Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: e7kRii/fvw1WBDquPvoIh9+T/s2e2mWk9fkzOxoqXRg=
Subject key identifier: 74:99:E0:31:60:E6:31:4B:63:E5:29:5D:69:5F:D7:39:44:5E:97:17
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 019A2E56EBB11DCA5A32FE0C905D3346398E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 16FD
Signing time: Wed 29 Oct 2025 05:00:39 +0000
Manifest this update: Wed 29 Oct 2025 05:00:39 +0000
Manifest next update: Thu 30 Oct 2025 05:00:39 +0000
Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=)
2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: JDUY5LEZ8AdRH/VNbsnVrwMlY1/GgbbNRtspwxVmujo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2e:56:eb:b1:1d:ca:5a:32:fe:0c:90:5d:33:46:39:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Oct 29 05:00:39 2025 GMT
Not After : Oct 30 05:00:39 2025 GMT
Subject: CN=7499e03160e6314b63e5295d695fd739445e9717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c8:12:c8:e4:b0:3b:74:8a:af:14:e3:0a:d0:
b2:1a:56:01:6d:f4:e2:09:8e:f4:2a:40:69:c2:c1:
e7:7e:d4:1f:3d:69:97:36:89:ee:91:58:fa:9c:77:
d2:56:cf:d5:49:51:e8:7a:ce:9d:36:a9:0b:41:83:
70:51:26:18:f9:96:9e:64:ea:06:ba:9d:43:2a:4b:
57:63:18:54:50:ef:09:ad:d5:3d:53:a4:e0:64:8b:
0c:34:e5:00:2b:35:c3:60:ac:cc:fc:1d:95:73:ef:
2d:01:62:3c:52:c9:d3:cf:5d:41:4a:ee:b3:95:ec:
b3:c1:19:51:e3:74:c4:22:f4:8b:f9:bf:6a:b7:7e:
21:65:b1:b0:a9:5b:1c:92:66:29:f7:04:df:3d:b7:
4b:4f:06:14:fe:5f:f6:39:04:ce:d9:3f:09:16:89:
6e:1d:f5:f9:12:bf:a5:cd:bc:b8:4a:c8:38:ed:af:
49:14:cd:22:2a:a3:e5:bf:35:31:c1:8f:39:f9:82:
d5:c5:83:76:cb:7e:6d:c9:cb:ac:8a:d9:7a:81:be:
9d:1b:14:c5:7f:62:66:3c:07:f7:4f:74:60:b7:90:
99:15:4b:57:de:bb:6e:46:f5:9f:fa:37:0f:e0:2e:
72:0a:2d:44:3f:e0:c6:a1:da:86:fb:30:c6:45:8a:
53:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:99:E0:31:60:E6:31:4B:63:E5:29:5D:69:5F:D7:39:44:5E:97:17
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:0c:11:fd:25:9f:b5:16:51:63:86:7f:ca:f8:08:34:70:d7:
f8:b2:b4:09:53:87:89:9d:14:8f:d1:f5:0d:75:10:e7:51:ab:
d2:82:34:91:b6:d7:23:e6:c6:97:13:48:17:64:fd:11:1d:f7:
35:b6:0d:2d:8b:93:69:f9:7e:3e:b3:dd:9c:73:81:75:75:5c:
67:cf:e9:b2:5e:fc:fd:50:97:54:65:41:8e:0a:dd:d5:dc:fd:
98:a9:a6:9e:cb:dc:01:f8:71:83:0c:5b:70:ef:ec:9b:61:c6:
2a:a0:d5:06:44:80:8f:a3:95:ac:2b:a6:5a:06:a1:bd:c5:94:
70:81:cb:8b:9d:26:44:df:d0:25:9d:c3:40:95:fa:57:49:94:
54:6d:6f:6b:e9:72:88:e4:46:3c:d6:76:24:fe:c4:bf:23:74:
f3:3c:9c:0e:0d:b1:15:42:3d:f5:a7:fa:cc:82:4f:c1:21:f7:
b9:81:7e:05:cb:c2:c6:f4:85:cf:5c:bd:1a:16:6e:d7:c5:0c:
65:96:59:c4:22:b3:4b:a8:18:da:6a:7c:78:b2:48:db:87:69:
cb:89:33:a1:3f:82:ad:e4:56:70:ed:f9:ac:be:e2:e8:18:be:
e5:12:a3:9e:5c:df:a2:aa:4b:15:fb:2c:96:ca:4b:ae:bd:b5:
b5:61:bc:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZouVuuxHcpaMv4MkF0zRjmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUxMDI5MDUwMDM5WhcNMjUxMDMwMDUwMDM5WjAzMTEwLwYDVQQD
Eyg3NDk5ZTAzMTYwZTYzMTRiNjNlNTI5NWQ2OTVmZDczOTQ0NWU5NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMgSyOSwO3SKrxTjCtCyGlYBbfTi
CY70KkBpwsHnftQfPWmXNonukVj6nHfSVs/VSVHoes6dNqkLQYNwUSYY+ZaeZOoG
up1DKktXYxhUUO8JrdU9U6TgZIsMNOUAKzXDYKzM/B2Vc+8tAWI8UsnTz11BSu6z
leyzwRlR43TEIvSL+b9qt34hZbGwqVsckmYp9wTfPbdLTwYU/l/2OQTO2T8JFolu
HfX5Er+lzby4Ssg47a9JFM0iKqPlvzUxwY85+YLVxYN2y35tycusitl6gb6dGxTF
f2JmPAf3T3Rgt5CZFUtX3rtuRvWf+jcP4C5yCi1EP+DGodqG+zDGRYpTBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSZ4DFg5jFLY+UpXWlf1zlEXpcXMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALQwR/SWf
tRZRY4Z/yvgINHDX+LK0CVOHiZ0Uj9H1DXUQ51Gr0oI0kbbXI+bGlxNIF2T9ER33
NbYNLYuTafl+PrPdnHOBdXVcZ8/psl78/VCXVGVBjgrd1dz9mKmmnsvcAfhxgwxb
cO/sm2HGKqDVBkSAj6OVrCumWgahvcWUcIHLi50mRN/QJZ3DQJX6V0mUVG1va+ly
iORGPNZ2JP7EvyN08zycDg2xFUI99af6zIJPwSH3uYF+BcvCxvSFz1y9GhZu18UM
ZZZZxCKzS6gY2mp8eLJI24dpy4kzoT+CreRWcO35rL7i6Bi+5RKjnlzfoqpLFfss
lspLrr21tWG8bA==
-----END CERTIFICATE-----
Generated at Wed Oct 29 12:22:41 2025 by rpki-client