Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: r4fVV0wdjKA18DOmyq3ydCD0zUNrQbTotQBNvNuhepY=
Subject key identifier: 59:0D:CF:ED:75:76:F8:8B:3E:72:49:76:06:B8:47:30:17:A4:4A:15
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 019A24E636598ECFE889E2522E2ED80A4951
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 16F8
Signing time: Mon 27 Oct 2025 09:00:58 +0000
Manifest this update: Mon 27 Oct 2025 09:00:58 +0000
Manifest next update: Tue 28 Oct 2025 09:00:58 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: 75vGMTc8/f1aFytDlEq4HkCT2nFQCKSL1RY7YV9kXO0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:e6:36:59:8e:cf:e8:89:e2:52:2e:2e:d8:0a:49:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Oct 27 09:00:58 2025 GMT
Not After : Oct 28 09:00:58 2025 GMT
Subject: CN=590dcfed7576f88b3e72497606b8473017a44a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:76:44:c5:aa:9a:ec:42:c4:f3:d6:1a:bc:
a9:0b:fe:49:c8:a7:01:ef:92:08:da:3c:ff:d0:e7:
2e:43:76:48:b6:e9:27:56:25:64:f8:3f:53:61:eb:
ae:35:07:29:83:60:c2:e5:12:15:fa:a5:ec:31:09:
3f:83:7f:3d:98:4d:39:f4:23:cc:3b:a1:c6:15:b8:
2a:87:0a:12:ac:3a:40:1b:78:f9:c7:9e:cd:c7:6b:
81:59:c2:92:0a:29:01:e7:cf:69:1d:a0:66:29:96:
47:98:19:ba:4a:ec:30:13:dc:47:cc:7c:54:0b:59:
e3:e6:9e:10:a4:63:db:ee:27:1a:77:f1:4a:97:bd:
aa:79:94:01:0d:5e:d3:11:71:4e:05:38:11:90:5f:
7c:f2:57:0c:1e:9a:52:9d:cc:b0:af:a7:a0:82:cc:
98:ed:4f:aa:e5:fc:1d:6a:0a:70:89:ea:db:3f:38:
7a:73:5c:45:35:ec:4f:44:e5:4e:0a:31:06:ea:92:
ac:7a:6c:0f:4f:d8:27:d4:7f:e4:3b:cc:1d:42:0c:
17:4c:92:5e:e6:e4:d7:b3:53:1d:90:5c:ca:c0:84:
3e:91:73:ea:44:cb:0a:d2:68:9e:93:d7:80:d7:99:
a1:fa:e9:3b:bf:01:e8:ec:42:36:8e:d4:77:0e:36:
7f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0D:CF:ED:75:76:F8:8B:3E:72:49:76:06:B8:47:30:17:A4:4A:15
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
de:0a:7f:7d:cd:54:b6:94:62:46:71:fd:24:05:11:d6:41:42:
e4:04:3c:6a:c2:14:88:d4:51:69:d1:9d:72:7c:22:01:e9:a0:
eb:08:2e:d0:21:b7:6a:f0:4e:6c:50:25:42:3c:01:c4:68:25:
de:e2:7b:85:83:cd:e0:ce:2d:47:98:47:f7:bc:58:fa:35:c0:
0b:c6:43:2c:ad:fa:a6:76:5e:ad:b7:84:e9:84:d7:b4:da:0a:
90:10:6e:a5:31:db:9c:1a:60:69:15:47:8d:6c:53:e4:2b:54:
ef:ef:74:3c:23:c8:5c:3a:94:6d:4a:40:c8:53:46:cf:bd:18:
38:de:05:3e:47:f2:b6:8c:52:08:99:97:fe:6e:9d:88:1e:ef:
47:6c:10:ea:a6:a3:3c:14:1a:ad:b6:e6:3d:05:2e:b9:63:35:
c5:14:bb:48:9c:15:5a:09:da:eb:ea:a4:83:ac:92:09:59:5d:
cb:58:c6:c6:f1:08:df:46:0c:e8:aa:5a:25:2e:7f:09:f8:14:
70:20:c1:64:1c:1c:6e:1b:70:8c:02:04:e8:c2:c6:14:8a:db:
b5:e1:83:40:25:e2:41:c2:2a:07:e1:83:98:da:27:a8:1a:da:
b0:34:92:2a:14:78:92:e4:b2:1c:24:c3:7c:65:01:ce:95:93:
4c:28:73:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZok5jZZjs/oieJSLi7YCklRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUxMDI3MDkwMDU4WhcNMjUxMDI4MDkwMDU4WjAzMTEwLwYDVQQD
Eyg1OTBkY2ZlZDc1NzZmODhiM2U3MjQ5NzYwNmI4NDczMDE3YTQ0YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufl2RMWqmuxCxPPWGrypC/5JyKcB
75II2jz/0OcuQ3ZItuknViVk+D9TYeuuNQcpg2DC5RIV+qXsMQk/g389mE059CPM
O6HGFbgqhwoSrDpAG3j5x57Nx2uBWcKSCikB589pHaBmKZZHmBm6SuwwE9xHzHxU
C1nj5p4QpGPb7icad/FKl72qeZQBDV7TEXFOBTgRkF988lcMHppSncywr6eggsyY
7U+q5fwdagpwierbPzh6c1xFNexPROVOCjEG6pKsemwPT9gn1H/kO8wdQgwXTJJe
5uTXs1MdkFzKwIQ+kXPqRMsK0miek9eA15mh+uk7vwHo7EI2jtR3DjZ/SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkNz+11dviLPnJJdga4RzAXpEoVMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3gp/fc1U
tpRiRnH9JAUR1kFC5AQ8asIUiNRRadGdcnwiAemg6wgu0CG3avBObFAlQjwBxGgl
3uJ7hYPN4M4tR5hH97xY+jXAC8ZDLK36pnZerbeE6YTXtNoKkBBupTHbnBpgaRVH
jWxT5CtU7+90PCPIXDqUbUpAyFNGz70YON4FPkfytoxSCJmX/m6diB7vR2wQ6qaj
PBQarbbmPQUuuWM1xRS7SJwVWgna6+qkg6ySCVldy1jGxvEI30YM6KpaJS5/CfgU
cCDBZBwcbhtwjAIE6MLGFIrbteGDQCXiQcIqB+GDmNonqBrasDSSKhR4kuSyHCTD
fGUBzpWTTChzNw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 19:24:12 2025 by rpki-client