Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
File: 5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft (raw, json)
Hash identifier: vLR4TxjycJUR8F4ywJfq52XTvXm1IVgjH7XayagKPGo=
Subject key identifier: 10:D5:12:87:CF:FB:52:48:DF:03:CB:55:E7:9C:3A:AD:58:AE:D2:EE
Authority key identifier: 5A:FF:13:D5:A7:1C:FB:0D:A3:8D:8D:3D:81:E1:3E:AF:40:41:6A:74
Certificate issuer: /CN=5aff13d5a71cfb0da38d8d3d81e13eaf40416a74
Certificate serial: 4955F24AA6DA3B73A1B6324DBCFB204F4EB45B71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
Manifest number: 04A5
Signing time: Tue 11 Nov 2025 00:18:59 +0000
Manifest this update: Tue 11 Nov 2025 00:13:59 +0000
Manifest next update: Wed 12 Nov 2025 03:28:59 +0000
Files and hashes: 1: 39312e3232392e3138302e302f32342d3234203d3e2036303739.roa (hash: +bVqrEMFd6OlmJt6OXUAm36lf7U27Wity5s8ggfbbQs=)
2: 5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl (hash: 0xFKlTQSLvJe94uibdT/yrpOy20zEAx/7q1H2YunsoU=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl
rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:55:f2:4a:a6:da:3b:73:a1:b6:32:4d:bc:fb:20:4f:4e:b4:5b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aff13d5a71cfb0da38d8d3d81e13eaf40416a74
Validity
Not Before: Nov 11 00:13:59 2025 GMT
Not After : Nov 12 03:28:59 2025 GMT
Subject: CN=10D51287CFFB5248DF03CB55E79C3AAD58AED2EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:63:c0:49:65:49:cb:da:85:b9:9d:5f:61:7e:
ad:c8:69:17:ba:c9:25:00:eb:41:34:c1:97:7a:fc:
6a:d3:ce:cc:3d:ed:8f:9c:50:e3:07:a1:b4:0f:38:
ce:83:83:c6:a9:6c:b5:fc:9d:97:bb:d5:6a:b3:f8:
63:11:74:39:e3:f5:0e:1f:d7:64:f4:23:d8:1b:a2:
cd:fb:79:4d:80:f4:d7:e3:c1:50:c4:6a:57:61:59:
77:3d:71:47:7f:26:fa:41:e7:e8:dd:bf:2c:2a:f3:
35:8d:73:9d:31:1a:61:b4:75:10:a3:96:01:33:6b:
e1:af:da:e1:fc:5b:d5:1e:7b:7b:00:c4:94:3d:b3:
38:fd:2a:54:c3:fb:9b:d0:c8:2b:5a:84:9a:8b:bf:
9a:69:53:5c:27:3e:0b:33:61:1b:65:43:ac:1b:22:
54:d5:d3:10:a9:e8:e3:3d:34:c9:25:df:51:01:a1:
d1:7f:97:de:a4:7c:24:2e:7a:92:59:89:80:fe:16:
3a:04:76:dd:c0:73:7d:b2:75:84:25:21:24:d1:f7:
17:0e:f3:36:d9:46:25:e5:32:bb:de:76:f9:12:c3:
b4:04:db:ae:66:28:34:0e:26:c7:33:62:d7:cd:11:
80:d9:9f:84:89:5f:bb:74:5c:0b:4c:bf:a6:34:5a:
5a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D5:12:87:CF:FB:52:48:DF:03:CB:55:E7:9C:3A:AD:58:AE:D2:EE
X509v3 Authority Key Identifier:
keyid:5A:FF:13:D5:A7:1C:FB:0D:A3:8D:8D:3D:81:E1:3E:AF:40:41:6A:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:41:2c:3f:83:24:07:7c:98:4c:91:56:cf:97:49:37:e2:6e:
dc:fb:b1:0d:7e:bb:74:6a:84:c3:9e:37:c6:db:25:f8:8a:2b:
f8:d3:44:c2:1a:05:d7:73:2f:19:a1:3b:1c:20:af:3a:ba:81:
f3:ca:01:bf:4d:7c:95:af:09:b4:6f:de:a2:81:36:52:49:cb:
ba:db:ff:de:13:95:92:af:9c:50:4a:e7:4c:de:b1:60:62:85:
e3:f3:95:21:2a:10:f0:37:54:ed:84:77:1c:25:e9:68:2a:7e:
64:74:96:0e:d0:4f:7f:1e:6b:f2:45:72:f4:66:ca:62:45:ae:
68:71:fa:df:e1:f9:f3:cc:cb:b1:c4:39:3e:ef:a0:2d:4e:39:
a8:30:b1:f2:38:ee:1b:c2:22:f7:97:cb:76:5e:09:ca:71:0c:
c0:67:06:75:dc:bc:2c:47:ab:3a:4d:69:8e:69:d8:de:4f:db:
e2:48:be:18:a7:20:8e:54:12:e2:27:5e:53:b7:86:18:1a:3e:
45:7b:40:e7:67:a0:43:5d:9f:a2:72:1a:5d:a8:a9:29:2d:02:
e4:9c:f6:2a:53:7b:d2:94:18:29:85:96:00:e2:e6:63:28:0a:
40:87:ab:b5:c3:ed:0e:52:5d:41:f9:1f:ff:ff:25:e7:05:38:
44:c9:9e:d5
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUSVXySqbaO3OhtjJNvPsgT060W3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFmZjEzZDVhNzFjZmIwZGEzOGQ4ZDNkODFlMTNlYWY0
MDQxNmE3NDAeFw0yNTExMTEwMDEzNTlaFw0yNTExMTIwMzI4NTlaMDMxMTAvBgNV
BAMTKDEwRDUxMjg3Q0ZGQjUyNDhERjAzQ0I1NUU3OUMzQUFENThBRUQyRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Y8BJZUnL2oW5nV9hfq3IaRe6
ySUA60E0wZd6/GrTzsw97Y+cUOMHobQPOM6Dg8apbLX8nZe71Wqz+GMRdDnj9Q4f
12T0I9gbos37eU2A9NfjwVDEaldhWXc9cUd/JvpB5+jdvywq8zWNc50xGmG0dRCj
lgEza+Gv2uH8W9Uee3sAxJQ9szj9KlTD+5vQyCtahJqLv5ppU1wnPgszYRtlQ6wb
IlTV0xCp6OM9NMkl31EBodF/l96kfCQuepJZiYD+FjoEdt3Ac32ydYQlISTR9xcO
8zbZRiXlMrvedvkSw7QE265mKDQOJsczYtfNEYDZn4SJX7t0XAtMv6Y0WlqTAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUENUSh8/7UkjfA8tV55w6rViu0u4wHwYDVR0j
BBgwFoAUWv8T1acc+w2jjY09geE+r0BBanQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA3M2M5NWEtYWFjNy00M2VjLTgxOGItMWY0MmY2MjI3
NWY1LzAvNUFGRjEzRDVBNzFDRkIwREEzOEQ4RDNEODFFMTNFQUY0MDQxNkE3NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d2OFQxYWNjLXcyampZMDlnZUUtcjBC
QmFuUS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82MDczYzk1YS1h
YWM3LTQzZWMtODE4Yi0xZjQyZjYyMjc1ZjUvMC81QUZGMTNENUE3MUNGQjBEQTM4
RDhEM0Q4MUUxM0VBRjQwNDE2QTc0Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE0EsP4MkB3yYTJFWz5dJ
N+Ju3PuxDX67dGqEw543xtsl+Ior+NNEwhoF13MvGaE7HCCvOrqB88oBv018la8J
tG/eooE2UknLutv/3hOVkq+cUErnTN6xYGKF4/OVISoQ8DdU7YR3HCXpaCp+ZHSW
DtBPfx5r8kVy9GbKYkWuaHH63+H588zLscQ5Pu+gLU45qDCx8jjuG8Ii95fLdl4J
ynEMwGcGddy8LEerOk1pjmnY3k/b4ki+GKcgjlQS4ideU7eGGBo+RXtA52egQ12f
onIaXaipKS0C5Jz2KlN70pQYKYWWAOLmYygKQIertcPtDlJdQfkf//8l5wU4RMme
1Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:53 2025 by rpki-client