Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
File: aFeXIsOgywwzUcWV36PX6tgfFr8.mft (raw, json)
Hash identifier: hhRbIgptgnR/p+Tq0K/NPAQ399ZSYb8rzQVHeAnmkkc=
Subject key identifier: A1:36:99:D7:B2:34:F4:FC:65:6D:E6:1D:FE:28:7E:F1:74:E7:B9:65
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 019A725C5DDEFE9B878840021CDF1496B56C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
Manifest number: 1726
Signing time: Tue 11 Nov 2025 10:00:47 +0000
Manifest this update: Tue 11 Nov 2025 10:00:47 +0000
Manifest next update: Wed 12 Nov 2025 10:00:47 +0000
Files and hashes: 1: 5kpPrp0PsQaLwN-0f4M5ORyJaIo.roa (hash: sRLtBcmB7NMgyGt87xrsnTDd/kvjgxEDyhMytt8u1mY=)
2: TEQ2s_TPddXgs2TBHawu_QRXdAY.roa (hash: v8GdY3sNaK+PD8iTL9fBBYBUT72JOPHFN0JrePdltX0=)
3: aFeXIsOgywwzUcWV36PX6tgfFr8.crl (hash: wy1PxoDWy6j3n/7HOTKLXxpGypM3j27JUJjr1mWE8ws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:5d:de:fe:9b:87:88:40:02:1c:df:14:96:b5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: Nov 11 10:00:47 2025 GMT
Not After : Nov 12 10:00:47 2025 GMT
Subject: CN=a13699d7b234f4fc656de61dfe287ef174e7b965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:29:e3:1b:da:2c:eb:b6:82:b5:22:8b:81:
1d:df:80:0a:96:cd:c1:9c:94:cc:03:98:4c:ad:4a:
91:3a:f0:aa:6c:b4:8b:ab:b4:cd:a1:61:75:25:41:
4d:bc:61:31:64:8e:6c:a8:c3:d2:18:8d:ae:6b:78:
c0:e1:0a:9e:4d:71:69:ef:6c:9b:4b:e1:57:10:31:
08:c2:fd:5f:4a:9d:6e:a3:bb:e9:0c:e8:3f:5c:a4:
6c:8a:ba:46:b4:cd:ac:46:5d:59:16:da:76:b1:28:
cc:73:86:e5:fd:8e:85:a0:aa:f3:3c:66:07:a2:16:
b1:c8:f7:79:2b:0a:f3:f9:73:9b:c9:1f:b6:99:59:
52:f1:77:00:5d:21:81:56:6c:71:c7:d3:c6:09:b5:
68:69:82:e3:56:4a:bc:82:20:d4:83:66:31:65:97:
61:ba:d9:28:f3:e1:ce:5f:72:f4:98:2f:46:60:bc:
d1:62:a8:ac:5b:f3:c3:8c:dd:88:71:56:06:36:b2:
6e:03:c6:8e:99:fa:7d:ad:1f:e4:7e:4b:03:0b:65:
27:89:5b:81:29:c0:f0:95:22:b9:cb:1b:a4:e8:b7:
f3:78:0b:98:95:e1:fb:b5:83:39:1b:a8:33:23:05:
5c:9a:7e:fe:f6:66:c6:ab:84:82:9b:83:68:19:66:
9e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:36:99:D7:B2:34:F4:FC:65:6D:E6:1D:FE:28:7E:F1:74:E7:B9:65
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:23:45:71:40:89:b4:b2:b3:b6:5f:0d:bb:e6:76:cd:a4:2e:
80:78:61:94:15:ee:87:fa:71:79:3c:ac:03:df:b9:e7:18:1f:
18:5c:1b:45:e6:30:e1:90:c4:b2:52:92:0c:71:e1:02:02:b8:
99:17:64:52:58:b1:94:99:5c:d9:8e:47:d5:f8:cb:50:78:e5:
64:c6:70:33:a7:be:9f:8c:34:5c:a8:6e:00:d0:ce:5c:16:dd:
f9:2f:ab:a6:c4:62:88:3b:50:54:fe:6d:ac:0f:33:21:0c:2d:
f8:08:9f:df:3d:bd:e3:99:41:b0:37:cf:8d:57:59:a3:56:3a:
4b:1d:2b:60:71:a0:65:3a:e1:c8:d5:32:c6:d5:fb:c1:bb:31:
0d:25:ff:6e:87:0f:e1:e7:4f:08:4f:ba:ec:11:af:cf:81:13:
72:80:c9:58:4f:ef:e9:ca:47:64:25:0a:ed:49:34:6c:5e:14:
e6:57:dc:16:9a:d2:91:10:c7:54:01:e5:ce:72:66:e3:f3:1a:
14:1a:e4:60:99:ea:97:28:fd:2e:df:cd:55:01:67:9f:fb:bd:
db:83:35:d4:64:6e:15:a8:a0:fe:d0:e9:fa:d2:85:ce:21:30:
f6:05:94:54:0c:99:ba:f9:f3:96:7a:45:e5:d6:8a:be:89:df:
9d:22:b2:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXF3e/puHiEACHN8UlrVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjUxMTExMTAwMDQ3WhcNMjUxMTEyMTAwMDQ3WjAzMTEwLwYDVQQD
EyhhMTM2OTlkN2IyMzRmNGZjNjU2ZGU2MWRmZTI4N2VmMTc0ZTdiOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9kp4xvaLOu2grUii4Ed34AKls3B
nJTMA5hMrUqROvCqbLSLq7TNoWF1JUFNvGExZI5sqMPSGI2ua3jA4QqeTXFp72yb
S+FXEDEIwv1fSp1uo7vpDOg/XKRsirpGtM2sRl1ZFtp2sSjMc4bl/Y6FoKrzPGYH
ohaxyPd5Kwrz+XObyR+2mVlS8XcAXSGBVmxxx9PGCbVoaYLjVkq8giDUg2YxZZdh
utko8+HOX3L0mC9GYLzRYqisW/PDjN2IcVYGNrJuA8aOmfp9rR/kfksDC2UniVuB
KcDwlSK5yxuk6LfzeAuYleH7tYM5G6gzIwVcmn7+9mbGq4SCm4NoGWaeLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKE2mdeyNPT8ZW3mHf4ofvF057llMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyNFcUCJ
tLKztl8Nu+Z2zaQugHhhlBXuh/pxeTysA9+55xgfGFwbReYw4ZDEslKSDHHhAgK4
mRdkUlixlJlc2Y5H1fjLUHjlZMZwM6e+n4w0XKhuANDOXBbd+S+rpsRiiDtQVP5t
rA8zIQwt+Aif3z2945lBsDfPjVdZo1Y6Sx0rYHGgZTrhyNUyxtX7wbsxDSX/bocP
4edPCE+67BGvz4ETcoDJWE/v6cpHZCUK7Uk0bF4U5lfcFprSkRDHVAHlznJm4/Ma
FBrkYJnqlyj9Lt/NVQFnn/u924M11GRuFaig/tDp+tKFziEw9gWUVAyZuvnzlnpF
5daKvonfnSKy+g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:49 2025 by rpki-client