Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
File: aDCZAOZItlowenhgECv3ixb1XXU.mft (raw, json)
Hash identifier: FHFesokE9ddTJooWclYPakk1zJSXZvhkxXcZFCc++gM=
Subject key identifier: 91:0B:8A:F1:CC:97:31:D3:A5:FF:C8:4F:9D:46:D8:57:19:1B:04:AC
Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
Certificate issuer: /CN=68309900e648b65a307a7860102bf78b16f55d75
Certificate serial: 019A722658742F319169ED6548014803E0AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
Manifest number: 037D
Signing time: Tue 11 Nov 2025 09:01:46 +0000
Manifest this update: Tue 11 Nov 2025 09:01:46 +0000
Manifest next update: Wed 12 Nov 2025 09:01:46 +0000
Files and hashes: 1: MyHgwE9JQ37sKu_CcRwNe642FMI.roa (hash: UWTUq6zuuwDHpYw/C8xNP37TF6tAxhLymuOUDHs6DJk=)
2: aDCZAOZItlowenhgECv3ixb1XXU.crl (hash: YUjlQ4ouBqjJvWWTCWpebGN88+C9lMc0IaF7Cq+0Ap8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:58:74:2f:31:91:69:ed:65:48:01:48:03:e0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75
Validity
Not Before: Nov 11 09:01:46 2025 GMT
Not After : Nov 12 09:01:46 2025 GMT
Subject: CN=910b8af1cc9731d3a5ffc84f9d46d857191b04ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:13:ab:05:ec:a1:98:63:3d:70:10:5c:84:7f:
cc:bf:53:16:dc:84:46:88:78:d8:6e:ba:47:89:9d:
02:00:87:7b:68:cb:9a:63:f2:58:de:2a:e6:b9:c2:
56:07:09:ac:63:76:4f:9e:1b:b3:4e:6f:56:5a:1b:
b2:58:0f:11:ae:b0:7d:fd:e5:cd:21:05:70:d1:06:
83:e4:f1:ae:39:5f:84:2e:bf:67:18:e9:74:28:36:
eb:6b:92:f5:0e:85:c3:75:4c:79:b4:c4:27:27:13:
2c:32:0f:f3:d5:82:f5:34:32:5d:da:11:8d:1f:96:
5e:7b:6f:26:cf:e5:34:1b:29:28:12:a5:2a:41:89:
fa:7d:8e:b8:f4:66:93:23:5a:f8:2d:04:38:83:2f:
6b:75:ea:d4:c7:b5:50:65:a8:39:ba:21:dd:1b:1c:
73:6e:a2:01:dc:fa:76:1a:ce:ac:92:07:6c:6a:ed:
02:3e:d1:09:4f:7f:23:e0:b0:f2:01:6c:49:28:0d:
2f:41:bb:2e:f6:fc:32:25:0b:c8:5e:8d:6f:9c:6e:
0c:57:63:76:5a:8a:a8:4f:95:71:23:c2:72:37:93:
17:37:2c:3a:cc:aa:79:3a:a7:31:c0:af:95:a4:a4:
f1:0a:d4:12:73:60:bb:a7:52:c0:30:bd:3b:57:5b:
67:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0B:8A:F1:CC:97:31:D3:A5:FF:C8:4F:9D:46:D8:57:19:1B:04:AC
X509v3 Authority Key Identifier:
keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:0e:09:0d:b2:c9:ac:37:f3:51:bc:e1:f2:27:fb:d5:6c:8c:
19:41:7c:73:55:4f:87:4f:ee:f2:4f:fe:08:7d:92:e8:75:55:
76:6a:af:78:76:a3:e8:42:a8:aa:f4:29:3d:e4:ef:a2:98:00:
fd:17:c5:78:02:1b:53:f2:c5:0f:23:b3:51:f9:07:7e:8d:ac:
87:ac:05:5b:b4:81:0a:d1:e1:6a:b0:a1:00:4a:18:1a:b5:06:
f7:41:28:e6:61:db:c2:32:1d:f0:a8:ec:58:9e:e1:3f:aa:b6:
96:60:d0:df:ae:dc:0e:24:64:e5:9f:90:5d:87:f3:b3:55:81:
9c:2f:ee:9d:d4:96:69:28:95:e2:e4:3d:98:8f:61:a7:62:23:
4f:4d:d3:e2:ca:7a:f4:d4:b0:bc:35:03:57:38:a1:67:ee:c3:
2d:f5:a7:2a:e5:f6:0c:e0:1a:dc:87:37:4b:d5:a0:b4:48:7b:
e8:8a:1f:ae:1d:75:fe:dc:04:55:96:99:d0:fc:71:fd:d6:a9:
39:6f:2e:5c:08:0f:20:90:e3:1e:d6:2a:65:19:67:98:31:2b:
82:22:12:8e:95:73:62:3f:0a:85:1f:41:11:47:75:6a:7a:94:
e3:9f:c2:d2:28:0f:17:e8:ab:a2:fc:07:ca:c3:e4:72:b5:40:
26:5f:26:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlh0LzGRae1lSAFIA+CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm
NTVkNzUwHhcNMjUxMTExMDkwMTQ2WhcNMjUxMTEyMDkwMTQ2WjAzMTEwLwYDVQQD
Eyg5MTBiOGFmMWNjOTczMWQzYTVmZmM4NGY5ZDQ2ZDg1NzE5MWIwNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBOrBeyhmGM9cBBchH/Mv1MW3IRG
iHjYbrpHiZ0CAId7aMuaY/JY3irmucJWBwmsY3ZPnhuzTm9WWhuyWA8RrrB9/eXN
IQVw0QaD5PGuOV+ELr9nGOl0KDbra5L1DoXDdUx5tMQnJxMsMg/z1YL1NDJd2hGN
H5Zee28mz+U0GykoEqUqQYn6fY649GaTI1r4LQQ4gy9rderUx7VQZag5uiHdGxxz
bqIB3Pp2Gs6skgdsau0CPtEJT38j4LDyAWxJKA0vQbsu9vwyJQvIXo1vnG4MV2N2
WoqoT5VxI8JyN5MXNyw6zKp5OqcxwK+VpKTxCtQSc2C7p1LAML07V1tncwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJELivHMlzHTpf/IT51G2FcZGwSsMB8GA1UdIwQY
MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt
OWZhNzgwNzUzMzBiLzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYtOWZhNzgwNzUzMzBi
LzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfg4JDbLJ
rDfzUbzh8if71WyMGUF8c1VPh0/u8k/+CH2S6HVVdmqveHaj6EKoqvQpPeTvopgA
/RfFeAIbU/LFDyOzUfkHfo2sh6wFW7SBCtHharChAEoYGrUG90Eo5mHbwjId8Kjs
WJ7hP6q2lmDQ367cDiRk5Z+QXYfzs1WBnC/undSWaSiV4uQ9mI9hp2IjT03T4sp6
9NSwvDUDVzihZ+7DLfWnKuX2DOAa3Ic3S9WgtEh76Iofrh11/twEVZaZ0Pxx/dap
OW8uXAgPIJDjHtYqZRlnmDErgiISjpVzYj8KhR9BEUd1anqU45/C0igPF+irovwH
ysPkcrVAJl8mog==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:38 2025 by rpki-client