Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
File: paimkAmtLokJhr3XbGM8GzHwbzo.mft (raw, json)
Hash identifier: BhZlg4D5YFnfOz5tnK6OeJEUVRmWVuzFbaiHc51uJIA=
Subject key identifier: D9:93:70:1B:26:AC:97:D6:3C:D9:7F:83:C7:97:94:01:58:79:2F:EC
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 019A73385D351A8D0A7DE5932A363F8E3F8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
Manifest number: 0808
Signing time: Tue 11 Nov 2025 14:01:05 +0000
Manifest this update: Tue 11 Nov 2025 14:01:05 +0000
Manifest next update: Wed 12 Nov 2025 14:01:05 +0000
Files and hashes: 1: 6FOwPkcLo51Q3D-jQMVy5DzuCjo.roa (hash: ZMfa+VC1JK7r5J2BdtywNHEZxOWql9OfKZrNLteanPw=)
2: paimkAmtLokJhr3XbGM8GzHwbzo.crl (hash: ZqiF7Ji/gZ2XS7FaH4VG7/Y8IfPBaD8CHIQzNhew5L8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:5d:35:1a:8d:0a:7d:e5:93:2a:36:3f:8e:3f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Nov 11 14:01:05 2025 GMT
Not After : Nov 12 14:01:05 2025 GMT
Subject: CN=d993701b26ac97d63cd97f83c797940158792fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:86:ff:94:54:c7:79:8f:50:68:95:d4:2a:
e8:b6:f8:7e:4e:05:1c:ae:ec:ae:3c:35:4a:02:a4:
19:ee:41:26:64:f9:99:e0:ea:30:d1:04:1c:72:2e:
cb:32:7d:13:d9:26:48:80:40:ef:69:27:d9:c9:d7:
86:67:39:11:33:45:e5:63:69:de:4c:ed:12:17:43:
af:bc:6e:c2:72:fb:b3:5c:37:13:f5:1b:9f:77:55:
60:e7:4c:91:73:74:6b:01:9e:97:a1:7e:70:5b:17:
9f:e5:32:8f:af:e6:f0:cf:a5:a8:32:de:96:95:2d:
c8:1d:f1:ec:fa:7b:9c:e8:b7:54:20:8b:e8:02:8b:
13:e8:fc:b3:60:ef:28:56:dc:52:dc:f2:b5:58:d8:
33:84:6b:95:a3:9b:c2:cc:de:88:3b:d1:ae:ad:cd:
86:ee:f1:c4:58:46:07:af:1c:ae:86:f6:8a:05:84:
30:49:88:cb:fc:72:33:26:6c:64:c3:8f:66:30:6e:
e1:1a:1a:4f:ea:6f:aa:9f:68:13:28:32:2c:ab:99:
63:ac:d7:5d:d2:0b:97:c2:67:95:f2:75:10:85:53:
59:8a:51:55:3d:5d:d8:c5:36:c4:34:28:e4:c4:c2:
bc:4d:c5:da:56:be:bf:d7:52:ff:4b:b8:83:f1:31:
b7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:93:70:1B:26:AC:97:D6:3C:D9:7F:83:C7:97:94:01:58:79:2F:EC
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:0b:de:27:69:d9:af:7b:e5:c8:a8:94:c0:39:fd:d0:8b:e9:
96:9c:a9:0c:16:ad:23:8f:24:e3:0a:58:0e:57:c9:0f:93:31:
15:06:d9:45:1d:fc:a0:c9:1b:a0:09:e9:74:7d:21:75:71:bf:
3a:74:9e:16:68:04:5a:d0:7f:ee:16:15:8d:58:1b:8a:84:e2:
b2:ff:cc:8b:36:eb:44:13:6d:6b:93:8f:88:ac:c6:b4:6c:4d:
62:dc:80:30:b5:d5:70:7b:9c:98:2a:45:75:9d:89:ca:a8:dc:
91:68:d5:5b:59:ae:58:6d:dd:75:f0:2a:c0:4d:e9:b0:a8:bd:
63:cf:06:7b:ea:23:9a:b4:32:73:05:3b:53:9d:92:84:46:da:
40:e1:47:3b:53:57:8b:2b:46:61:80:0c:52:d3:2c:10:4c:19:
64:9b:e8:0b:a4:c8:93:48:c5:65:69:9e:89:c9:aa:53:70:ba:
db:ca:57:db:c5:3d:67:1f:99:de:58:d6:c3:5f:4a:2b:8d:0b:
90:2d:1a:4d:3e:0e:da:f1:01:2a:17:42:2a:26:75:20:18:6a:
8d:02:8a:6e:95:09:7b:8b:5e:68:49:25:57:97:1d:d4:b0:87:
27:3e:98:46:1e:0d:da:54:c8:06:6b:82:8e:2d:3a:6f:a5:27:
2e:1a:75:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOF01Go0KfeWTKjY/jj+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjUxMTExMTQwMTA1WhcNMjUxMTEyMTQwMTA1WjAzMTEwLwYDVQQD
EyhkOTkzNzAxYjI2YWM5N2Q2M2NkOTdmODNjNzk3OTQwMTU4NzkyZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAeG/5RUx3mPUGiV1Crotvh+TgUc
ruyuPDVKAqQZ7kEmZPmZ4Oow0QQcci7LMn0T2SZIgEDvaSfZydeGZzkRM0XlY2ne
TO0SF0OvvG7CcvuzXDcT9Rufd1Vg50yRc3RrAZ6XoX5wWxef5TKPr+bwz6WoMt6W
lS3IHfHs+nuc6LdUIIvoAosT6PyzYO8oVtxS3PK1WNgzhGuVo5vCzN6IO9Gurc2G
7vHEWEYHrxyuhvaKBYQwSYjL/HIzJmxkw49mMG7hGhpP6m+qn2gTKDIsq5ljrNdd
0guXwmeV8nUQhVNZilFVPV3YxTbENCjkxMK8TcXaVr6/11L/S7iD8TG3tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmTcBsmrJfWPNl/g8eXlAFYeS/sMB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYgveJ2nZ
r3vlyKiUwDn90IvplpypDBatI48k4wpYDlfJD5MxFQbZRR38oMkboAnpdH0hdXG/
OnSeFmgEWtB/7hYVjVgbioTisv/MizbrRBNta5OPiKzGtGxNYtyAMLXVcHucmCpF
dZ2JyqjckWjVW1muWG3ddfAqwE3psKi9Y88Ge+ojmrQycwU7U52ShEbaQOFHO1NX
iytGYYAMUtMsEEwZZJvoC6TIk0jFZWmeicmqU3C628pX28U9Zx+Z3ljWw19KK40L
kC0aTT4O2vEBKhdCKiZ1IBhqjQKKbpUJe4teaEklV5cd1LCHJz6YRh4N2lTIBmuC
ji06b6UnLhp17g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:06 2025 by rpki-client