Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: 1Ekkd6bmBfpOs0Np6KhdV5rBGcIMcVn2XbEznDdZcSc=
Subject key identifier: 2A:60:45:98:00:04:C4:E1:5C:41:EC:3D:66:6D:01:59:26:4D:25:46
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019A54F615046C817CD55427220F38CCDACF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 171C
Signing time: Wed 05 Nov 2025 17:00:04 +0000
Manifest this update: Wed 05 Nov 2025 17:00:04 +0000
Manifest next update: Thu 06 Nov 2025 17:00:04 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: GGeh9AqcqVxhM8G70R/DIZFyXJU0NnQjOBeGNdt7jGU=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:f6:15:04:6c:81:7c:d5:54:27:22:0f:38:cc:da:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Nov 5 17:00:04 2025 GMT
Not After : Nov 6 17:00:04 2025 GMT
Subject: CN=2a6045980004c4e15c41ec3d666d0159264d2546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c0:d2:ff:f9:e0:d4:5e:46:c7:81:70:aa:74:
14:90:ab:21:09:0d:2e:8e:38:00:9f:a5:b7:5e:b4:
1b:97:b9:b6:8e:91:92:d9:26:77:ea:a6:04:99:61:
db:fc:92:9f:d4:ee:70:97:39:9a:76:3a:eb:f5:cc:
7f:9f:5c:a8:38:9f:e9:df:59:2f:55:20:73:7e:aa:
89:6b:29:e6:7e:71:f6:a5:51:ba:01:ab:02:c5:ce:
ca:fe:ce:e5:4e:05:26:94:a7:d2:b9:a4:4d:1d:ba:
a9:73:62:45:a5:2b:1c:67:d1:77:a1:7c:ef:57:89:
d0:5a:fa:0c:ef:9d:78:6e:18:5f:70:39:f3:28:37:
68:9f:5d:12:82:64:36:d6:37:20:37:8b:12:f8:db:
4c:2b:05:c8:53:bb:e3:71:74:10:d6:6d:fc:9a:5e:
37:b4:d9:8b:ae:94:a0:1a:06:ba:c0:18:77:ba:2a:
ba:fd:93:12:e8:8a:6d:9c:3e:92:43:f3:c5:2e:ba:
7f:3e:47:64:41:a4:92:4d:d5:0d:62:96:bd:72:31:
96:2d:36:8d:8e:0d:5c:ff:7c:db:25:21:24:3e:ab:
9d:e3:d3:f0:5c:a5:56:b1:cd:7c:d7:da:d8:2b:a8:
ef:db:eb:db:23:bf:3f:b0:d8:5f:c6:4c:cc:9d:0b:
d0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:60:45:98:00:04:C4:E1:5C:41:EC:3D:66:6D:01:59:26:4D:25:46
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:23:67:7e:0e:d5:6a:db:53:87:83:bf:29:bb:40:dd:5f:bb:
6f:33:f1:25:4a:32:a7:a6:7a:13:b0:5b:19:2b:49:40:95:8a:
6e:c3:ff:b5:06:5c:a2:70:97:ba:a0:72:4a:49:de:68:9b:80:
e7:c0:ce:92:c1:20:8a:29:9a:28:a1:ea:75:31:67:1c:95:98:
84:4e:ac:22:c5:b2:56:56:91:27:5f:ba:80:c5:38:28:0d:4c:
e6:9f:df:aa:10:15:c2:bf:04:63:6f:31:80:9f:88:12:cd:0e:
85:1b:3c:9c:77:bb:94:04:70:d9:3a:98:55:d1:a5:b3:ba:24:
7d:64:1c:d6:c3:5e:40:11:6e:ca:8c:5f:05:95:e7:a9:b5:14:
eb:80:44:56:de:8c:69:cf:51:f8:75:da:93:bf:9e:95:67:6b:
cf:e2:54:10:02:cb:5e:d3:5d:08:b4:c1:ba:c1:0c:e3:f6:ce:
c3:8a:18:16:b2:b8:20:bb:02:e8:31:65:c3:d7:0d:c1:53:04:
02:12:20:b7:53:61:16:3b:29:9c:f2:48:51:77:36:d0:ea:0d:
64:c9:7e:64:0a:10:d0:86:5e:44:a6:a0:bc:05:5d:c6:55:c0:
f4:96:dc:59:28:49:0f:0e:ff:bb:bb:c6:ed:a2:3d:26:57:d0:
12:4d:40:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpU9hUEbIF81VQnIg84zNrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUxMTA1MTcwMDA0WhcNMjUxMTA2MTcwMDA0WjAzMTEwLwYDVQQD
EygyYTYwNDU5ODAwMDRjNGUxNWM0MWVjM2Q2NjZkMDE1OTI2NGQyNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcDS//ng1F5Gx4FwqnQUkKshCQ0u
jjgAn6W3XrQbl7m2jpGS2SZ36qYEmWHb/JKf1O5wlzmadjrr9cx/n1yoOJ/p31kv
VSBzfqqJaynmfnH2pVG6AasCxc7K/s7lTgUmlKfSuaRNHbqpc2JFpSscZ9F3oXzv
V4nQWvoM7514bhhfcDnzKDdon10SgmQ21jcgN4sS+NtMKwXIU7vjcXQQ1m38ml43
tNmLrpSgGga6wBh3uiq6/ZMS6IptnD6SQ/PFLrp/PkdkQaSSTdUNYpa9cjGWLTaN
jg1c/3zbJSEkPqud49PwXKVWsc1819rYK6jv2+vbI78/sNhfxkzMnQvQHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpgRZgABMThXEHsPWZtAVkmTSVGMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyNnfg7V
attTh4O/KbtA3V+7bzPxJUoyp6Z6E7BbGStJQJWKbsP/tQZconCXuqBySkneaJuA
58DOksEgiimaKKHqdTFnHJWYhE6sIsWyVlaRJ1+6gMU4KA1M5p/fqhAVwr8EY28x
gJ+IEs0OhRs8nHe7lARw2TqYVdGls7okfWQc1sNeQBFuyoxfBZXnqbUU64BEVt6M
ac9R+HXak7+elWdrz+JUEALLXtNdCLTBusEM4/bOw4oYFrK4ILsC6DFlw9cNwVME
AhIgt1NhFjspnPJIUXc20OoNZMl+ZAoQ0IZeRKagvAVdxlXA9JbcWShJDw7/u7vG
7aI9JlfQEk1A1Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:06:13 2025 by rpki-client