Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: zjj9JMsafSPI0UUIVzPhrjFBEt7WpH7lSOISmdR4Zsw=
Subject key identifier: 29:04:BE:4E:1C:7F:B0:DC:DE:A9:63:FA:C0:4C:2E:07:05:45:03:03
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019A51F59F743B489C0D18DA2F275676D9E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0AFF
Signing time: Wed 05 Nov 2025 03:00:42 +0000
Manifest this update: Wed 05 Nov 2025 03:00:42 +0000
Manifest next update: Thu 06 Nov 2025 03:00:42 +0000
Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: dHH30p8AePFwA/vGCKHfSsGuc0Cs+Z07wrcBRSsFAmg=)
2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:9f:74:3b:48:9c:0d:18:da:2f:27:56:76:d9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Nov 5 03:00:42 2025 GMT
Not After : Nov 6 03:00:42 2025 GMT
Subject: CN=2904be4e1c7fb0dcdea963fac04c2e0705450303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:03:ad:6f:ac:ea:ad:ff:54:44:60:32:52:db:
30:d7:7b:be:b9:f0:7e:97:3a:e1:90:2a:0b:59:3f:
77:39:ea:61:bc:2d:7c:c9:6e:5b:5e:34:56:2b:d1:
a2:f9:18:77:60:6e:10:da:52:7e:bd:58:4b:c8:92:
a7:04:21:73:3c:9c:69:08:53:51:75:f9:e8:8f:30:
f0:a5:a8:87:46:f7:79:63:2a:c3:d8:76:4f:cc:98:
39:9f:13:e1:5d:b5:24:59:8e:6a:48:91:fe:a2:db:
12:76:60:59:ef:12:76:11:cb:b1:6d:31:f3:34:9c:
a8:fd:e6:d2:09:f9:f5:67:ec:50:0a:87:ea:76:fa:
70:30:b6:be:84:3f:95:d6:22:db:b8:49:a2:e8:a4:
ef:51:7b:d2:06:f7:3b:e1:98:10:16:7e:88:32:47:
20:90:42:f7:43:7b:cd:36:65:6c:a0:50:54:1e:48:
31:52:c2:2c:61:98:bf:a3:74:5b:53:03:96:d6:68:
4a:94:b4:90:9e:2e:7a:61:56:e1:2f:ed:0d:c0:10:
23:55:5d:ab:77:9d:98:60:9e:4a:7b:b1:34:67:92:
31:1c:f8:9c:1a:bd:24:52:38:2f:a4:08:4e:9a:79:
58:55:9e:17:71:ce:7f:2a:ff:73:73:b8:60:33:2d:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:04:BE:4E:1C:7F:B0:DC:DE:A9:63:FA:C0:4C:2E:07:05:45:03:03
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:ea:a1:6e:dc:03:03:5b:eb:0d:2b:ef:14:41:40:fb:5b:ca:
e5:28:5a:79:e7:01:61:a3:ad:df:8d:7b:08:b3:1a:d7:90:5a:
48:bd:49:ca:a7:1e:30:3f:21:cd:fb:16:0d:38:52:5d:ed:01:
92:a5:57:7e:98:95:be:4d:e4:50:8c:64:9f:50:27:20:25:04:
23:bb:87:ad:39:e7:c9:0a:99:22:b6:81:cd:ac:0a:c9:40:f7:
1e:8e:02:17:05:d4:a4:db:03:76:d5:82:29:30:90:d2:cf:5c:
e9:25:52:16:49:d2:a4:e1:22:aa:dd:4c:47:73:a0:ed:2e:36:
86:6d:c1:a4:f8:0e:07:8d:59:f3:11:8c:37:5f:65:86:eb:6c:
03:db:1d:49:36:16:6e:fa:f3:0b:9f:db:b6:1b:39:b2:49:66:
2f:5e:45:af:1e:b7:27:d7:8c:ae:9b:86:e8:b5:72:06:2f:9c:
18:b4:ce:1f:97:8e:71:27:e1:42:09:4d:39:02:4d:48:9f:7b:
1a:99:ba:92:37:80:55:94:59:87:3c:cc:e3:d3:eb:b1:36:7a:
3d:c9:0d:47:ce:ae:a6:e0:e2:7c:17:5d:b9:e5:ba:65:60:d2:
a2:0a:76:a6:09:8b:2f:06:f8:86:a2:c6:fd:1f:ee:14:0a:31:
90:a6:1e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9Z90O0icDRjaLydWdtnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjUxMTA1MDMwMDQyWhcNMjUxMTA2MDMwMDQyWjAzMTEwLwYDVQQD
EygyOTA0YmU0ZTFjN2ZiMGRjZGVhOTYzZmFjMDRjMmUwNzA1NDUwMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAOtb6zqrf9URGAyUtsw13u+ufB+
lzrhkCoLWT93OephvC18yW5bXjRWK9Gi+Rh3YG4Q2lJ+vVhLyJKnBCFzPJxpCFNR
dfnojzDwpaiHRvd5YyrD2HZPzJg5nxPhXbUkWY5qSJH+otsSdmBZ7xJ2EcuxbTHz
NJyo/ebSCfn1Z+xQCofqdvpwMLa+hD+V1iLbuEmi6KTvUXvSBvc74ZgQFn6IMkcg
kEL3Q3vNNmVsoFBUHkgxUsIsYZi/o3RbUwOW1mhKlLSQni56YVbhL+0NwBAjVV2r
d52YYJ5Ke7E0Z5IxHPicGr0kUjgvpAhOmnlYVZ4Xcc5/Kv9zc7hgMy0fLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkEvk4cf7Dc3qlj+sBMLgcFRQMDMB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiuqhbtwD
A1vrDSvvFEFA+1vK5ShaeecBYaOt3417CLMa15BaSL1JyqceMD8hzfsWDThSXe0B
kqVXfpiVvk3kUIxkn1AnICUEI7uHrTnnyQqZIraBzawKyUD3Ho4CFwXUpNsDdtWC
KTCQ0s9c6SVSFknSpOEiqt1MR3Og7S42hm3BpPgOB41Z8xGMN19lhutsA9sdSTYW
bvrzC5/bths5sklmL15Frx63J9eMrpuG6LVyBi+cGLTOH5eOcSfhQglNOQJNSJ97
Gpm6kjeAVZRZhzzM49PrsTZ6PckNR86upuDifBddueW6ZWDSogp2pgmLLwb4hqLG
/R/uFAoxkKYe/w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:51:23 2025 by rpki-client