Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
File: 10AeAklBizV1RyaIJPYkSSXY2zk.mft (raw, json)
Hash identifier: WgakcOtUkvQ/VUCf6JQrb+nAm1fDQezH+g65THHGGPo=
Subject key identifier: 74:EA:FA:A2:74:BC:70:B2:E1:43:7C:3F:CE:18:18:F5:79:93:93:7D
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 019A72CA1E57C30AC871571A5C570AAC3377
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
Manifest number: 089F
Signing time: Tue 11 Nov 2025 12:00:39 +0000
Manifest this update: Tue 11 Nov 2025 12:00:39 +0000
Manifest next update: Wed 12 Nov 2025 12:00:39 +0000
Files and hashes: 1: 10AeAklBizV1RyaIJPYkSSXY2zk.crl (hash: CcXwAObM/wdBxjV676BNJvMUmCFnIaA6Y/RoGgK/Vr0=)
2: Jj1HHZ3M2IWqEVr2BMPp4ypDwcI.roa (hash: cgzJBvOGYHM0ug0D/FFBZa1jcNvWqnCErJy8L2Lko1U=)
3: cBlGJ5bNODNILYzK1oNt3QzAw7M.roa (hash: 7wWvEWZaVuq+kybNFqA4kbf75m0LmBkO8WIx9pDUDFw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:1e:57:c3:0a:c8:71:57:1a:5c:57:0a:ac:33:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Nov 11 12:00:39 2025 GMT
Not After : Nov 12 12:00:39 2025 GMT
Subject: CN=74eafaa274bc70b2e1437c3fce1818f57993937d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a4:bc:0f:02:fd:5f:f1:26:3d:58:f3:2b:76:
f0:a8:e7:0b:98:dc:da:1f:e5:ab:62:dd:80:43:39:
43:9a:1e:3e:4d:c5:91:94:84:d2:dc:32:45:b8:d2:
63:37:89:6f:8a:5f:ef:02:bd:24:f1:a8:46:1e:82:
ed:e9:da:f9:16:e2:14:f2:ff:ac:af:72:83:c9:60:
25:0d:c5:17:2c:54:a9:71:24:45:40:a0:22:cd:f4:
f4:51:a3:a1:7e:15:a1:30:57:50:1f:d1:bc:16:8a:
b6:2d:2b:89:a6:50:e1:cf:dc:5e:23:96:d9:22:23:
87:43:14:eb:b9:6d:9d:6a:75:93:87:84:5a:36:1e:
cc:95:2f:ee:8c:3b:38:bf:6d:d4:85:ed:3c:67:07:
dd:86:1f:d7:48:7a:fc:15:3b:87:c8:fd:72:c0:4a:
aa:ec:86:66:12:d6:c9:6b:63:cd:8c:34:c0:a6:dd:
61:35:de:17:7b:63:ee:34:18:53:f7:d0:95:65:49:
38:53:66:8c:52:e1:68:8d:4f:7b:15:a6:a0:5b:f1:
0f:2f:af:18:9c:74:1a:23:b7:38:89:89:48:c1:2c:
c5:4e:5e:32:17:72:31:b6:04:95:8b:de:e2:f1:e0:
73:97:d9:78:62:54:06:88:94:c0:08:0e:bb:30:89:
19:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EA:FA:A2:74:BC:70:B2:E1:43:7C:3F:CE:18:18:F5:79:93:93:7D
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:4e:69:48:41:9d:0f:9e:cd:71:28:85:bc:a1:31:59:8f:ff:
1d:39:8d:c3:18:c9:98:7d:7d:e4:59:de:38:49:fe:66:fc:cf:
98:b4:11:2c:c7:86:10:1d:d0:a2:23:64:cc:b9:1e:f7:a4:8e:
f6:7e:df:2d:66:ae:4a:f7:da:4b:fb:ad:c3:d4:09:07:86:5d:
23:52:fb:67:14:7a:8a:4d:26:13:4a:ce:5a:19:cb:01:63:b6:
ea:a5:5d:65:32:1f:c0:8a:7a:13:6a:7c:5a:c3:ea:49:b6:e2:
3d:f7:42:e8:87:90:75:56:34:38:cf:90:0f:3a:f1:57:72:3a:
02:45:e2:23:31:35:0f:f5:0b:38:b9:9d:09:7b:f1:02:05:d8:
bc:98:09:a8:c4:90:6e:47:21:93:cc:3e:63:d1:89:a7:e7:37:
aa:b9:3e:3c:2d:7a:df:6a:2f:18:c4:42:75:72:3c:00:61:10:
ef:f6:2b:15:4b:75:74:be:ee:79:d9:5f:45:d6:07:cf:14:1d:
f0:72:aa:65:3c:c8:73:58:0c:e9:5e:b2:1d:e4:68:e0:c9:ea:
bf:92:00:2d:4b:5d:db:29:0d:05:90:dc:5e:bd:f9:4e:7a:06:
ba:6d:d8:26:4a:6d:a7:00:0a:bb:4a:82:58:c2:8d:83:b0:34:
b2:c0:71:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyh5XwwrIcVcaXFcKrDN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjUxMTExMTIwMDM5WhcNMjUxMTEyMTIwMDM5WjAzMTEwLwYDVQQD
Eyg3NGVhZmFhMjc0YmM3MGIyZTE0MzdjM2ZjZTE4MThmNTc5OTM5MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KS8DwL9X/EmPVjzK3bwqOcLmNza
H+WrYt2AQzlDmh4+TcWRlITS3DJFuNJjN4lvil/vAr0k8ahGHoLt6dr5FuIU8v+s
r3KDyWAlDcUXLFSpcSRFQKAizfT0UaOhfhWhMFdQH9G8Foq2LSuJplDhz9xeI5bZ
IiOHQxTruW2danWTh4RaNh7MlS/ujDs4v23Uhe08Zwfdhh/XSHr8FTuHyP1ywEqq
7IZmEtbJa2PNjDTApt1hNd4Xe2PuNBhT99CVZUk4U2aMUuFojU97FaagW/EPL68Y
nHQaI7c4iYlIwSzFTl4yF3IxtgSVi97i8eBzl9l4YlQGiJTACA67MIkZYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTq+qJ0vHCy4UN8P84YGPV5k5N9MB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiE5pSEGd
D57NcSiFvKExWY//HTmNwxjJmH195FneOEn+ZvzPmLQRLMeGEB3QoiNkzLke96SO
9n7fLWauSvfaS/utw9QJB4ZdI1L7ZxR6ik0mE0rOWhnLAWO26qVdZTIfwIp6E2p8
WsPqSbbiPfdC6IeQdVY0OM+QDzrxV3I6AkXiIzE1D/ULOLmdCXvxAgXYvJgJqMSQ
bkchk8w+Y9GJp+c3qrk+PC1632ovGMRCdXI8AGEQ7/YrFUt1dL7uedlfRdYHzxQd
8HKqZTzIc1gM6V6yHeRo4Mnqv5IALUtd2ykNBZDcXr35TnoGum3YJkptpwAKu0qC
WMKNg7A0ssBxhA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:14:06 2025 by rpki-client