Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: k3F9W84R3SQ1a2gTgex8XcU3A1GqBwYnlwVI3uAjsQU=
Subject key identifier: C2:74:C4:A4:88:87:D9:A4:FB:EA:D0:28:DC:35:68:93:45:4E:6B:7F
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019A5640234E818063B16F4D354645AC9EF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 1664
Signing time: Wed 05 Nov 2025 23:00:35 +0000
Manifest this update: Wed 05 Nov 2025 23:00:35 +0000
Manifest next update: Thu 06 Nov 2025 23:00:35 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: cb5QHR+PqgT0Bo785mnQAxT9Ra5AQLu9mW+C+huIxpQ=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:56:40:23:4e:81:80:63:b1:6f:4d:35:46:45:ac:9e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Nov 5 23:00:35 2025 GMT
Not After : Nov 6 23:00:35 2025 GMT
Subject: CN=c274c4a48887d9a4fbead028dc356893454e6b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4b:6c:35:50:7d:bc:28:65:ce:d8:1f:77:c0:
fe:45:d4:b4:c6:fb:fe:5f:af:03:0c:ae:03:93:67:
9f:ee:1b:a2:d3:c2:ee:19:84:22:b7:68:41:d5:4d:
89:46:51:b8:12:65:50:6d:15:ef:03:62:f5:3f:f8:
69:ab:9d:48:5f:58:ad:93:e1:40:a7:15:3a:49:7e:
42:92:03:5e:2e:fc:38:22:2a:81:ff:54:b1:42:a8:
01:d1:ef:55:84:73:a5:db:d2:8d:4e:a4:21:c7:67:
e4:51:a8:75:71:69:fa:9a:1c:95:78:84:ec:71:a7:
b7:af:5f:88:c5:d9:69:66:2c:f7:52:52:4c:e1:f1:
8d:fc:65:e5:05:57:2d:2f:b5:19:ed:9b:29:3d:6f:
e2:bc:82:44:1d:3e:35:9a:4e:7f:f6:be:67:04:61:
e6:65:99:61:54:97:d4:fa:d8:97:ae:46:33:59:5b:
34:88:ad:de:5a:1a:25:01:8a:0d:49:c2:6b:43:59:
f2:40:87:86:5f:79:8e:b9:e6:65:98:21:3c:13:56:
ea:0a:4e:1f:bb:56:9f:f9:37:dd:a9:68:c8:2b:75:
56:7e:0c:92:ab:75:ed:4e:ee:a5:16:2c:14:fd:8d:
b4:46:d0:d2:55:fb:e3:45:7e:00:0c:93:68:b5:7e:
18:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:74:C4:A4:88:87:D9:A4:FB:EA:D0:28:DC:35:68:93:45:4E:6B:7F
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:bb:98:c2:31:fb:2d:bb:f6:7c:1a:e2:47:0e:4f:bc:80:7c:
c9:8b:e6:6d:50:10:04:45:b3:18:47:13:91:01:6d:06:c7:4e:
8d:44:62:df:8f:26:e4:90:14:eb:2d:4f:e6:fa:a0:ec:74:32:
d5:01:86:9e:89:5f:c2:09:3a:ba:40:17:c4:ff:01:45:04:67:
85:f2:4c:0a:f2:23:5d:67:cf:70:91:12:a1:9f:ee:87:57:a8:
10:a7:ce:16:f3:d8:da:b0:30:70:fb:14:e0:3d:a7:3d:b8:6e:
04:b8:a9:59:02:89:16:46:6c:16:44:e4:e1:d6:fa:49:b6:40:
1e:8d:ac:2c:c5:da:dc:04:ae:b8:24:f5:d7:17:c4:ec:4c:7c:
6e:aa:b3:80:72:f7:ee:44:b4:90:3f:b2:7c:a4:be:5b:a9:de:
bf:f9:21:49:64:0b:eb:55:1c:6f:d4:ba:0d:60:1f:7e:50:5a:
05:a3:9a:8c:a1:eb:50:24:ad:c9:cd:9e:55:a6:46:60:90:14:
9c:16:ea:69:77:75:d8:3c:4a:dd:6d:ae:16:1e:5a:29:24:23:
37:e7:68:f6:15:c8:55:42:81:ad:0a:85:d8:08:42:c7:fe:9a:
43:84:f8:1e:a8:4b:cb:96:a0:d9:f5:6b:97:ec:63:5d:77:fa:
97:fd:00:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpWQCNOgYBjsW9NNUZFrJ74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUxMTA1MjMwMDM1WhcNMjUxMTA2MjMwMDM1WjAzMTEwLwYDVQQD
EyhjMjc0YzRhNDg4ODdkOWE0ZmJlYWQwMjhkYzM1Njg5MzQ1NGU2YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UtsNVB9vChlztgfd8D+RdS0xvv+
X68DDK4Dk2ef7hui08LuGYQit2hB1U2JRlG4EmVQbRXvA2L1P/hpq51IX1itk+FA
pxU6SX5CkgNeLvw4IiqB/1SxQqgB0e9VhHOl29KNTqQhx2fkUah1cWn6mhyVeITs
cae3r1+IxdlpZiz3UlJM4fGN/GXlBVctL7UZ7ZspPW/ivIJEHT41mk5/9r5nBGHm
ZZlhVJfU+tiXrkYzWVs0iK3eWholAYoNScJrQ1nyQIeGX3mOueZlmCE8E1bqCk4f
u1af+TfdqWjIK3VWfgySq3XtTu6lFiwU/Y20RtDSVfvjRX4ADJNotX4YewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ0xKSIh9mk++rQKNw1aJNFTmt/MB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfbuYwjH7
Lbv2fBriRw5PvIB8yYvmbVAQBEWzGEcTkQFtBsdOjURi348m5JAU6y1P5vqg7HQy
1QGGnolfwgk6ukAXxP8BRQRnhfJMCvIjXWfPcJESoZ/uh1eoEKfOFvPY2rAwcPsU
4D2nPbhuBLipWQKJFkZsFkTk4db6SbZAHo2sLMXa3ASuuCT11xfE7Ex8bqqzgHL3
7kS0kD+yfKS+W6nev/khSWQL61Ucb9S6DWAfflBaBaOajKHrUCStyc2eVaZGYJAU
nBbqaXd12DxK3W2uFh5aKSQjN+do9hXIVUKBrQqF2AhCx/6aQ4T4HqhLy5ag2fVr
l+xjXXf6l/0AhQ==
-----END CERTIFICATE-----
Generated at Thu Nov 6 02:43:30 2025 by rpki-client