Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: GkBpQ/pZSATBF9TIBDR7f4Jl5uNprIA5LmCFa2ROndo=
Subject key identifier: 92:81:5D:6B:78:FC:18:8D:C7:81:F6:86:57:A4:12:31:E4:0B:59:4C
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 019A503E5433F88D92C48C22EA3FEDC8365C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 0919
Signing time: Tue 04 Nov 2025 19:00:53 +0000
Manifest this update: Tue 04 Nov 2025 19:00:53 +0000
Manifest next update: Wed 05 Nov 2025 19:00:53 +0000
Files and hashes: 1: ExEAGmrTaGZYkgcoaaGfFiacDZM.roa (hash: vfQhBpcBjSjG95UQaSsBC3edgr1xXnN4hhJBHCKa+Vc=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: X8noZD7uaBk7pIcuE7ew7scdBqaNi36VOhS/UXoEj3c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 19:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:54:33:f8:8d:92:c4:8c:22:ea:3f:ed:c8:36:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Nov 4 19:00:53 2025 GMT
Not After : Nov 5 19:00:53 2025 GMT
Subject: CN=92815d6b78fc188dc781f68657a41231e40b594c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5d:0b:3b:fc:57:59:ae:ee:ff:84:5d:69:d9:
43:6c:53:00:35:55:85:19:f0:5a:87:07:1b:fd:d8:
0d:18:6d:f0:32:05:4f:6b:36:79:a9:08:9b:3d:3e:
22:c4:7d:5a:7d:dc:4a:40:d0:ec:f9:7c:db:34:7e:
66:e1:49:a5:0b:5a:63:5b:32:1a:18:4c:24:6a:c2:
4c:4c:60:5f:ca:91:9c:79:2a:35:57:de:01:aa:ed:
1c:48:9f:d5:f4:c1:21:17:91:c8:86:99:c8:9a:2e:
ef:37:36:b1:5c:32:8c:95:2e:17:9b:d7:35:e9:86:
71:bf:84:15:c9:ed:b4:2b:a1:91:91:08:b2:90:12:
a2:f3:55:76:43:b1:89:89:72:2f:d2:ba:cd:6d:43:
f0:bc:44:a1:37:11:cb:a6:fe:5c:75:4e:b8:ae:0c:
55:ff:c9:fa:6a:23:73:07:77:0c:1f:c6:08:45:43:
76:3e:dd:0b:7b:c1:d2:12:10:e3:ab:d9:bf:9a:61:
55:95:20:08:2c:48:1f:62:e6:c7:33:0c:5b:10:83:
dc:3d:e2:8f:57:8b:fa:8f:33:2e:2e:97:1b:6b:c4:
5f:52:9a:d5:51:b9:fe:30:8e:28:f5:b3:33:28:78:
5f:23:f9:80:03:68:9e:42:59:ce:fd:4b:0c:ec:5e:
f2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:81:5D:6B:78:FC:18:8D:C7:81:F6:86:57:A4:12:31:E4:0B:59:4C
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:7c:9f:99:d4:a8:4e:bc:75:2d:4d:f4:4e:d5:06:38:af:d9:
a9:d0:22:ec:b6:69:fc:29:d9:9b:a8:ff:55:49:12:d7:42:66:
93:45:5a:15:72:2b:2c:5b:a0:71:47:a2:44:e6:f0:33:fa:0e:
c7:9a:fd:0c:f7:53:80:53:31:95:0b:e1:a6:e2:fa:cd:c1:e2:
53:d0:be:65:ad:30:70:9a:f9:b0:94:1c:b8:1a:49:04:59:a0:
4b:3a:ea:8a:20:b6:d2:9a:96:32:c3:a2:f1:33:81:56:c1:86:
c7:c4:7b:fc:6e:80:5c:1a:2c:fc:6e:43:df:d3:73:35:e5:60:
f9:fe:28:e8:af:64:74:0f:54:07:ed:85:68:11:14:ab:42:bc:
03:b2:3e:4d:83:16:0e:47:a3:bd:52:e4:db:c5:b0:4b:10:e2:
60:7f:ac:52:af:3e:94:f3:6e:9c:36:63:31:61:05:5c:22:2d:
ec:63:4d:5a:a0:d2:1f:cc:c1:53:30:ac:b5:33:26:03:7f:35:
a3:b5:77:35:b8:b2:9d:3c:03:4f:f5:3e:03:32:6d:c4:8b:04:
38:2a:aa:15:c7:32:8f:4d:30:cf:4e:f6:0b:31:80:36:68:c7:
6c:f3:4f:29:96:1a:77:46:5f:3f:b2:89:8a:99:6d:17:23:8c:
e4:3d:4d:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPlQz+I2SxIwi6j/tyDZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjUxMTA0MTkwMDUzWhcNMjUxMTA1MTkwMDUzWjAzMTEwLwYDVQQD
Eyg5MjgxNWQ2Yjc4ZmMxODhkYzc4MWY2ODY1N2E0MTIzMWU0MGI1OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F0LO/xXWa7u/4RdadlDbFMANVWF
GfBahwcb/dgNGG3wMgVPazZ5qQibPT4ixH1afdxKQNDs+XzbNH5m4UmlC1pjWzIa
GEwkasJMTGBfypGceSo1V94Bqu0cSJ/V9MEhF5HIhpnImi7vNzaxXDKMlS4Xm9c1
6YZxv4QVye20K6GRkQiykBKi81V2Q7GJiXIv0rrNbUPwvEShNxHLpv5cdU64rgxV
/8n6aiNzB3cMH8YIRUN2Pt0Le8HSEhDjq9m/mmFVlSAILEgfYubHMwxbEIPcPeKP
V4v6jzMuLpcba8RfUprVUbn+MI4o9bMzKHhfI/mAA2ieQlnO/UsM7F7ywwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKBXWt4/BiNx4H2hlekEjHkC1lMMB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3yfmdSo
Trx1LU30TtUGOK/ZqdAi7LZp/CnZm6j/VUkS10Jmk0VaFXIrLFugcUeiRObwM/oO
x5r9DPdTgFMxlQvhpuL6zcHiU9C+Za0wcJr5sJQcuBpJBFmgSzrqiiC20pqWMsOi
8TOBVsGGx8R7/G6AXBos/G5D39NzNeVg+f4o6K9kdA9UB+2FaBEUq0K8A7I+TYMW
DkejvVLk28WwSxDiYH+sUq8+lPNunDZjMWEFXCIt7GNNWqDSH8zBUzCstTMmA381
o7V3NbiynTwDT/U+AzJtxIsEOCqqFccyj00wz072CzGANmjHbPNPKZYad0ZfP7KJ
ipltFyOM5D1NDg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:47:13 2025 by rpki-client