Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
File: 0AL76fCkE2A-3vtzOlMfLiwOnAY.mft (raw, json)
Hash identifier: q+8VSe7sPGmNH/d3WGvhgNeP6XKkEU6zipGltN34T8o=
Subject key identifier: 98:13:93:D6:D1:06:08:8C:70:85:68:64:15:4C:E4:12:6B:DD:F1:DD
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 019A4F9921739841103D5C8187E85D1E1714
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 16:00:26 +0000
Manifest this update: Tue 04 Nov 2025 16:00:26 +0000
Manifest next update: Wed 05 Nov 2025 16:00:26 +0000
Files and hashes: 1: 0AL76fCkE2A-3vtzOlMfLiwOnAY.crl (hash: UmQGCi6qebZZFTXMszQENjL4PbhQN7lv8HwWnsn3Oww=)
2: _XUidn5LGX4qhZ_75ajbeYWe1Ao.roa (hash: b/pfq31DckGw+o1qBs5ugJl7vAflaGA+vdef1tZYmPs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:21:73:98:41:10:3d:5c:81:87:e8:5d:1e:17:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Nov 4 16:00:26 2025 GMT
Not After : Nov 5 16:00:26 2025 GMT
Subject: CN=981393d6d106088c70856864154ce4126bddf1dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:33:80:c1:58:41:bc:b5:55:24:26:21:b7:
8d:aa:99:fd:43:35:07:87:7c:82:47:53:1a:c9:fc:
09:6a:9e:cf:11:23:df:84:8d:f9:d5:db:a0:a3:d1:
d2:7e:91:93:ff:76:70:52:64:4e:ee:60:ca:19:07:
33:f4:f4:5a:e6:c1:d7:64:0f:14:34:cc:4e:2b:36:
46:76:b6:5d:01:39:3e:58:6b:34:72:67:ad:4c:37:
d7:bb:fe:a7:84:f6:2b:d7:1c:98:d1:77:cb:6f:d7:
eb:5e:4a:96:3b:77:94:f6:32:58:0e:c8:b2:c7:ff:
4f:a2:2f:06:8a:f4:42:51:ed:74:71:66:df:8d:b5:
4b:c6:30:be:68:ad:92:99:e8:53:7e:61:c3:d1:c1:
3c:e0:eb:f8:30:2d:4f:23:52:01:32:c5:f1:51:dc:
be:6f:5b:b8:1b:cc:df:61:4f:d4:c4:6e:50:f2:68:
1b:37:fc:e0:fa:80:ec:2b:ce:f8:e5:b0:24:0e:51:
4b:87:2c:35:44:0b:ba:f6:e8:0b:4d:d4:79:bf:d4:
12:85:e6:b4:70:ab:01:79:a1:9f:29:8a:57:40:b2:
86:f0:13:fe:5e:3b:68:f2:4f:be:bc:57:d3:da:11:
c8:e6:2d:46:19:e3:c6:d6:e9:8d:f8:f2:37:26:f7:
ae:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:13:93:D6:D1:06:08:8C:70:85:68:64:15:4C:E4:12:6B:DD:F1:DD
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:26:9a:5a:a4:16:35:09:6c:9c:cd:c2:f6:31:f0:a3:c8:43:
06:27:84:07:48:ea:3f:53:53:03:8b:1c:6d:f6:6d:6d:5c:0b:
a4:46:26:cd:29:07:6a:46:86:d7:6d:77:ad:8b:39:6d:19:36:
46:c7:c7:0c:49:48:c5:50:cd:01:ae:ac:6c:d0:7f:26:84:51:
ce:2b:59:78:a5:de:90:3b:3e:34:b9:1e:72:7a:d7:40:30:a2:
13:8f:ff:c4:b7:0c:d1:84:f3:f6:a3:6e:96:37:2d:94:f5:0d:
e9:1f:6e:1f:f7:0d:dd:ce:1b:ca:6b:72:70:e4:59:b8:2b:db:
1f:1c:c3:f3:0d:99:ed:23:73:9e:2d:46:3e:5b:81:be:3f:68:
ac:bb:0a:ff:91:7e:93:17:82:68:bc:33:0a:0a:a0:68:71:ef:
24:e4:5e:04:df:68:6a:0f:cd:37:a7:61:e2:3a:01:f5:20:14:
3a:60:c5:0b:07:61:79:82:ff:65:30:8f:54:5b:6e:59:23:e8:
5a:cc:b9:fd:83:c4:6e:66:9e:72:1c:19:e8:0f:94:56:bc:6d:
fb:48:9b:1e:b1:30:f9:e4:6d:41:18:ff:08:13:90:51:45:63:
52:34:25:30:81:37:d8:1d:4e:2e:63:c2:6d:89:79:40:c3:c4:
33:46:be:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmSFzmEEQPVyBh+hdHhcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjUxMTA0MTYwMDI2WhcNMjUxMTA1MTYwMDI2WjAzMTEwLwYDVQQD
Eyg5ODEzOTNkNmQxMDYwODhjNzA4NTY4NjQxNTRjZTQxMjZiZGRmMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0QzgMFYQby1VSQmIbeNqpn9QzUH
h3yCR1MayfwJap7PESPfhI351dugo9HSfpGT/3ZwUmRO7mDKGQcz9PRa5sHXZA8U
NMxOKzZGdrZdATk+WGs0cmetTDfXu/6nhPYr1xyY0XfLb9frXkqWO3eU9jJYDsiy
x/9Poi8GivRCUe10cWbfjbVLxjC+aK2SmehTfmHD0cE84Ov4MC1PI1IBMsXxUdy+
b1u4G8zfYU/UxG5Q8mgbN/zg+oDsK8745bAkDlFLhyw1RAu69ugLTdR5v9QShea0
cKsBeaGfKYpXQLKG8BP+Xjto8k++vFfT2hHI5i1GGePG1umN+PI3JveuNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgTk9bRBgiMcIVoZBVM5BJr3fHdMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyaaWqQW
NQlsnM3C9jHwo8hDBieEB0jqP1NTA4scbfZtbVwLpEYmzSkHakaG1213rYs5bRk2
RsfHDElIxVDNAa6sbNB/JoRRzitZeKXekDs+NLkecnrXQDCiE4//xLcM0YTz9qNu
ljctlPUN6R9uH/cN3c4bymtycORZuCvbHxzD8w2Z7SNzni1GPluBvj9orLsK/5F+
kxeCaLwzCgqgaHHvJOReBN9oag/NN6dh4joB9SAUOmDFCwdheYL/ZTCPVFtuWSPo
Wsy5/YPEbmaechwZ6A+UVrxt+0ibHrEw+eRtQRj/CBOQUUVjUjQlMIE32B1OLmPC
bYl5QMPEM0a+Qw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:58:16 2025 by rpki-client