Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: C/cfdDLJnMO2dFLs+R3LPXLQqoWpAJxOnm2dSNmiZBo=
Subject key identifier: AF:44:A7:EF:DB:00:52:97:C5:47:0A:1C:83:21:7F:68:A8:BE:BA:9A
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 019A50E31C076D0AF77C6FE56EB69C5C5915
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 0479
Signing time: Tue 04 Nov 2025 22:00:52 +0000
Manifest this update: Tue 04 Nov 2025 22:00:52 +0000
Manifest next update: Wed 05 Nov 2025 22:00:52 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: 0DWwNNioKTrgmYWgVngdGY4nLo2STnxq6kJ+tgSYszQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:1c:07:6d:0a:f7:7c:6f:e5:6e:b6:9c:5c:59:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Nov 4 22:00:52 2025 GMT
Not After : Nov 5 22:00:52 2025 GMT
Subject: CN=af44a7efdb005297c5470a1c83217f68a8beba9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:3b:d4:4f:29:5c:7e:0e:43:80:37:8f:79:
a5:15:e1:2b:09:31:bf:58:27:4a:46:08:22:71:de:
3a:c8:1c:a1:10:6b:41:9a:9a:07:07:ab:43:52:10:
75:2b:f3:ff:8a:58:af:1b:c4:1b:47:38:94:6d:fb:
69:1e:58:4d:89:d0:f9:74:9e:fb:a8:da:c5:89:6f:
a8:b5:d1:b8:f4:61:3b:04:e0:39:1b:4c:db:96:a8:
fb:6d:24:ee:90:2a:9b:f1:64:7d:8e:5f:cb:81:1d:
6f:4c:88:46:92:a5:6c:73:5d:a9:f7:f6:28:38:9a:
30:c4:82:7e:6d:72:0d:0f:93:f6:03:8a:03:66:2e:
64:95:de:92:33:5d:fe:0c:8f:d8:c7:fc:a2:b7:b1:
f2:bc:c3:1f:5e:d5:c3:6c:10:ad:7f:7d:55:ad:47:
a7:7e:68:1d:bb:59:6e:1d:97:7d:51:cb:8f:78:8d:
cb:94:9f:25:96:0a:b2:1e:22:85:f8:ec:bc:18:30:
50:98:af:50:4d:38:22:46:6c:25:57:02:2c:81:05:
ad:9b:e0:bc:e1:e5:d4:2e:52:0a:83:56:d0:b0:03:
36:c8:9c:5a:5e:ef:3c:7b:a6:d8:35:59:19:f5:dc:
1a:48:93:27:2d:91:c4:d9:47:cb:64:2e:25:1d:87:
5c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:44:A7:EF:DB:00:52:97:C5:47:0A:1C:83:21:7F:68:A8:BE:BA:9A
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:aa:10:d2:92:72:85:4d:83:08:a6:a1:34:cb:19:9c:54:26:
62:dc:44:e5:46:cb:7a:1a:50:85:c3:b9:45:b4:12:b4:ee:b2:
5e:2e:be:d3:55:cb:6b:ad:4e:28:77:90:ea:d0:ec:dc:f7:40:
4c:0f:c2:aa:a0:4c:bf:de:41:6e:8c:ba:da:f0:0b:11:09:d4:
b1:cf:c0:d8:5b:08:c4:48:17:a5:81:04:17:19:95:9a:69:23:
33:33:e5:92:c3:d4:6a:2e:ef:8f:05:0f:1c:5d:ac:36:56:fe:
8b:54:63:39:b0:a1:d8:ed:1a:2c:91:4f:7a:30:ea:7f:ee:3c:
b1:38:b5:ae:4e:cb:10:9b:c1:92:e7:e1:e9:13:f9:91:64:ff:
ba:1e:3e:80:ff:c5:06:13:d7:e0:b2:8c:15:db:aa:d2:a0:1b:
41:89:5b:5b:ca:ad:16:c4:13:46:34:c4:ba:41:ff:08:d8:4a:
94:d6:50:d0:09:cc:a8:51:46:84:25:8a:fe:86:74:32:17:14:
70:b4:33:e8:07:e0:27:19:82:22:22:28:d5:f0:ed:82:78:e7:
29:29:0d:36:c8:93:77:8c:e5:84:3d:b9:ee:7d:0b:b5:5d:ea:
d9:ba:dd:57:c7:6c:6e:28:07:fa:70:12:e6:98:fc:9f:31:46:
81:80:46:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4xwHbQr3fG/lbracXFkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUxMTA0MjIwMDUyWhcNMjUxMTA1MjIwMDUyWjAzMTEwLwYDVQQD
EyhhZjQ0YTdlZmRiMDA1Mjk3YzU0NzBhMWM4MzIxN2Y2OGE4YmViYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtE71E8pXH4OQ4A3j3mlFeErCTG/
WCdKRggicd46yByhEGtBmpoHB6tDUhB1K/P/ilivG8QbRziUbftpHlhNidD5dJ77
qNrFiW+otdG49GE7BOA5G0zblqj7bSTukCqb8WR9jl/LgR1vTIhGkqVsc12p9/Yo
OJowxIJ+bXIND5P2A4oDZi5kld6SM13+DI/Yx/yit7HyvMMfXtXDbBCtf31VrUen
fmgdu1luHZd9UcuPeI3LlJ8llgqyHiKF+Oy8GDBQmK9QTTgiRmwlVwIsgQWtm+C8
4eXULlIKg1bQsAM2yJxaXu88e6bYNVkZ9dwaSJMnLZHE2UfLZC4lHYdcgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9Ep+/bAFKXxUcKHIMhf2iovrqaMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqoQ0pJy
hU2DCKahNMsZnFQmYtxE5UbLehpQhcO5RbQStO6yXi6+01XLa61OKHeQ6tDs3PdA
TA/CqqBMv95Bboy62vALEQnUsc/A2FsIxEgXpYEEFxmVmmkjMzPlksPUai7vjwUP
HF2sNlb+i1RjObCh2O0aLJFPejDqf+48sTi1rk7LEJvBkufh6RP5kWT/uh4+gP/F
BhPX4LKMFduq0qAbQYlbW8qtFsQTRjTEukH/CNhKlNZQ0AnMqFFGhCWK/oZ0MhcU
cLQz6AfgJxmCIiIo1fDtgnjnKSkNNsiTd4zlhD257n0LtV3q2brdV8dsbigH+nAS
5pj8nzFGgYBGhA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:48:57 2025 by rpki-client