Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json)
Hash identifier: qEqd9xQ/XV4oWwv/+dhVvApfyag37ttxdzrvaUo2ivc=
Subject key identifier: 3E:56:3C:8E:FA:1D:E8:3A:3B:6D:A1:22:D1:40:59:AC:C8:7A:E4:87
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 019A4C985343FBA45347B700413485FE2416
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 02:00:42 +0000
Manifest this update: Tue 04 Nov 2025 02:00:42 +0000
Manifest next update: Wed 05 Nov 2025 02:00:42 +0000
Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: R5FSgEva0WTOrwKrqDjmYCblE50L4R2nFT0mVcuz0i4=)
2: nJZ2h-CE2RpObbNuUbuQAsAe9wo.roa (hash: XjXLrJ8ZAfMXOtdh84OSK02UeKqf16aa2sgmGiELBao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:53:43:fb:a4:53:47:b7:00:41:34:85:fe:24:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Nov 4 02:00:42 2025 GMT
Not After : Nov 5 02:00:42 2025 GMT
Subject: CN=3e563c8efa1de83a3b6da122d14059acc87ae487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a0:2a:fe:c4:e9:55:fa:55:6a:94:9d:dc:8f:
54:3e:3a:f2:24:27:25:ff:ed:ec:01:63:2f:0a:f4:
df:e1:19:29:c9:ec:7c:e7:1e:86:66:cc:f3:1a:19:
94:f7:e5:b5:b8:f3:9e:01:00:0f:20:4e:cc:62:72:
7d:d3:df:a5:a0:21:9f:9a:98:80:92:da:aa:2e:a1:
ad:2a:1f:3c:b6:2b:e4:8c:6d:1a:0e:f7:0e:07:17:
82:ea:9a:cb:a9:fd:f8:15:9e:eb:a0:a7:b8:81:b6:
01:e2:35:1a:25:2a:54:be:b9:07:02:77:db:8d:9b:
6a:07:7c:17:2c:34:2a:12:bb:e2:a2:e8:9a:52:5f:
b2:ec:c5:ce:41:fa:d8:a3:e3:82:45:70:73:be:6a:
b0:55:fd:68:bb:71:2f:92:80:93:94:4a:b8:2b:0b:
81:9e:0c:30:f6:95:b8:62:50:b2:5a:20:89:bd:bc:
f1:1b:e0:31:1a:85:77:04:42:e3:f5:b5:81:38:e7:
83:1e:95:b6:e5:65:11:50:ef:42:56:ba:8b:06:12:
45:31:4f:d6:0c:c6:bd:1a:c8:8f:d9:8c:f1:1c:7f:
5a:bf:79:a4:83:65:6e:c0:c8:c3:0f:64:88:c7:14:
f0:da:f8:72:fd:f4:81:cf:28:9b:93:4e:a5:f8:2a:
98:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:56:3C:8E:FA:1D:E8:3A:3B:6D:A1:22:D1:40:59:AC:C8:7A:E4:87
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:58:70:c1:db:75:9b:16:ec:2b:65:b7:a2:d3:65:47:6d:d3:
24:04:a1:d4:c4:1c:78:07:ca:a5:a7:7e:3f:34:9e:76:5e:a4:
3c:7b:71:96:6b:5a:fb:9c:c5:ed:35:73:9e:21:45:cf:ee:21:
82:f6:e5:1d:66:b9:a7:0b:95:e2:7f:73:9e:06:f8:69:da:17:
26:71:ad:4c:76:72:2e:87:08:a0:98:0a:01:3a:45:17:b8:0c:
00:45:22:cd:02:c9:19:f1:2b:d9:c6:fa:5b:bc:06:8d:cd:c1:
00:ba:70:b5:bc:e0:da:e5:26:ab:97:e7:21:5e:36:50:0f:ff:
d9:64:be:3b:99:78:f7:42:2e:40:4d:a8:90:98:3e:b4:73:d8:
bd:48:87:01:df:4b:a2:97:5e:af:63:44:04:f8:31:10:39:42:
d9:d3:0e:4d:52:cf:d5:7e:b1:a6:3a:a6:7e:cb:35:a4:50:e1:
f6:87:92:46:5a:fb:a4:18:f2:5c:b9:ef:c2:18:eb:89:f8:95:
94:aa:6c:ed:b3:ef:c4:ff:41:e6:11:8f:9d:0c:30:6e:0f:40:
97:0d:c3:71:9a:2f:cb:48:00:a3:1d:34:37:de:16:c3:7c:40:
2a:fa:ea:dd:37:ab:95:08:09:bd:13:d8:0f:24:df:2f:d1:2d:
de:e9:b5:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmFND+6RTR7cAQTSF/iQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh
M2IwMWQwHhcNMjUxMTA0MDIwMDQyWhcNMjUxMTA1MDIwMDQyWjAzMTEwLwYDVQQD
EygzZTU2M2M4ZWZhMWRlODNhM2I2ZGExMjJkMTQwNTlhY2M4N2FlNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KAq/sTpVfpVapSd3I9UPjryJCcl
/+3sAWMvCvTf4Rkpyex85x6GZszzGhmU9+W1uPOeAQAPIE7MYnJ909+loCGfmpiA
ktqqLqGtKh88tivkjG0aDvcOBxeC6prLqf34FZ7roKe4gbYB4jUaJSpUvrkHAnfb
jZtqB3wXLDQqErviouiaUl+y7MXOQfrYo+OCRXBzvmqwVf1ou3EvkoCTlEq4KwuB
ngww9pW4YlCyWiCJvbzxG+AxGoV3BELj9bWBOOeDHpW25WURUO9CVrqLBhJFMU/W
DMa9GsiP2YzxHH9av3mkg2VuwMjDD2SIxxTw2vhy/fSBzyibk06l+CqYRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5WPI76Heg6O22hItFAWazIeuSHMB8GA1UdIwQY
MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt
MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3
LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArlhwwdt1
mxbsK2W3otNlR23TJASh1MQceAfKpad+PzSedl6kPHtxlmta+5zF7TVzniFFz+4h
gvblHWa5pwuV4n9zngb4adoXJnGtTHZyLocIoJgKATpFF7gMAEUizQLJGfEr2cb6
W7wGjc3BALpwtbzg2uUmq5fnIV42UA//2WS+O5l490IuQE2okJg+tHPYvUiHAd9L
opder2NEBPgxEDlC2dMOTVLP1X6xpjqmfss1pFDh9oeSRlr7pBjyXLnvwhjrifiV
lKps7bPvxP9B5hGPnQwwbg9Alw3DcZovy0gAox00N94Ww3xAKvrq3TerlQgJvRPY
DyTfL9Et3um1+w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:52:45 2025 by rpki-client