Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: YhjbuElHYxNnrDCrjnTlAjTuuqIPI2a9exVKMNlmCGY=
Subject key identifier: 98:79:9A:3B:D1:A7:DE:FF:07:01:E2:C4:F2:48:2D:02:AD:9F:D8:4B
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 019A4F98D92033796F6E8956FC24F2EF9509
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0E17
Signing time: Tue 04 Nov 2025 16:00:08 +0000
Manifest this update: Tue 04 Nov 2025 16:00:08 +0000
Manifest next update: Wed 05 Nov 2025 16:00:08 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: sCZmKeCE1YmZndpu8Niw8ffBhiBIuTJbpUvDf2phy54=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:98:d9:20:33:79:6f:6e:89:56:fc:24:f2:ef:95:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Nov 4 16:00:08 2025 GMT
Not After : Nov 5 16:00:08 2025 GMT
Subject: CN=98799a3bd1a7deff0701e2c4f2482d02ad9fd84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:59:a6:1e:f6:3f:72:89:98:59:d7:5b:dc:d7:
29:91:f8:93:9f:b9:de:58:8b:58:30:0f:6c:c8:25:
8d:d4:f9:00:14:34:d6:02:3b:1e:4a:9d:48:62:b3:
a9:0a:7c:05:5c:22:59:e4:08:17:88:61:90:a7:13:
62:60:0f:15:cf:9a:58:9e:61:32:19:6a:cf:42:4a:
93:57:ff:1a:37:cb:75:a9:ff:79:39:ba:88:17:f6:
17:c5:00:34:96:9c:1b:0c:79:4f:cd:c8:96:aa:8f:
73:af:ef:38:04:b0:1d:9f:71:32:0b:c9:c4:b7:fb:
9c:10:1f:8e:1c:cf:b0:80:fb:17:e8:b5:c3:5b:7f:
20:b5:d7:7c:bc:de:f3:02:af:c4:fa:42:07:94:13:
8d:91:44:21:af:a0:bd:fa:4d:b0:79:ac:e0:a5:92:
0b:9d:a8:ac:55:00:64:51:ed:da:38:bb:0a:3b:e2:
3b:44:af:74:25:b0:b2:a2:90:18:09:2b:9e:a6:00:
74:94:0d:33:a9:b0:d2:86:a7:2b:2c:13:7d:32:ed:
d6:9d:33:79:61:10:6f:ff:4b:70:a0:e3:18:f0:20:
97:ff:78:30:c7:6b:38:6e:9e:12:bd:e9:74:29:32:
5c:cd:23:7e:ca:b3:68:1a:e6:20:64:8d:f6:5c:90:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:79:9A:3B:D1:A7:DE:FF:07:01:E2:C4:F2:48:2D:02:AD:9F:D8:4B
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:b7:c9:33:dc:86:4a:db:0b:f6:11:6e:26:42:cd:27:21:81:
e3:63:ed:cc:ad:ba:7e:63:e8:11:53:49:4a:66:75:58:bb:8a:
fd:24:7a:bd:ef:7e:79:cc:22:f9:9a:92:d6:5e:3f:23:ba:2b:
cd:1b:08:89:e6:3f:c2:06:11:7c:93:7a:9a:0d:e6:32:45:02:
a6:9d:b6:2e:d4:a2:fb:59:ac:8e:32:ef:df:dd:e8:fe:85:cb:
f7:80:a1:6f:cf:cc:2d:2f:1f:fa:05:9b:d8:5b:8d:bc:96:16:
9e:e3:3c:34:4e:f0:1b:1a:6e:8b:ee:16:3f:53:c4:03:54:77:
bd:3c:ff:5b:6b:5e:3e:c6:07:35:37:78:20:d3:37:8e:b8:54:
45:55:33:77:67:10:92:7d:d9:ed:14:c6:17:f7:58:9e:44:91:
70:43:18:83:ff:02:af:a0:66:be:5d:6b:88:3b:c3:61:b5:3d:
d3:60:57:b3:6c:3b:4e:39:71:4c:ae:a7:be:55:af:51:34:54:
ba:02:e9:3e:a7:ef:d4:0d:93:be:dc:65:28:54:20:46:19:92:
b4:4c:fd:50:d8:86:2d:96:e0:79:94:51:aa:5a:37:bb:45:8a:
33:e6:37:53:83:7f:a8:72:14:01:a4:03:8f:05:a5:cf:27:0b:
d0:18:d9:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmNkgM3lvbolW/CTy75UJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUxMTA0MTYwMDA4WhcNMjUxMTA1MTYwMDA4WjAzMTEwLwYDVQQD
Eyg5ODc5OWEzYmQxYTdkZWZmMDcwMWUyYzRmMjQ4MmQwMmFkOWZkODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lmmHvY/comYWddb3NcpkfiTn7ne
WItYMA9syCWN1PkAFDTWAjseSp1IYrOpCnwFXCJZ5AgXiGGQpxNiYA8Vz5pYnmEy
GWrPQkqTV/8aN8t1qf95ObqIF/YXxQA0lpwbDHlPzciWqo9zr+84BLAdn3EyC8nE
t/ucEB+OHM+wgPsX6LXDW38gtdd8vN7zAq/E+kIHlBONkUQhr6C9+k2weazgpZIL
naisVQBkUe3aOLsKO+I7RK90JbCyopAYCSuepgB0lA0zqbDShqcrLBN9Mu3WnTN5
YRBv/0twoOMY8CCX/3gwx2s4bp4Svel0KTJczSN+yrNoGuYgZI32XJA8WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJh5mjvRp97/BwHixPJILQKtn9hLMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLfJM9yG
StsL9hFuJkLNJyGB42PtzK26fmPoEVNJSmZ1WLuK/SR6ve9+ecwi+ZqS1l4/I7or
zRsIieY/wgYRfJN6mg3mMkUCpp22LtSi+1msjjLv393o/oXL94Chb8/MLS8f+gWb
2FuNvJYWnuM8NE7wGxpui+4WP1PEA1R3vTz/W2tePsYHNTd4INM3jrhURVUzd2cQ
kn3Z7RTGF/dYnkSRcEMYg/8Cr6Bmvl1riDvDYbU902BXs2w7TjlxTK6nvlWvUTRU
ugLpPqfv1A2TvtxlKFQgRhmStEz9UNiGLZbgeZRRqlo3u0WKM+Y3U4N/qHIUAaQD
jwWlzycL0BjZEw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:48:31 2025 by rpki-client