Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
File: aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft (raw, json)
Hash identifier: JVNYqxrdGxhFYq8eySMy7OTU/XbhlqdfiymxQxykCrs=
Subject key identifier: 5F:C7:22:53:27:AA:C8:A2:80:B6:06:79:BB:5A:1A:3A:E3:5F:E1:9D
Authority key identifier: 68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
Certificate issuer: /CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Certificate serial: 019A71133BCCEDF86171ACDFE29E2B3A37D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
Manifest number: 0689
Signing time: Tue 11 Nov 2025 04:01:17 +0000
Manifest this update: Tue 11 Nov 2025 04:01:17 +0000
Manifest next update: Wed 12 Nov 2025 04:01:17 +0000
Files and hashes: 1: AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa (hash: O5F5OKdgmFhYvl6NemyAslo9muG5v3CdZb38avB1q8I=)
2: aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl (hash: QxPeK0DLfyIbiPi9JjnMd8YcuzZyCK2GKpIVGaXWlj0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:3b:cc:ed:f8:61:71:ac:df:e2:9e:2b:3a:37:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Validity
Not Before: Nov 11 04:01:17 2025 GMT
Not After : Nov 12 04:01:17 2025 GMT
Subject: CN=5fc7225327aac8a280b60679bb5a1a3ae35fe19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:05:9d:5c:7f:47:57:0b:bc:a1:50:da:8f:47:
39:a2:12:49:6b:3e:b1:56:4b:34:d3:20:c2:d8:2c:
02:ed:b8:29:19:fa:66:96:7a:6b:7f:28:cb:69:08:
58:48:cb:55:e5:f6:a2:81:27:2e:80:e6:00:08:9f:
71:ec:d9:0e:1c:03:32:d5:79:f7:65:cc:b7:5d:8d:
46:0f:71:a2:ef:9d:bf:a1:95:ee:b4:85:fd:b7:58:
f5:d9:d4:2d:b2:0d:24:51:0b:42:d2:6f:ee:78:05:
1a:72:c0:ae:18:51:6f:e9:06:24:96:0b:a7:34:0b:
e5:14:99:a1:e7:27:5c:ba:f2:10:1d:0a:e4:f1:f1:
19:2c:fa:0e:39:f7:03:11:ce:36:59:56:56:ad:63:
c7:4a:87:39:f2:99:2a:ef:18:ac:fa:1b:a9:c1:f7:
ba:12:2c:df:32:9f:90:a5:e6:0f:28:da:82:51:1e:
ab:4f:d3:c2:59:b8:05:a4:12:2a:b9:23:8d:2a:7f:
79:73:a5:0c:cd:f9:17:92:db:c0:60:9e:4c:26:bf:
87:ea:f8:17:c2:e7:67:58:bb:0f:81:7c:4a:f0:bd:
d4:e3:50:83:43:3b:e2:25:6a:9c:c4:f1:2e:61:75:
f9:a3:6e:e7:5a:1f:c8:a1:bf:4b:af:6a:1b:8f:12:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C7:22:53:27:AA:C8:A2:80:B6:06:79:BB:5A:1A:3A:E3:5F:E1:9D
X509v3 Authority Key Identifier:
keyid:68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:6c:57:6a:e3:c2:1b:3d:ca:17:23:fe:5b:8f:d2:50:32:1d:
14:6e:72:09:1c:77:46:7e:ba:48:48:0e:ec:c4:42:2a:f1:4c:
24:1f:17:04:39:7c:8c:07:0a:e5:a3:e0:a7:2b:8a:b4:82:f3:
57:64:c8:22:c5:70:ce:e8:ba:c7:ea:94:ed:03:df:47:36:06:
a3:f4:ff:06:d9:25:5c:84:d2:7d:77:18:3d:8a:a5:b7:57:83:
a0:fc:0b:e8:01:4c:f9:e2:b6:e6:f6:d1:08:12:95:63:a8:42:
49:cc:99:ee:b8:0b:45:cb:ab:43:5d:8a:d1:87:f6:a7:bf:3e:
f4:b3:01:22:1e:18:36:e0:59:51:27:fb:fa:a4:80:61:35:c1:
94:a0:20:68:00:a4:a3:c0:b1:ad:56:fc:3b:64:b7:dc:59:41:
fc:fd:b0:43:03:a7:dd:c4:3d:cb:0c:50:e3:89:38:f7:97:e2:
f6:5f:96:d5:86:fd:b4:4f:e9:35:c7:d9:77:6c:66:c8:1e:0a:
50:4e:08:fb:e2:f6:49:f5:5d:11:e9:ea:fb:42:fa:61:4d:82:
dd:dd:8a:f5:8a:9f:c8:46:6b:37:8f:f8:64:7c:a1:b3:ee:18:
db:08:3f:82:c8:1c:05:de:0f:e3:f0:f1:23:b5:4c:f1:e8:d7:
fa:d4:43:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEzvM7fhhcazf4p4rOjfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2I5MWVkYTE2YjZmMWIxZmEwMTc1ZDY3Yzc5OTRmNjkx
ZDhlOTcwHhcNMjUxMTExMDQwMTE3WhcNMjUxMTEyMDQwMTE3WjAzMTEwLwYDVQQD
Eyg1ZmM3MjI1MzI3YWFjOGEyODBiNjA2NzliYjVhMWEzYWUzNWZlMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswWdXH9HVwu8oVDaj0c5ohJJaz6x
Vks00yDC2CwC7bgpGfpmlnprfyjLaQhYSMtV5faigScugOYACJ9x7NkOHAMy1Xn3
Zcy3XY1GD3Gi752/oZXutIX9t1j12dQtsg0kUQtC0m/ueAUacsCuGFFv6QYklgun
NAvlFJmh5ydcuvIQHQrk8fEZLPoOOfcDEc42WVZWrWPHSoc58pkq7xis+hupwfe6
EizfMp+QpeYPKNqCUR6rT9PCWbgFpBIquSONKn95c6UMzfkXktvAYJ5MJr+H6vgX
wudnWLsPgXxK8L3U41CDQzviJWqcxPEuYXX5o27nWh/Iob9Lr2objxKimwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/HIlMnqsiigLYGebtaGjrjX+GdMB8GA1UdIwQY
MBaAFGh7ke2ha28bH6AXXWfHmU9pHY6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWIt
ZGZmZTU5MDIzZTg5LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWItZGZmZTU5MDIzZTg5
LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJmxXauPC
Gz3KFyP+W4/SUDIdFG5yCRx3Rn66SEgO7MRCKvFMJB8XBDl8jAcK5aPgpyuKtILz
V2TIIsVwzui6x+qU7QPfRzYGo/T/BtklXITSfXcYPYqlt1eDoPwL6AFM+eK25vbR
CBKVY6hCScyZ7rgLRcurQ12K0Yf2p78+9LMBIh4YNuBZUSf7+qSAYTXBlKAgaACk
o8CxrVb8O2S33FlB/P2wQwOn3cQ9ywxQ44k495fi9l+W1Yb9tE/pNcfZd2xmyB4K
UE4I++L2SfVdEenq+0L6YU2C3d2K9YqfyEZrN4/4ZHyhs+4Y2wg/gsgcBd4P4/Dx
I7VM8ejX+tRDPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:50 2025 by rpki-client