Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.mft
File: AYZ9mLBSF68a-spyJrvWEzcHSfA.mft (raw, json)
Hash identifier: c0oVm+Lsh2WRdr9LbiZx7KvqfTsoJfXOMDS2ZOhs/nk=
Subject key identifier: 00:82:81:29:9F:7F:C5:5D:F8:BE:77:DA:03:B6:CC:D9:54:99:8E:EA
Authority key identifier: 01:86:7D:98:B0:52:17:AF:1A:FA:CA:72:26:BB:D6:13:37:07:49:F0
Certificate issuer: /CN=01867d98b05217af1afaca7226bbd613370749f0
Certificate serial: 019A71B8A820894D90DA81F2529DBD5E5845
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYZ9mLBSF68a-spyJrvWEzcHSfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.mft
Manifest number: 0405
Signing time: Tue 11 Nov 2025 07:01:58 +0000
Manifest this update: Tue 11 Nov 2025 07:01:58 +0000
Manifest next update: Wed 12 Nov 2025 07:01:58 +0000
Files and hashes: 1: 1ENw1gcCvt1Pmax0p8zhB7SKAEg.roa (hash: 1qhYf9E0Pe4/V/O+LSKzrT8cldjvFnxKyFJ5/QtS500=)
2: AYZ9mLBSF68a-spyJrvWEzcHSfA.crl (hash: A+90uzVvdDzzKFFrAAMuVH3WZ867dk6lEl6TsRl9HdY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/AYZ9mLBSF68a-spyJrvWEzcHSfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:a8:20:89:4d:90:da:81:f2:52:9d:bd:5e:58:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01867d98b05217af1afaca7226bbd613370749f0
Validity
Not Before: Nov 11 07:01:58 2025 GMT
Not After : Nov 12 07:01:58 2025 GMT
Subject: CN=008281299f7fc55df8be77da03b6ccd954998eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:ea:37:db:9d:47:5c:53:e6:f5:d9:95:65:
a9:25:5b:98:9a:0b:a2:5f:87:62:12:f3:62:d4:87:
97:e1:d5:72:47:f2:ee:33:3a:33:ee:e6:35:2c:fc:
5a:8f:0c:fe:6a:f2:15:6f:4b:f8:de:04:bc:a9:65:
7e:25:8b:6a:58:02:a3:db:d8:71:6f:27:2e:0c:26:
8e:8f:3f:bf:4e:72:cc:d0:11:b6:7f:30:fc:65:1f:
4e:69:f9:b3:b1:e1:c2:75:d1:41:93:9f:db:0b:96:
7b:69:4e:70:65:7b:b1:e6:c7:c2:3e:e6:bf:ec:5d:
88:89:81:e4:12:ee:93:a4:be:4d:c8:1c:1e:2b:ba:
4c:de:d6:52:22:0b:5c:e3:5c:ef:1e:b3:3b:14:19:
40:b1:a7:4a:64:6b:c4:ac:ec:7b:55:1a:82:f1:c9:
ff:29:89:44:ad:14:48:15:aa:12:30:77:6a:5b:08:
93:2b:61:05:2d:01:f0:c2:7d:a3:cb:38:25:f2:bc:
71:e3:9e:7b:0a:2f:68:98:20:15:27:7c:87:cb:1d:
c6:d8:02:fa:b7:5f:57:2b:1f:dc:72:3e:52:b2:ad:
77:ae:ae:ec:bc:87:1d:5a:4e:fc:bc:71:6a:92:49:
60:52:6c:4a:b9:72:b8:d6:2f:18:a3:d2:6f:f1:a2:
ab:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:82:81:29:9F:7F:C5:5D:F8:BE:77:DA:03:B6:CC:D9:54:99:8E:EA
X509v3 Authority Key Identifier:
keyid:01:86:7D:98:B0:52:17:AF:1A:FA:CA:72:26:BB:D6:13:37:07:49:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYZ9mLBSF68a-spyJrvWEzcHSfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:98:80:87:cf:9d:8a:a6:ce:dc:aa:08:a4:d5:96:41:e1:b5:
9e:7b:19:08:b1:e5:2e:1b:60:fa:3b:22:85:d5:70:05:be:d5:
42:da:ea:67:30:08:aa:9e:a0:2d:b5:2e:e4:4c:b8:b9:6b:47:
b2:ad:de:c7:d2:a5:9a:81:12:e8:55:9f:b6:8b:fc:37:df:66:
0f:28:33:b1:73:29:97:fa:41:7f:db:77:c1:e8:e7:fa:49:29:
cd:73:f9:70:2d:cb:38:b7:80:08:af:b0:2d:6e:b4:d0:e4:a9:
62:78:fd:96:f8:cc:12:5a:8f:24:8d:6f:a5:35:b4:c0:36:42:
d8:a1:62:23:0a:ff:ae:32:46:61:e1:b1:1a:06:f2:21:fd:58:
37:95:19:8c:b3:aa:b7:d6:17:0c:c0:2f:8f:b8:33:43:21:80:
40:93:da:04:5c:3e:4b:5b:a2:4b:1e:d2:c3:d7:2d:3d:79:b9:
97:bc:96:11:24:80:23:ea:29:ba:4f:ce:46:86:86:8f:50:39:
e8:23:0a:f3:76:bc:f6:21:2c:9e:22:cf:a3:b9:0d:77:5f:da:
c4:4e:d4:c4:b3:77:fa:d1:be:92:be:f4:db:b2:b1:c8:61:f6:
7d:dc:71:15:6e:47:35:9f:b6:0a:47:44:91:02:fa:6b:63:e8:
6a:b9:fa:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKggiU2Q2oHyUp29XlhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODY3ZDk4YjA1MjE3YWYxYWZhY2E3MjI2YmJkNjEzMzcw
NzQ5ZjAwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
EygwMDgyODEyOTlmN2ZjNTVkZjhiZTc3ZGEwM2I2Y2NkOTU0OTk4ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZnqN9udR1xT5vXZlWWpJVuYmgui
X4diEvNi1IeX4dVyR/LuMzoz7uY1LPxajwz+avIVb0v43gS8qWV+JYtqWAKj29hx
bycuDCaOjz+/TnLM0BG2fzD8ZR9OafmzseHCddFBk5/bC5Z7aU5wZXux5sfCPua/
7F2IiYHkEu6TpL5NyBweK7pM3tZSIgtc41zvHrM7FBlAsadKZGvErOx7VRqC8cn/
KYlErRRIFaoSMHdqWwiTK2EFLQHwwn2jyzgl8rxx4557Ci9omCAVJ3yHyx3G2AL6
t19XKx/ccj5Ssq13rq7svIcdWk78vHFqkklgUmxKuXK41i8Yo9Jv8aKrHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACCgSmff8Vd+L532gO2zNlUmY7qMB8GA1UdIwQY
MBaAFAGGfZiwUhevGvrKcia71hM3B0nwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlaOW1MQlNGNjhhLXNweUpydldFemNIU2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC81MmJlYTQtMGFiZC00NzE5LWE2NGIt
ZTQ3YzU4Y2U1MzNjLzEvQVlaOW1MQlNGNjhhLXNweUpydldFemNIU2ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC81MmJlYTQtMGFiZC00NzE5LWE2NGItZTQ3YzU4Y2U1MzNj
LzEvQVlaOW1MQlNGNjhhLXNweUpydldFemNIU2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApiAh8+d
iqbO3KoIpNWWQeG1nnsZCLHlLhtg+jsihdVwBb7VQtrqZzAIqp6gLbUu5Ey4uWtH
sq3ex9KlmoES6FWftov8N99mDygzsXMpl/pBf9t3wejn+kkpzXP5cC3LOLeACK+w
LW600OSpYnj9lvjMElqPJI1vpTW0wDZC2KFiIwr/rjJGYeGxGgbyIf1YN5UZjLOq
t9YXDMAvj7gzQyGAQJPaBFw+S1uiSx7Sw9ctPXm5l7yWESSAI+opuk/ORoaGj1A5
6CMK83a89iEsniLPo7kNd1/axE7UxLN3+tG+kr7027KxyGH2fdxxFW5HNZ+2CkdE
kQL6a2Poarn6Zg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:04 2025 by rpki-client