Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
File: AOLDNzGtylfcwzsvuCM_wDiwlek.mft (raw, json)
Hash identifier: HQhDoZhGUGAwQBnboFBDrEDpZCutUtknC7CgW5UnWY8=
Subject key identifier: 28:73:96:A4:5F:CA:28:0A:71:1B:0B:DB:8A:66:C6:EF:CB:C1:DA:C3
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 019A71B7CBE9D4E830E9F9AAF4746CD57075
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
Manifest number: 125D
Signing time: Tue 11 Nov 2025 07:01:01 +0000
Manifest this update: Tue 11 Nov 2025 07:01:01 +0000
Manifest next update: Wed 12 Nov 2025 07:01:01 +0000
Files and hashes: 1: AOLDNzGtylfcwzsvuCM_wDiwlek.crl (hash: ECz/rQcwHL34JQlb+ITqm/wbhPBAMHaFA6YAcncsnKw=)
2: lx4r-_of66D7nj4_JxEX4B7iGSo.roa (hash: nBmUpTvMg37xBiu7Iw7rIz0CmSBaScYekCzZq9oCvAo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:cb:e9:d4:e8:30:e9:f9:aa:f4:74:6c:d5:70:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Nov 11 07:01:01 2025 GMT
Not After : Nov 12 07:01:01 2025 GMT
Subject: CN=287396a45fca280a711b0bdb8a66c6efcbc1dac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:a0:db:ed:91:f5:14:50:17:0f:8e:7a:63:
1f:6b:72:a1:4a:a8:6c:db:ce:65:a6:7a:2b:f2:5d:
58:e4:66:4b:bd:79:81:1e:4f:4f:e7:15:8a:41:35:
14:3d:88:0d:ef:8c:fc:f6:74:3d:e3:03:08:65:f9:
a0:b5:7e:b2:15:38:b2:7b:20:cc:fd:d7:14:49:52:
f9:52:2c:98:31:7d:75:5e:51:e5:87:1a:5d:ea:95:
5d:06:9a:57:ba:f5:e9:d0:86:ed:1e:1a:c3:57:3b:
bc:33:e0:61:20:45:a0:21:1f:16:0b:37:54:68:8d:
5d:c8:66:51:bf:b3:ce:17:b0:09:9a:90:b9:16:e4:
c0:5a:85:0e:ca:a0:b1:3b:4c:31:0e:6c:df:0c:76:
18:30:c7:71:6d:6d:c9:7a:b5:e5:e0:e9:ff:89:d3:
ca:7c:26:6b:b1:03:f7:a3:2a:70:70:c7:4a:90:44:
db:7a:3c:29:d0:38:11:3d:e1:f8:d4:1d:29:f6:d3:
68:08:81:75:f9:63:ad:23:20:e8:19:1e:c2:f2:f5:
cb:ba:c8:d3:9d:21:a0:64:e4:70:1d:a7:b5:5b:3d:
17:dd:81:aa:4e:4d:13:80:b7:bd:12:79:b4:75:d0:
bb:99:c7:ce:86:26:ca:99:71:ac:32:f5:9c:c2:23:
cb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:73:96:A4:5F:CA:28:0A:71:1B:0B:DB:8A:66:C6:EF:CB:C1:DA:C3
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:08:62:2e:24:95:e9:06:91:bf:17:d8:1f:54:25:3c:6b:64:
5b:8e:5f:e5:a6:50:7d:de:9a:71:3a:da:9b:5f:90:80:41:27:
67:0d:4c:26:e4:05:db:73:da:24:0e:f0:b5:7a:9a:d8:f9:94:
54:75:b5:59:b9:c1:7b:cd:9e:54:18:24:9e:47:d1:99:51:a0:
d9:58:70:5d:27:7b:67:52:4d:87:a5:62:e4:01:77:f5:ba:af:
9d:93:ff:56:a0:27:b5:e8:ac:02:3a:97:66:d8:42:6d:b3:6a:
28:41:e7:b6:9d:d4:68:ed:12:95:dd:b2:7c:8f:95:2e:dd:d5:
82:8f:23:21:93:f2:b1:be:26:d2:1e:d4:f1:ed:69:ed:5f:56:
3d:71:ac:b4:b8:74:ff:07:2e:cd:fd:1d:82:fb:67:30:06:fa:
62:cf:c6:15:22:5a:64:0f:31:94:6e:30:0b:97:58:68:7c:f9:
e8:de:91:60:ac:ee:42:a3:6d:70:58:37:33:7e:f3:83:ee:56:
15:cd:38:cf:25:16:d2:ed:d4:01:0e:ef:34:d8:c4:c7:2b:d1:
d4:34:19:6c:cf:63:63:6c:8a:f9:f8:df:12:ee:7f:9e:36:d1:
94:26:4e:a3:5e:63:f8:62:0e:8e:86:54:df:2e:34:eb:d8:8e:
ac:52:5e:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8vp1Ogw6fmq9HRs1XB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjUxMTExMDcwMTAxWhcNMjUxMTEyMDcwMTAxWjAzMTEwLwYDVQQD
EygyODczOTZhNDVmY2EyODBhNzExYjBiZGI4YTY2YzZlZmNiYzFkYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTSg2+2R9RRQFw+OemMfa3KhSqhs
285lpnor8l1Y5GZLvXmBHk9P5xWKQTUUPYgN74z89nQ94wMIZfmgtX6yFTiyeyDM
/dcUSVL5UiyYMX11XlHlhxpd6pVdBppXuvXp0IbtHhrDVzu8M+BhIEWgIR8WCzdU
aI1dyGZRv7POF7AJmpC5FuTAWoUOyqCxO0wxDmzfDHYYMMdxbW3JerXl4On/idPK
fCZrsQP3oypwcMdKkETbejwp0DgRPeH41B0p9tNoCIF1+WOtIyDoGR7C8vXLusjT
nSGgZORwHae1Wz0X3YGqTk0TgLe9Enm0ddC7mcfOhibKmXGsMvWcwiPLjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChzlqRfyigKcRsL24pmxu/LwdrDMB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAawhiLiSV
6QaRvxfYH1QlPGtkW45f5aZQfd6acTram1+QgEEnZw1MJuQF23PaJA7wtXqa2PmU
VHW1WbnBe82eVBgknkfRmVGg2VhwXSd7Z1JNh6Vi5AF39bqvnZP/VqAnteisAjqX
ZthCbbNqKEHntp3UaO0Sld2yfI+VLt3Vgo8jIZPysb4m0h7U8e1p7V9WPXGstLh0
/wcuzf0dgvtnMAb6Ys/GFSJaZA8xlG4wC5dYaHz56N6RYKzuQqNtcFg3M37zg+5W
Fc04zyUW0u3UAQ7vNNjExyvR1DQZbM9jY2yK+fjfEu5/njbRlCZOo15j+GIOjoZU
3y4069iOrFJe0g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:42 2025 by rpki-client