Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
File: aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft (raw, json)
Hash identifier: tRfg1XHXtqsWTRHMkt5YJxgzI11klDbkCwD8QzJzr5Q=
Subject key identifier: BD:3B:2C:E5:AF:21:45:C8:77:EC:11:D0:E4:10:17:E6:44:8C:04:10
Authority key identifier: 68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
Certificate issuer: /CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Certificate serial: 019A4F98EF58C7969074B0836B3D00069E6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
Manifest number: 05CB
Signing time: Tue 04 Nov 2025 16:00:13 +0000
Manifest this update: Tue 04 Nov 2025 16:00:13 +0000
Manifest next update: Wed 05 Nov 2025 16:00:13 +0000
Files and hashes: 1: N-BSf874DQvK549b1pSEfsfJ-W8.roa (hash: bW40XSisvNpm05Mkk5fR9GiNdKpGc7uzNKkhrhBHqx4=)
2: aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl (hash: PN4RgE9KSKh0wCtHQ/GSQM7C8veb+sjdi9IlxfpCMxU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:98:ef:58:c7:96:90:74:b0:83:6b:3d:00:06:9e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Validity
Not Before: Nov 4 16:00:13 2025 GMT
Not After : Nov 5 16:00:13 2025 GMT
Subject: CN=bd3b2ce5af2145c877ec11d0e41017e6448c0410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:00:3c:b6:df:e5:3e:76:5a:1a:11:75:4e:5b:
bb:6c:b3:8c:f7:88:66:30:69:5b:23:a2:53:7d:92:
cc:cb:5f:48:f3:5a:65:18:c2:18:26:e8:e7:56:5b:
b7:06:63:53:05:f4:ef:95:fa:81:41:97:b3:68:41:
ed:9d:6d:e0:6c:ce:e2:ac:35:81:66:92:57:9c:15:
fa:67:e2:51:03:44:cf:ff:91:ea:8f:bf:44:9d:ec:
c7:e8:0f:ca:2d:c3:a2:08:98:a7:39:6e:35:7c:41:
3f:08:d9:a1:f4:fb:c3:6f:a3:b0:70:55:d8:1d:64:
d9:42:6d:97:1e:67:00:21:f7:10:b8:3f:1a:de:5c:
68:ee:c4:c7:a9:7f:a0:34:e3:b1:51:53:55:f1:0b:
7f:5d:ef:76:83:73:ea:2c:6b:16:d1:a9:05:a8:f8:
9c:d0:50:83:93:58:66:16:d9:b0:a0:25:06:64:df:
87:b0:8c:45:09:1b:0d:ec:0c:b2:a8:e6:37:66:3a:
14:dd:5f:1f:e5:68:3a:2f:95:fe:a1:16:d9:67:af:
5b:61:5a:1a:cd:f3:ee:7f:02:ec:d2:59:94:05:3c:
24:ed:7e:cf:59:5a:09:6b:e7:a3:3b:57:93:e1:1d:
3d:f9:a1:39:ab:ce:ba:7e:5b:5d:48:18:36:12:55:
2c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3B:2C:E5:AF:21:45:C8:77:EC:11:D0:E4:10:17:E6:44:8C:04:10
X509v3 Authority Key Identifier:
keyid:68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:55:22:c6:eb:bc:7b:d2:7e:b0:2f:c6:cd:c4:cf:69:d6:c7:
68:a0:33:7b:62:e6:02:52:06:ae:41:87:e5:0c:52:07:6f:8f:
c3:6f:68:6f:18:e4:83:7b:a6:fd:68:99:98:20:ad:04:2c:d8:
22:df:77:fc:86:37:53:00:99:81:2a:b5:42:f5:8e:5a:e1:ec:
d7:0d:a1:c5:35:45:05:db:18:37:96:03:7b:39:06:e2:16:cc:
f3:69:d7:3d:48:4b:9d:6d:c7:c4:12:10:86:e2:c1:7e:c1:0c:
ef:f9:c6:45:02:cf:91:eb:26:80:02:01:a7:d1:56:c6:8e:40:
52:52:d7:5c:07:55:38:80:d5:02:23:2a:a1:c2:8e:75:dd:55:
0b:9f:a5:ae:19:c8:13:c2:a7:d4:1c:df:24:5d:e3:78:3e:8e:
d8:1f:41:5f:9b:88:86:e9:cc:c5:1e:08:93:25:f9:5a:b9:2f:
7d:a6:fb:eb:2a:4b:8f:39:76:e4:7d:eb:a9:9c:93:6b:41:5d:
34:ae:fd:32:94:a4:77:bd:33:f4:3c:ea:b7:69:bf:e0:51:0d:
d3:ce:9d:1c:38:6d:be:81:95:74:0a:33:0c:41:eb:de:bc:2c:
65:89:46:18:94:1f:06:f2:2d:c7:5c:57:7f:02:5b:68:6c:f1:
62:72:3c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmO9Yx5aQdLCDaz0ABp5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjgzZTJhMzQxNDVhZDQ3ZTBjYzJiM2M3OWZjNjMxMmJh
ZTJjNzEwHhcNMjUxMTA0MTYwMDEzWhcNMjUxMTA1MTYwMDEzWjAzMTEwLwYDVQQD
EyhiZDNiMmNlNWFmMjE0NWM4NzdlYzExZDBlNDEwMTdlNjQ0OGMwNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgA8tt/lPnZaGhF1Tlu7bLOM94hm
MGlbI6JTfZLMy19I81plGMIYJujnVlu3BmNTBfTvlfqBQZezaEHtnW3gbM7irDWB
ZpJXnBX6Z+JRA0TP/5Hqj79EnezH6A/KLcOiCJinOW41fEE/CNmh9PvDb6OwcFXY
HWTZQm2XHmcAIfcQuD8a3lxo7sTHqX+gNOOxUVNV8Qt/Xe92g3PqLGsW0akFqPic
0FCDk1hmFtmwoCUGZN+HsIxFCRsN7AyyqOY3ZjoU3V8f5Wg6L5X+oRbZZ69bYVoa
zfPufwLs0lmUBTwk7X7PWVoJa+ejO1eT4R09+aE5q866fltdSBg2ElUsuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL07LOWvIUXId+wR0OQQF+ZEjAQQMB8GA1UdIwQY
MBaAFGj4Pio0FFrUfgzCs8efxjErrixxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQt
NzkyODAyYzQzOTI1LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQtNzkyODAyYzQzOTI1
LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVUixuu8
e9J+sC/GzcTPadbHaKAze2LmAlIGrkGH5QxSB2+Pw29obxjkg3um/WiZmCCtBCzY
It93/IY3UwCZgSq1QvWOWuHs1w2hxTVFBdsYN5YDezkG4hbM82nXPUhLnW3HxBIQ
huLBfsEM7/nGRQLPkesmgAIBp9FWxo5AUlLXXAdVOIDVAiMqocKOdd1VC5+lrhnI
E8Kn1BzfJF3jeD6O2B9BX5uIhunMxR4IkyX5Wrkvfab76ypLjzl25H3rqZyTa0Fd
NK79MpSkd70z9Dzqt2m/4FEN086dHDhtvoGVdAozDEHr3rwsZYlGGJQfBvItx1xX
fwJbaGzxYnI8gw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:31:15 2025 by rpki-client