Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
File: aYfUeTXhE31URCbbUojhKpwCWsI.mft (raw, json)
Hash identifier: dgxLFE6oL3YTmyXnaaJuYdo4U7f1T2QHGmEAqoOcbMk=
Subject key identifier: D6:B0:50:0F:9D:2A:40:FC:11:19:69:82:CD:10:E4:29:7A:13:76:8F
Authority key identifier: 69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
Certificate issuer: /CN=6987d47935e1137d544426db5288e12a9c025ac2
Certificate serial: 019A71EEB3D9AB67FC144A727240AAE314E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
Manifest number: 0EE4
Signing time: Tue 11 Nov 2025 08:01:00 +0000
Manifest this update: Tue 11 Nov 2025 08:01:00 +0000
Manifest next update: Wed 12 Nov 2025 08:01:00 +0000
Files and hashes: 1: aYfUeTXhE31URCbbUojhKpwCWsI.crl (hash: zxa3Aaxs016WJDclJqHBvm4TttAdpTVHYIeKhSRRigE=)
2: u5cM_QOizpw-qJJPqONMvmbrpo8.roa (hash: GZfhlRyj3hdFyyCNQhpcV7zv1K17zHPhBmiPFi/AntI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b3:d9:ab:67:fc:14:4a:72:72:40:aa:e3:14:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d47935e1137d544426db5288e12a9c025ac2
Validity
Not Before: Nov 11 08:01:00 2025 GMT
Not After : Nov 12 08:01:00 2025 GMT
Subject: CN=d6b0500f9d2a40fc11196982cd10e4297a13768f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2a:a2:02:1a:16:32:51:d2:eb:83:5b:df:b7:
1a:e9:18:74:87:6b:a9:c0:41:63:a8:6c:18:29:6a:
76:3a:4d:33:37:42:49:c4:2e:04:01:54:99:f2:95:
76:ea:79:27:ac:f1:3a:54:cf:4c:81:93:8a:a1:fc:
5d:a9:0b:30:ab:c5:4a:70:1d:01:f6:7d:30:ef:6a:
55:ac:13:62:ec:96:3d:20:f0:46:9f:ed:89:8a:7a:
38:07:57:c9:4e:34:ea:cb:1f:83:99:3b:93:c6:cf:
0c:58:59:72:1f:13:c4:ed:de:2c:fc:ef:ed:4c:37:
ca:d2:ee:bc:2e:22:ee:07:6c:84:a0:d3:00:f6:41:
ed:0f:03:c0:d8:a8:72:29:64:7a:45:b9:7b:a4:ca:
4d:70:f3:ec:94:22:4c:93:08:39:d2:12:72:d9:92:
62:77:31:68:a8:98:81:91:68:a9:47:b6:c9:29:4a:
71:4d:3d:dd:25:e5:e8:61:f9:6e:63:2f:4f:05:93:
9e:7c:d0:b6:bf:0b:63:17:bd:1a:a6:27:c7:29:f2:
ec:fd:98:eb:c2:64:7b:94:50:a7:69:cc:28:4d:9b:
5a:1a:ed:2d:c5:29:91:8e:8f:ff:0d:31:0c:45:44:
5a:30:41:34:09:ea:ef:0b:cd:07:56:41:97:64:fe:
42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B0:50:0F:9D:2A:40:FC:11:19:69:82:CD:10:E4:29:7A:13:76:8F
X509v3 Authority Key Identifier:
keyid:69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:31:7e:0c:49:ae:38:e7:4f:ec:ae:14:b4:62:46:1c:df:3b:
3e:dd:25:6d:87:2c:32:f9:e8:41:c5:cc:80:4d:d3:68:47:dc:
9f:84:b6:21:af:82:54:f9:c4:60:47:b8:9f:e1:23:10:ff:0b:
42:bc:b1:63:14:66:d7:31:12:70:36:32:58:da:cd:cf:01:cd:
96:6b:c4:66:85:af:03:27:8f:52:7b:1a:df:2f:b4:0d:8c:a9:
aa:92:25:c9:31:cc:da:8b:be:b4:0b:50:ca:a1:65:68:3e:d4:
ed:a6:c2:3a:ba:ef:5c:49:20:be:16:f7:ae:16:74:fc:91:84:
50:ad:21:f0:93:47:aa:4a:21:a1:95:7d:59:18:b1:cb:0b:9e:
d7:fe:79:dd:64:5b:4c:73:67:6b:9c:0d:c1:e6:d0:23:7d:fb:
3e:b3:18:57:99:25:a1:25:a2:f6:f2:05:3b:cc:aa:4e:58:6e:
28:99:67:f2:90:11:bb:1a:6c:c3:7b:5b:c9:aa:a5:ad:87:e0:
d5:5b:e0:62:3d:85:e4:b1:40:8d:c9:d1:41:0f:2c:b6:66:f1:
1e:5c:62:a8:01:e5:e5:f4:9c:f8:70:df:9a:87:fc:16:f3:4a:
86:d9:a6:6e:66:4b:bb:60:67:db:35:46:df:be:b1:e4:92:bc:
13:71:cc:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rPZq2f8FEpyckCq4xTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkNDc5MzVlMTEzN2Q1NDQ0MjZkYjUyODhlMTJhOWMw
MjVhYzIwHhcNMjUxMTExMDgwMTAwWhcNMjUxMTEyMDgwMTAwWjAzMTEwLwYDVQQD
EyhkNmIwNTAwZjlkMmE0MGZjMTExOTY5ODJjZDEwZTQyOTdhMTM3NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiqiAhoWMlHS64Nb37ca6Rh0h2up
wEFjqGwYKWp2Ok0zN0JJxC4EAVSZ8pV26nknrPE6VM9MgZOKofxdqQswq8VKcB0B
9n0w72pVrBNi7JY9IPBGn+2Jino4B1fJTjTqyx+DmTuTxs8MWFlyHxPE7d4s/O/t
TDfK0u68LiLuB2yEoNMA9kHtDwPA2KhyKWR6Rbl7pMpNcPPslCJMkwg50hJy2ZJi
dzFoqJiBkWipR7bJKUpxTT3dJeXoYfluYy9PBZOefNC2vwtjF70apifHKfLs/Zjr
wmR7lFCnacwoTZtaGu0txSmRjo//DTEMRURaMEE0CervC80HVkGXZP5CAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNawUA+dKkD8ERlpgs0Q5Cl6E3aPMB8GA1UdIwQY
MBaAFGmH1Hk14RN9VEQm21KI4SqcAlrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1Zjgt
OWM5NTM1OTRkNmIxLzEvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIx
LzEvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzF+DEmu
OOdP7K4UtGJGHN87Pt0lbYcsMvnoQcXMgE3TaEfcn4S2Ia+CVPnEYEe4n+EjEP8L
QryxYxRm1zEScDYyWNrNzwHNlmvEZoWvAyePUnsa3y+0DYypqpIlyTHM2ou+tAtQ
yqFlaD7U7abCOrrvXEkgvhb3rhZ0/JGEUK0h8JNHqkohoZV9WRixywue1/553WRb
THNna5wNwebQI337PrMYV5kloSWi9vIFO8yqTlhuKJln8pARuxpsw3tbyaqlrYfg
1VvgYj2F5LFAjcnRQQ8stmbxHlxiqAHl5fSc+HDfmof8FvNKhtmmbmZLu2Bn2zVG
376x5JK8E3HM2A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:13:57 2025 by rpki-client