Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
File: avqwkWjnzGa2Y8YWLVyNRUllzOI.mft (raw, json)
Hash identifier: HxZBbIN/7QMqJsh0IuFAVCbUzKnKcZyRJeZAbTHUxME=
Subject key identifier: 31:91:E0:2B:30:07:8B:EE:66:83:D4:0C:4D:9E:B3:59:53:5F:47:04
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial: 019A72266FBDF61BD9261EB874AEA94C1D0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:52 +0000
Manifest this update: Tue 11 Nov 2025 09:01:52 +0000
Manifest next update: Wed 12 Nov 2025 09:01:52 +0000
Files and hashes: 1: 5xRTqzcHFHVQo8fAk9jdOEDWcNo.roa (hash: o6t7ExGzOX2KWBxMdFDPPoJaZWdADyyPaXoKd8DGN1w=)
2: avqwkWjnzGa2Y8YWLVyNRUllzOI.crl (hash: nD7b0Dg2tcBeMMHG4QMWpPZq75OJk+nG8z7kHEPJ3qo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:6f:bd:f6:1b:d9:26:1e:b8:74:ae:a9:4c:1d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Validity
Not Before: Nov 11 09:01:52 2025 GMT
Not After : Nov 12 09:01:52 2025 GMT
Subject: CN=3191e02b30078bee6683d40c4d9eb359535f4704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:de:dd:5e:52:06:12:d6:47:7d:65:56:43:8e:
1d:c1:8f:03:38:22:7b:85:a1:56:bc:b8:0d:15:6b:
a1:a3:0d:5e:a6:a1:35:b8:6d:24:ff:d6:03:96:38:
56:27:f7:8c:99:33:24:9f:1c:70:15:c6:fb:c3:0f:
8b:86:eb:15:2d:a8:5f:87:a3:c1:ae:4f:a4:0d:82:
53:ed:d2:41:73:91:ea:db:68:6d:5f:8f:7e:79:23:
a7:8e:9d:4d:8e:cc:69:6b:27:91:0d:fb:c2:51:64:
33:25:3d:c5:df:ac:5c:c4:99:da:49:04:b1:1c:bf:
f0:92:b4:f7:18:13:6d:2d:88:7b:22:fd:d6:18:9c:
98:24:57:89:2c:6b:51:40:25:cf:df:96:5e:72:86:
f9:ca:55:21:82:16:78:dc:e6:5b:ae:c1:16:f8:d7:
04:26:e9:9b:b2:66:8b:3a:4a:96:da:d9:bb:b3:b8:
74:88:70:2a:04:36:6d:a7:da:07:72:19:02:06:1d:
ac:ba:ba:ce:86:d1:e1:9a:b4:da:dd:49:f1:4d:ba:
88:34:1d:a5:b1:77:ae:47:a1:7c:74:0f:ca:18:c4:
32:38:38:9b:69:fb:d7:25:39:84:a3:74:cd:54:1c:
42:d1:1a:27:0a:1e:82:37:f4:da:60:10:17:fd:67:
97:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:91:E0:2B:30:07:8B:EE:66:83:D4:0C:4D:9E:B3:59:53:5F:47:04
X509v3 Authority Key Identifier:
keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:27:cf:c2:22:60:f8:7c:be:85:1f:b4:74:a2:68:4a:39:96:
32:a2:f8:57:e3:1e:2f:d9:80:85:64:c8:22:b1:a9:7c:6f:6b:
6b:49:04:73:0b:23:3d:7e:cc:3e:fc:14:4b:8b:9c:d6:a5:be:
b4:78:2d:d5:54:d9:25:f6:19:8c:0e:86:41:3f:35:87:1d:db:
96:6d:d0:a0:f5:cf:f3:7c:08:f5:23:57:e1:fa:8b:36:e8:a5:
af:23:f5:7a:94:ab:7f:ac:d3:e3:1c:5f:87:62:dc:d2:96:7a:
2c:94:cb:ef:e9:70:a4:55:11:bc:33:28:c7:a9:dc:bc:89:d7:
67:5e:45:c0:da:ee:70:3b:bc:8e:9b:b8:37:30:dd:cc:21:98:
0d:05:c8:f9:a4:93:ab:2e:17:42:d5:ac:22:03:ce:7d:23:42:
f2:ff:13:f8:f3:6d:d4:21:4b:fa:bc:cc:26:44:6f:ec:67:cd:
d1:0f:a1:2c:b0:1f:b9:0c:7a:67:af:1b:ae:44:da:c0:3b:e7:
2a:c9:30:d1:90:f5:ed:0e:ee:86:b8:36:a1:c1:9e:46:c0:50:
d5:0d:21:3c:b0:0c:1a:b1:c8:b9:2f:86:a2:e8:db:30:f8:73:
97:db:0c:56:f6:41:95:42:ed:9d:f5:9b:bf:71:94:69:07:47:
fb:d0:66:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm+99hvZJh64dK6pTB0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EygzMTkxZTAyYjMwMDc4YmVlNjY4M2Q0MGM0ZDllYjM1OTUzNWY0NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt7dXlIGEtZHfWVWQ44dwY8DOCJ7
haFWvLgNFWuhow1epqE1uG0k/9YDljhWJ/eMmTMknxxwFcb7ww+LhusVLahfh6PB
rk+kDYJT7dJBc5Hq22htX49+eSOnjp1NjsxpayeRDfvCUWQzJT3F36xcxJnaSQSx
HL/wkrT3GBNtLYh7Iv3WGJyYJFeJLGtRQCXP35Zecob5ylUhghZ43OZbrsEW+NcE
JumbsmaLOkqW2tm7s7h0iHAqBDZtp9oHchkCBh2surrOhtHhmrTa3UnxTbqINB2l
sXeuR6F8dA/KGMQyODibafvXJTmEo3TNVBxC0RonCh6CN/TaYBAX/WeXjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGR4CswB4vuZoPUDE2es1lTX0cEMB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0CfPwiJg
+Hy+hR+0dKJoSjmWMqL4V+MeL9mAhWTIIrGpfG9ra0kEcwsjPX7MPvwUS4uc1qW+
tHgt1VTZJfYZjA6GQT81hx3blm3QoPXP83wI9SNX4fqLNuilryP1epSrf6zT4xxf
h2Lc0pZ6LJTL7+lwpFURvDMox6ncvInXZ15FwNrucDu8jpu4NzDdzCGYDQXI+aST
qy4XQtWsIgPOfSNC8v8T+PNt1CFL+rzMJkRv7GfN0Q+hLLAfuQx6Z68brkTawDvn
Kskw0ZD17Q7uhrg2ocGeRsBQ1Q0hPLAMGrHIuS+GoujbMPhzl9sMVvZBlULtnfWb
v3GUaQdH+9BmTA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:10 2025 by rpki-client