Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: JpD6+JAS1VYkxOgNa0qDhP/LX9wdbPRMqT2BeuvVHE8=
Subject key identifier: 41:82:2D:7F:92:8C:0F:CD:3E:9D:95:E6:3B:91:8B:55:99:FB:FC:84
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019A4E86BAC22221541F05398938F1B732A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 1360
Signing time: Tue 04 Nov 2025 11:00:43 +0000
Manifest this update: Tue 04 Nov 2025 11:00:43 +0000
Manifest next update: Wed 05 Nov 2025 11:00:43 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: jdoFmeBgnpAqBR/JARePOEct+12pL0UhQ2TOCliUcNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:ba:c2:22:21:54:1f:05:39:89:38:f1:b7:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Nov 4 11:00:43 2025 GMT
Not After : Nov 5 11:00:43 2025 GMT
Subject: CN=41822d7f928c0fcd3e9d95e63b918b5599fbfc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:b6:ef:6e:01:71:85:c7:1c:f6:5a:94:09:
bb:b0:1b:f8:be:98:6f:3d:e5:4f:62:59:02:fc:25:
8c:48:80:c9:43:75:28:7c:72:1b:d9:ce:97:28:c4:
cd:91:3c:40:fd:5a:df:60:07:ee:92:b4:d6:ec:4f:
2d:fd:13:69:94:86:e8:e8:92:64:cb:8b:ab:49:c2:
75:4a:55:74:08:04:8c:1d:62:fc:04:43:85:b1:70:
c5:a2:40:b2:12:83:e9:eb:b2:11:e4:d6:ba:f2:dd:
b9:b2:9c:ae:54:71:9e:4c:e8:0e:c8:59:b9:4a:d0:
ba:ed:8f:07:50:83:f0:3e:85:32:b6:e5:f5:a9:fc:
a9:9b:e5:19:e9:22:ac:ab:1d:d1:0a:09:0a:e8:2c:
13:d0:b7:29:88:29:c3:2e:a5:5b:16:5f:5e:3f:d8:
5f:f8:be:28:33:e1:90:9e:d5:53:5e:c8:6c:8f:31:
2b:d0:30:a1:31:e5:9c:5c:52:99:09:bb:9b:bb:0d:
7c:4c:41:75:01:69:08:8b:c0:b1:10:86:a6:98:d3:
97:72:ec:ae:5c:45:59:0c:85:6e:e6:d8:b8:6e:53:
e4:b0:72:4c:0b:5a:fd:f2:30:14:df:af:18:32:e2:
4a:5a:9c:8c:c0:63:f0:93:8f:39:d9:88:20:d0:a2:
4f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:82:2D:7F:92:8C:0F:CD:3E:9D:95:E6:3B:91:8B:55:99:FB:FC:84
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:24:ed:6c:e7:32:b2:c1:30:eb:c8:6e:9c:ef:d4:37:b3:38:
58:d7:e9:a1:57:b1:81:75:15:dd:de:b3:cf:7c:1e:a0:f3:13:
3e:e0:99:86:51:30:8b:fc:2f:4e:c4:a4:f7:59:43:00:b5:8d:
11:3c:fa:fd:86:e3:7b:05:cf:51:27:86:15:fb:84:7e:17:94:
a6:14:62:27:dd:af:d9:bd:43:57:4d:91:6c:9b:9f:84:36:63:
c3:dd:c1:a2:05:69:b8:69:f1:6b:e0:8c:3f:2b:1b:ed:1a:2c:
36:b1:92:b7:88:a7:88:d0:9b:0f:a0:ec:c9:ed:0a:ad:ad:bd:
a5:04:f2:1d:83:7f:dc:ab:d8:e9:19:a9:08:99:a4:52:c1:27:
4e:6a:27:f5:56:05:4e:58:78:76:ed:25:7a:4b:e2:63:5a:94:
68:83:59:d3:b8:e5:3b:dc:1b:b4:8d:94:1f:e4:48:c7:4c:82:
2c:73:3c:ff:5d:e2:a2:91:2b:67:68:a8:aa:ff:d9:b3:dd:a3:
9e:28:ad:7c:22:38:6a:4b:bb:25:4e:e4:51:7f:88:3b:64:53:
89:58:30:31:87:04:86:88:79:bf:58:ff:5e:23:b8:fb:c4:a7:
98:bb:31:38:cb:d1:92:c4:6a:39:95:44:55:5c:4b:5b:e9:be:
12:99:96:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhrrCIiFUHwU5iTjxtzKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUxMTA0MTEwMDQzWhcNMjUxMTA1MTEwMDQzWjAzMTEwLwYDVQQD
Eyg0MTgyMmQ3ZjkyOGMwZmNkM2U5ZDk1ZTYzYjkxOGI1NTk5ZmJmYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgG2724BcYXHHPZalAm7sBv4vphv
PeVPYlkC/CWMSIDJQ3UofHIb2c6XKMTNkTxA/VrfYAfukrTW7E8t/RNplIbo6JJk
y4urScJ1SlV0CASMHWL8BEOFsXDFokCyEoPp67IR5Na68t25spyuVHGeTOgOyFm5
StC67Y8HUIPwPoUytuX1qfypm+UZ6SKsqx3RCgkK6CwT0LcpiCnDLqVbFl9eP9hf
+L4oM+GQntVTXshsjzEr0DChMeWcXFKZCbubuw18TEF1AWkIi8CxEIammNOXcuyu
XEVZDIVu5ti4blPksHJMC1r98jAU368YMuJKWpyMwGPwk4852Ygg0KJPHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGCLX+SjA/NPp2V5juRi1WZ+/yEMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCTtbOcy
ssEw68hunO/UN7M4WNfpoVexgXUV3d6zz3weoPMTPuCZhlEwi/wvTsSk91lDALWN
ETz6/YbjewXPUSeGFfuEfheUphRiJ92v2b1DV02RbJufhDZjw93BogVpuGnxa+CM
Pysb7RosNrGSt4iniNCbD6Dsye0Kra29pQTyHYN/3KvY6RmpCJmkUsEnTmon9VYF
Tlh4du0lekviY1qUaINZ07jlO9wbtI2UH+RIx0yCLHM8/13iopErZ2ioqv/Zs92j
niitfCI4aku7JU7kUX+IO2RTiVgwMYcEhoh5v1j/XiO4+8SnmLsxOMvRksRqOZVE
VVxLW+m+EpmWQA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:54:26 2025 by rpki-client