0:0e:96:e1:c1:71:fb:c0:34:a9:7c:13:8d:06:42:
fc:4d:ce:f4:14:22:42:a6:44:bc:57:0c:3b:bc:d9:24:c4:d2:
ae:2e:ad:3b:ea:2d:8c:24:78:ed:48:82:5d:10:54:0c:ac:2a:
d0:64:92:bf:c9:62:d9:64:0a:d8:07:70:a4:ad:e8:de:74:95:
2a:0c:3b:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi94f8FovYI4k8AVoonQvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MDhjZjA5YjZhYjAwNWJhOTMzYjJhN2E0YTZkMjdlYTZi
YjcyY2EwHhcNMjUxMDI3MDAwMDM4WhcNMjUxMDI4MDAwMDM4WjAzMTEwLwYDVQQD
EygzZjhmMTMzN2EyZTBkNDdhNDVmODhlMzFlZDUxOTVhMjI5NWRmODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojWRL6Z0OdhFPiYN8zrUnzUf9TEL
cQW3OrGRv1LkrfCtXFF1akjvG8muMIsKrORI4lgD32NsSDL6omUOT+QxHf9nroNJ
CdWWeDDH4CPAOV11TJrplh9/YTvBLoDYY/krKM+tDMRcRwpaBssyw0/NAMUpzPMq
SdVNeuv08XUXW0XQmjup9S8fljd6IpKcQHmjFkAqk9aakR91qMB04nYCzJ4fmD8C
+R+AsckenENKnIcb3vqcwqqJ8pjCcFX11wfdiHX26XhsStHtfmXn0izU9PGGHbCT
+giNo4XlkCIjvHmJXXQxphRvxFJB/Smvn26NW55Yu1ixFJwypkQaYdi4rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+PEzei4NR6RfiOMe1RlaIpXfhRMB8GA1UdIwQY
MBaAFNQIzwm2qwBbqTOyp6Sm0n6mu3LKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUFqUENiYXJBRnVwTTdLbnBLYlNmcWE3Y3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hNmQxMjQtMDRlNi00ZGVmLWExNmIt
ZDY1MjM2ODI5OWQ1LzEvMUFqUENiYXJBRnVwTTdLbnBLYlNmcWE3Y3NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hNmQxMjQtMDRlNi00ZGVmLWExNmItZDY1MjM2ODI5OWQ1
LzEvMUFqUENiYXJBRnVwTTdLbnBLYlNmcWE3Y3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADq6lizmm
Tm+tX8+oeL9N9EazCwAeWOjhm1Xj8vlqLN8FL/5E0Z3tN3/5DVTAyly2TSqiNsAS
D8xTfRTES+x06j8CTwvFiZ0OPsaIrOew/vD4qNCU5FQ1LXHNPBFGyq7SVkklNMut
2r6VyIRIRbbD/LTbf3CWFVtkXhpM/woFlN062oT0u8v8KkX2oTniUao65qqmNIYs
wjfV/uQHFB3ZgG3vs66ouoqLTAl4SyXVrnNJRm+asUnLsA6W4cFx+8A0qXwTjQZC
/E3O9BQiQqZEvFcMO7zZJMTSri6tO+otjCR47UiCXRBUDKwq0GSSv8li2WQK2Adw
pK3o3nSVKgw7nQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:15:07 2025 by rpki-client