Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
File: l_aXATQzuJHWRpfZKGY75zTbpOc.mft (raw, json)
Hash identifier: FuNTpPS2CeLzcrCfIuPTOtDjpR0pxDdi69jpJaWb1+E=
Subject key identifier: CC:31:F3:2F:D4:34:6B:79:02:48:96:44:87:A5:CD:1F:DF:39:27:A7
Authority key identifier: 97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
Certificate issuer: /CN=97f697013433b891d64697d928663be734dba4e7
Certificate serial: 019A73014FC544EB0696EAC0F468F7BBC10D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 13:00:57 +0000
Manifest this update: Tue 11 Nov 2025 13:00:57 +0000
Manifest next update: Wed 12 Nov 2025 13:00:57 +0000
Files and hashes: 1: Q01X85MGyHMF5rr2gbqyxSbVGJU.roa (hash: 3pLndBzBIS9IcjtzdUX4XacaMZCMolKRG+4KwxWHWEU=)
2: l_aXATQzuJHWRpfZKGY75zTbpOc.crl (hash: h6jbo0nT4V4gJTfkBwsthJOgue4PH+abxzo8YshH7jw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:4f:c5:44:eb:06:96:ea:c0:f4:68:f7:bb:c1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f697013433b891d64697d928663be734dba4e7
Validity
Not Before: Nov 11 13:00:57 2025 GMT
Not After : Nov 12 13:00:57 2025 GMT
Subject: CN=cc31f32fd4346b790248964487a5cd1fdf3927a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9f:0d:c1:36:92:c9:c6:c3:33:a5:a1:f2:d8:
23:c0:73:c6:56:bc:e7:43:ea:6e:4a:74:08:19:03:
10:10:04:ba:12:87:ba:f1:04:8a:03:83:24:6e:42:
21:55:15:b4:6c:c3:77:38:3b:81:95:5f:7c:cb:f4:
9f:12:a6:d0:79:14:b1:00:46:b3:5d:7a:7d:e0:3e:
58:33:40:47:d0:c1:d0:06:1e:fd:74:4f:e3:a0:b9:
f6:16:1e:cc:4a:4c:99:f8:5f:b9:b9:b1:96:20:18:
dc:ca:24:c6:3e:39:77:41:eb:59:d2:91:3a:bf:97:
91:f4:80:2a:bc:b2:36:e3:f0:5d:6e:0c:bc:9c:d8:
19:02:23:92:85:51:e6:f6:82:c4:a3:d6:dd:74:fe:
cd:5e:7e:dd:fd:31:74:0c:fb:b8:6a:6f:ad:56:1b:
67:25:31:d5:22:78:c2:f6:80:3c:73:3f:86:1a:4a:
d1:3a:a6:01:e3:83:d5:46:cc:25:1e:0b:7b:7d:9b:
34:48:da:09:07:c4:1c:66:5e:7b:7f:ed:18:47:79:
76:ae:83:3d:ec:74:98:ca:9f:b6:e2:c5:cf:ca:f7:
20:4b:80:3c:1f:b8:d1:35:21:31:1e:77:d7:0d:83:
22:7d:7f:3e:43:6a:af:f6:d5:70:bf:33:36:56:4b:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:31:F3:2F:D4:34:6B:79:02:48:96:44:87:A5:CD:1F:DF:39:27:A7
X509v3 Authority Key Identifier:
keyid:97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:4f:2e:64:2c:15:4f:5b:54:c6:f4:03:13:43:e4:86:eb:01:
54:b4:3d:86:7d:17:16:28:ee:99:1b:6b:83:93:1a:8d:16:99:
29:a8:0c:9c:85:45:69:1f:a2:c5:5e:87:e8:4c:a1:9d:6e:ea:
56:07:c1:c5:86:90:82:94:f3:18:98:9e:f3:05:6a:11:af:86:
09:3d:b5:c0:15:e1:e9:bf:16:63:6a:d9:38:4d:97:d9:4d:e1:
b2:69:27:f4:91:ff:9a:ec:2f:51:34:43:48:22:d9:53:5c:b8:
bd:f7:9d:66:83:51:7d:6d:ce:60:1e:18:32:a6:23:45:a7:e8:
67:80:f1:33:77:4c:ee:a5:2c:ff:f1:cf:84:2b:00:07:bb:91:
a0:0a:a9:d8:af:8a:04:8c:27:68:c5:98:e1:65:47:b2:5b:b6:
dd:0c:16:18:e8:69:9c:65:c3:be:b0:23:2f:d3:5f:a2:97:a4:
28:82:da:0d:7b:e9:01:55:2a:6e:af:c9:26:9b:e9:a1:24:ba:
92:05:8e:72:d6:49:61:66:e9:b9:b2:27:16:6c:fa:dc:3f:75:
7c:cc:9d:3a:c3:a8:40:6c:fd:f1:79:e6:a5:ff:54:d3:63:ca:
47:aa:ed:2e:be:99:e1:85:93:17:16:8e:ad:11:23:d3:37:98:
ef:51:fd:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAU/FROsGlurA9Gj3u8ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjY5NzAxMzQzM2I4OTFkNjQ2OTdkOTI4NjYzYmU3MzRk
YmE0ZTcwHhcNMjUxMTExMTMwMDU3WhcNMjUxMTEyMTMwMDU3WjAzMTEwLwYDVQQD
EyhjYzMxZjMyZmQ0MzQ2Yjc5MDI0ODk2NDQ4N2E1Y2QxZmRmMzkyN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J8NwTaSycbDM6Wh8tgjwHPGVrzn
Q+puSnQIGQMQEAS6Eoe68QSKA4MkbkIhVRW0bMN3ODuBlV98y/SfEqbQeRSxAEaz
XXp94D5YM0BH0MHQBh79dE/joLn2Fh7MSkyZ+F+5ubGWIBjcyiTGPjl3QetZ0pE6
v5eR9IAqvLI24/Bdbgy8nNgZAiOShVHm9oLEo9bddP7NXn7d/TF0DPu4am+tVhtn
JTHVInjC9oA8cz+GGkrROqYB44PVRswlHgt7fZs0SNoJB8QcZl57f+0YR3l2roM9
7HSYyp+24sXPyvcgS4A8H7jRNSExHnfXDYMifX8+Q2qv9tVwvzM2VksEWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwx8y/UNGt5AkiWRIelzR/fOSenMB8GA1UdIwQY
MBaAFJf2lwE0M7iR1kaX2ShmO+c026TnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjIt
N2JjODMyMjBmYjYyLzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjItN2JjODMyMjBmYjYy
LzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmU8uZCwV
T1tUxvQDE0PkhusBVLQ9hn0XFijumRtrg5MajRaZKagMnIVFaR+ixV6H6EyhnW7q
VgfBxYaQgpTzGJie8wVqEa+GCT21wBXh6b8WY2rZOE2X2U3hsmkn9JH/muwvUTRD
SCLZU1y4vfedZoNRfW3OYB4YMqYjRafoZ4DxM3dM7qUs//HPhCsAB7uRoAqp2K+K
BIwnaMWY4WVHslu23QwWGOhpnGXDvrAjL9NfopekKILaDXvpAVUqbq/JJpvpoSS6
kgWOctZJYWbpubInFmz63D91fMydOsOoQGz98Xnmpf9U02PKR6rtLr6Z4YWTFxaO
rREj0zeY71H9fg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:56:50 2025 by rpki-client