Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: hG8AcyLWu2IEjJDR+Z/gYfin4oOphfJ2bs7qHgtISfo=
Subject key identifier: D5:84:D1:73:A8:F0:BC:E9:89:29:99:EC:AC:C2:63:1E:B4:E1:B0:4B
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 019A50E2E4B4F2CA669BF6C25D62509B0568
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 1710
Signing time: Tue 04 Nov 2025 22:00:38 +0000
Manifest this update: Tue 04 Nov 2025 22:00:38 +0000
Manifest next update: Wed 05 Nov 2025 22:00:38 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: OtCYVIfI+yHM3UzhoNSvFNQSV4kWSEgj9eSS6g3fzvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e2:e4:b4:f2:ca:66:9b:f6:c2:5d:62:50:9b:05:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Nov 4 22:00:38 2025 GMT
Not After : Nov 5 22:00:38 2025 GMT
Subject: CN=d584d173a8f0bce9892999ecacc2631eb4e1b04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:e8:13:a8:d9:7c:e3:46:d5:8f:e8:f4:75:
0d:0d:71:be:77:db:04:9d:fe:83:33:b7:0c:4f:d1:
08:37:b7:d4:35:76:ac:4a:96:72:78:b6:71:fd:8f:
0f:48:23:f9:86:31:bc:e6:df:b5:89:65:73:a9:2e:
2e:d6:0c:e9:c0:c7:41:78:12:63:3d:1b:96:86:cc:
5b:18:c2:b7:c1:3c:d5:ba:8c:91:fb:42:93:6c:20:
bf:6e:f2:9d:00:a2:b1:c8:07:82:7c:c8:f3:87:6d:
7b:73:f5:0a:fc:d4:11:b6:26:80:ea:ef:40:d9:1a:
25:1a:5e:d1:48:c4:be:30:aa:3a:51:5f:78:b6:42:
6a:2b:8d:bc:26:ea:cf:df:a3:55:38:83:ad:73:38:
73:87:d5:50:6f:04:5b:81:e2:65:95:d3:01:9a:8b:
9a:d7:2d:96:13:a5:dd:20:9d:cc:2b:54:5d:9b:3d:
88:55:bd:ee:5d:ed:2f:d6:e5:60:6d:93:7b:4c:9d:
4b:a5:f1:d2:2c:58:c5:30:35:bf:ed:2a:c4:09:0f:
9e:5a:bb:cc:b3:50:67:e1:03:a3:ab:b4:00:16:d6:
0d:f4:d9:d7:15:3f:31:88:54:03:9c:fd:b5:6c:2b:
56:17:60:1e:60:11:71:ba:bc:0a:07:7b:f6:bf:70:
a3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:84:D1:73:A8:F0:BC:E9:89:29:99:EC:AC:C2:63:1E:B4:E1:B0:4B
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:ed:9c:c0:6f:e6:08:b3:79:87:b0:39:2f:48:29:11:37:79:
ca:e3:fe:1a:08:4e:9a:de:e6:2f:bb:9b:2b:14:c5:3b:fd:29:
4f:10:6e:c9:58:94:15:a1:e9:1d:0b:10:2e:33:a7:ba:99:03:
40:cc:66:af:19:87:19:fb:62:4c:63:67:cd:23:39:c9:e7:07:
5d:fc:f2:8e:35:11:c4:fa:3f:ea:e2:af:9a:4e:a8:14:9c:e6:
12:1c:b2:47:cd:f1:9e:1b:fd:70:0b:bb:86:4b:d5:00:1b:4a:
0e:d8:e1:2a:d7:d3:78:16:ba:f1:69:9b:4e:dd:2e:c6:6a:d4:
70:54:4a:1f:fa:d7:62:48:35:c1:ba:a5:47:3e:23:2b:33:67:
8f:0f:49:e7:dd:52:4d:d2:8a:d3:a8:60:0d:99:f7:e1:89:b8:
a5:07:df:08:06:ef:c5:13:02:3b:cd:7d:93:2c:f6:1f:95:a0:
1c:cf:ad:85:f1:fe:e0:82:1f:e7:dd:67:3a:77:f9:76:27:4f:
02:19:7e:ef:59:d2:e0:02:f7:88:e5:f3:9c:90:38:b9:ce:9a:
05:eb:82:b5:4a:44:1c:48:6b:2a:c2:a1:36:bf:ce:df:ca:8e:
de:2c:8a:34:30:85:ae:48:35:7f:9e:1e:16:fc:e7:21:77:06:
2e:3e:4e:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4uS08spmm/bCXWJQmwVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUxMTA0MjIwMDM4WhcNMjUxMTA1MjIwMDM4WjAzMTEwLwYDVQQD
EyhkNTg0ZDE3M2E4ZjBiY2U5ODkyOTk5ZWNhY2MyNjMxZWI0ZTFiMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BzoE6jZfONG1Y/o9HUNDXG+d9sE
nf6DM7cMT9EIN7fUNXasSpZyeLZx/Y8PSCP5hjG85t+1iWVzqS4u1gzpwMdBeBJj
PRuWhsxbGMK3wTzVuoyR+0KTbCC/bvKdAKKxyAeCfMjzh217c/UK/NQRtiaA6u9A
2RolGl7RSMS+MKo6UV94tkJqK428JurP36NVOIOtczhzh9VQbwRbgeJlldMBmoua
1y2WE6XdIJ3MK1Rdmz2IVb3uXe0v1uVgbZN7TJ1LpfHSLFjFMDW/7SrECQ+eWrvM
s1Bn4QOjq7QAFtYN9NnXFT8xiFQDnP21bCtWF2AeYBFxurwKB3v2v3CjLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWE0XOo8LzpiSmZ7KzCYx604bBLMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+2cwG/m
CLN5h7A5L0gpETd5yuP+GghOmt7mL7ubKxTFO/0pTxBuyViUFaHpHQsQLjOnupkD
QMxmrxmHGftiTGNnzSM5yecHXfzyjjURxPo/6uKvmk6oFJzmEhyyR83xnhv9cAu7
hkvVABtKDtjhKtfTeBa68WmbTt0uxmrUcFRKH/rXYkg1wbqlRz4jKzNnjw9J591S
TdKK06hgDZn34Ym4pQffCAbvxRMCO819kyz2H5WgHM+thfH+4IIf591nOnf5didP
Ahl+71nS4AL3iOXznJA4uc6aBeuCtUpEHEhrKsKhNr/O38qO3iyKNDCFrkg1f54e
FvznIXcGLj5O9g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:24:33 2025 by rpki-client