Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
File: AL8jAERknAbXXjAsUXUATb_GcmE.mft (raw, json)
Hash identifier: a6ICRvNE5VZE+Kg0Mm5AIGxfspthAaQckU3y5dJ1GYA=
Subject key identifier: C0:69:1C:F4:D7:D8:07:48:9C:C1:14:A0:10:DF:20:12:A5:86:63:D7
Authority key identifier: 00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61
Certificate issuer: /CN=00bf230044649c06d75e302c5175004dbfc67261
Certificate serial: 019A2C314CE6568F21426ED26F168FCC9FB9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
Manifest number: 0D9F
Signing time: Tue 28 Oct 2025 19:00:19 +0000
Manifest this update: Tue 28 Oct 2025 19:00:19 +0000
Manifest next update: Wed 29 Oct 2025 19:00:19 +0000
Files and hashes: 1: AL8jAERknAbXXjAsUXUATb_GcmE.crl (hash: /6+YBvBVmHyn9SnSxlkeU/UYW3TgBR9IJ7In8jTcZx8=)
2: qzSVGtS_jWsXuo115ysr12jv81o.roa (hash: 6sU/7Xohp1bS1zbTFVnz4YbGVdQCm8u0BmBoUOstkdU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:31:4c:e6:56:8f:21:42:6e:d2:6f:16:8f:cc:9f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00bf230044649c06d75e302c5175004dbfc67261
Validity
Not Before: Oct 28 19:00:19 2025 GMT
Not After : Oct 29 19:00:19 2025 GMT
Subject: CN=c0691cf4d7d807489cc114a010df2012a58663d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:78:ea:39:6f:40:c1:f5:37:3a:da:56:8c:
7b:dc:5d:ca:0b:ad:bc:19:50:1d:cd:d0:30:13:b2:
6b:de:8a:05:db:63:5b:9a:73:fc:d4:63:4f:58:15:
18:1f:16:a3:57:9b:db:47:50:3e:f0:cf:9c:c1:f2:
18:32:e5:78:ae:bc:06:34:e2:10:9f:cd:1d:84:53:
80:20:53:8f:ba:33:eb:ff:03:cd:1d:94:8b:2c:e1:
b6:52:ad:e5:75:e7:21:80:c9:e4:56:b5:10:aa:4e:
b0:87:39:be:10:f5:ec:85:6d:c6:c7:ed:29:67:bd:
46:ba:1c:f2:6d:ba:42:a4:d4:fd:ed:1b:30:12:88:
13:ae:b8:9d:52:0e:ba:52:01:52:47:ce:83:22:c0:
99:62:5d:02:bb:2a:be:3b:39:c8:30:c8:81:b8:fd:
d7:36:11:74:aa:b7:aa:a6:09:2e:8e:b5:8f:e5:04:
81:60:9e:8f:e4:e5:f4:5d:f2:59:9b:d0:83:a8:6e:
32:59:83:ae:e4:63:fd:99:82:53:3f:62:76:31:37:
ef:f1:68:e1:10:49:7c:67:a0:50:4a:f2:10:47:1f:
ba:2e:81:8e:1d:41:1f:50:09:f8:38:5a:1e:a6:79:
93:f2:c5:d5:9d:84:9f:53:5c:77:e5:12:b8:a7:fc:
14:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:69:1C:F4:D7:D8:07:48:9C:C1:14:A0:10:DF:20:12:A5:86:63:D7
X509v3 Authority Key Identifier:
keyid:00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:e1:d6:15:65:26:d5:dc:cf:be:f3:24:17:51:61:6e:f0:59:
6f:95:66:53:c3:3e:44:3a:6d:d6:1d:b1:57:bc:01:64:46:55:
f8:2e:40:ad:01:df:09:58:a6:3e:b8:ba:63:3f:6b:a4:b7:b1:
e4:f0:30:cd:18:04:0a:66:8c:78:79:0a:8c:3c:11:53:eb:fe:
75:f7:41:c7:65:24:fe:f6:e7:75:aa:91:95:bc:da:8d:5e:6c:
06:04:04:cd:b3:a0:87:a6:17:2a:79:cf:b3:d7:05:c0:5f:02:
60:19:59:98:cc:e2:dd:6a:79:42:39:c2:6e:e7:8b:89:99:af:
d6:f6:1b:b0:28:20:09:78:5b:95:2c:77:06:1d:b1:9d:66:20:
56:fd:ce:f6:cf:bc:30:9c:1d:c3:de:2a:63:bf:ea:57:f2:8e:
d1:eb:8d:86:ac:f5:cb:7e:f8:68:a5:b9:c5:8d:e4:dd:7b:15:
b0:82:80:c5:24:a7:54:62:ff:09:a6:81:ac:c0:53:b4:d7:ff:
d8:51:e8:57:c6:4e:84:89:c9:af:db:c4:44:72:01:54:39:69:
56:72:e5:10:a6:ea:50:1c:5e:af:2f:32:bb:74:9f:39:e2:76:
db:76:9a:51:f6:e8:1c:6f:91:28:36:38:87:b6:df:f6:e6:a2:
29:21:2e:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosMUzmVo8hQm7SbxaPzJ+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYmYyMzAwNDQ2NDljMDZkNzVlMzAyYzUxNzUwMDRkYmZj
NjcyNjEwHhcNMjUxMDI4MTkwMDE5WhcNMjUxMDI5MTkwMDE5WjAzMTEwLwYDVQQD
EyhjMDY5MWNmNGQ3ZDgwNzQ4OWNjMTE0YTAxMGRmMjAxMmE1ODY2M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5h46jlvQMH1NzraVox73F3KC628
GVAdzdAwE7Jr3ooF22NbmnP81GNPWBUYHxajV5vbR1A+8M+cwfIYMuV4rrwGNOIQ
n80dhFOAIFOPujPr/wPNHZSLLOG2Uq3ldechgMnkVrUQqk6whzm+EPXshW3Gx+0p
Z71GuhzybbpCpNT97RswEogTrridUg66UgFSR86DIsCZYl0Cuyq+OznIMMiBuP3X
NhF0qreqpgkujrWP5QSBYJ6P5OX0XfJZm9CDqG4yWYOu5GP9mYJTP2J2MTfv8Wjh
EEl8Z6BQSvIQRx+6LoGOHUEfUAn4OFoepnmT8sXVnYSfU1x35RK4p/wUVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBpHPTX2AdInMEUoBDfIBKlhmPXMB8GA1UdIwQY
MBaAFAC/IwBEZJwG114wLFF1AE2/xnJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjct
NmVmMWQ5NjgxM2EyLzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjctNmVmMWQ5NjgxM2Ey
LzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKuHWFWUm
1dzPvvMkF1FhbvBZb5VmU8M+RDpt1h2xV7wBZEZV+C5ArQHfCVimPri6Yz9rpLex
5PAwzRgECmaMeHkKjDwRU+v+dfdBx2Uk/vbndaqRlbzajV5sBgQEzbOgh6YXKnnP
s9cFwF8CYBlZmMzi3Wp5QjnCbueLiZmv1vYbsCggCXhblSx3Bh2xnWYgVv3O9s+8
MJwdw94qY7/qV/KO0euNhqz1y374aKW5xY3k3XsVsIKAxSSnVGL/CaaBrMBTtNf/
2FHoV8ZOhInJr9vERHIBVDlpVnLlEKbqUBxery8yu3SfOeJ223aaUfboHG+RKDY4
h7bf9uaiKSEuEA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 22:38:38 2025 by rpki-client