Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
File: aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json)
Hash identifier: yPetzuXSaC+tHC9EpPnMwlxBLd+awB/pV7h24ILvqCQ=
Subject key identifier: 34:71:CE:C8:CC:49:FB:63:E9:61:9B:C7:FD:F1:6A:EB:45:96:02:8D
Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
Certificate issuer: /CN=6987d0047fb1d8912c63f911305a714f438b1e71
Certificate serial: 019A552D5C3FB2DCD17AB6108C374C758521
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
Manifest number: 170F
Signing time: Wed 05 Nov 2025 18:00:27 +0000
Manifest this update: Wed 05 Nov 2025 18:00:27 +0000
Manifest next update: Thu 06 Nov 2025 18:00:27 +0000
Files and hashes: 1: Atkr4h8_-iWKS-lQ1C-yvRl84ME.roa (hash: 2T7HRH5eHvmAemXfiDHO7EMODqi7SWlhFBBbiZ8y44c=)
2: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: g7bHK9xmgiGjtlceMd+OSMBuQM26nLd0vr8jIY1s16c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:2d:5c:3f:b2:dc:d1:7a:b6:10:8c:37:4c:75:85:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71
Validity
Not Before: Nov 5 18:00:27 2025 GMT
Not After : Nov 6 18:00:27 2025 GMT
Subject: CN=3471cec8cc49fb63e9619bc7fdf16aeb4596028d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:66:61:65:21:19:83:fc:50:05:88:b9:08:a8:
0b:47:c1:ef:f4:cf:70:86:61:c2:aa:35:2a:c6:16:
5d:a8:f3:18:6c:d1:00:c1:02:e5:51:45:c2:ca:30:
bc:7f:73:e7:0c:4b:d3:74:32:30:bd:cf:81:9a:97:
aa:c5:c7:11:19:d2:81:38:63:f9:ee:1c:d9:d7:fc:
06:69:6d:38:0c:df:47:20:82:cb:d6:b7:25:52:b4:
83:46:8f:2b:87:87:ab:0d:e6:f2:ce:83:7a:10:9a:
6d:b8:a2:cd:ea:53:15:6b:3a:ba:d8:21:9c:65:4f:
8e:43:96:a0:62:d9:14:36:0f:e0:34:ce:29:d0:25:
14:0f:ff:c0:66:23:25:ec:6d:4d:de:23:a3:42:07:
01:2f:10:40:d3:6e:29:98:2d:0b:fc:1b:1e:09:b3:
44:33:cd:bf:a0:70:7d:e3:05:84:51:47:00:2b:6e:
2f:ca:e6:05:8a:f0:cd:5d:3f:bc:4e:19:2a:d1:cb:
b9:00:8f:25:4a:7a:f1:fc:11:5c:7b:a0:3f:a5:fd:
cd:2c:e2:2e:d7:44:d8:e9:0a:18:4a:f3:b9:c3:f9:
b2:43:8f:e2:cb:43:e8:48:50:57:ba:e4:a5:88:36:
7c:c7:78:ad:1d:35:bc:d4:61:d9:71:87:1f:33:ab:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:CE:C8:CC:49:FB:63:E9:61:9B:C7:FD:F1:6A:EB:45:96:02:8D
X509v3 Authority Key Identifier:
keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:25:7b:93:86:23:18:48:6b:bc:3d:49:15:af:cc:c9:ba:ce:
b1:0e:42:50:d3:16:d8:7a:48:0e:81:dc:e7:40:2f:a0:f1:c8:
d9:8d:c4:69:5a:21:a4:af:50:d8:84:9b:b5:49:0c:60:93:7d:
0e:75:f9:36:d6:d8:45:a8:9e:d2:d1:69:60:22:6e:9f:45:f5:
3f:b8:0d:e3:0a:59:db:7f:3b:ca:21:fa:14:2e:f2:34:09:a0:
45:ec:0a:be:18:91:cc:30:fd:c8:87:c1:32:41:55:c4:b7:60:
0c:0e:c4:0b:cc:9a:25:73:55:09:96:bb:7a:a5:50:9f:4d:1e:
ca:1c:e8:25:76:fe:08:bb:a2:1b:d9:11:42:57:c9:21:dd:3a:
b9:7d:98:a1:46:59:c9:ba:5c:67:e7:43:06:85:f5:f5:b4:c0:
53:ca:c3:bb:38:77:c9:2f:a8:f2:5f:bf:b3:7b:84:fa:35:1f:
4f:1b:17:5a:3f:a0:02:cf:28:ea:33:c0:84:d8:7e:f3:4f:64:
d8:32:ab:37:de:80:1c:84:21:95:54:dd:2a:8a:cf:69:4c:26:
a7:bb:14:c3:c3:f8:ca:95:11:da:0d:82:fd:57:92:55:9a:bd:
ed:1c:7e:f7:13:6c:36:fc:f2:3c:95:78:7c:dc:9d:4b:0a:57:
4a:b2:0d:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVLVw/stzRerYQjDdMdYUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4
YjFlNzEwHhcNMjUxMTA1MTgwMDI3WhcNMjUxMTA2MTgwMDI3WjAzMTEwLwYDVQQD
EygzNDcxY2VjOGNjNDlmYjYzZTk2MTliYzdmZGYxNmFlYjQ1OTYwMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92ZhZSEZg/xQBYi5CKgLR8Hv9M9w
hmHCqjUqxhZdqPMYbNEAwQLlUUXCyjC8f3PnDEvTdDIwvc+BmpeqxccRGdKBOGP5
7hzZ1/wGaW04DN9HIILL1rclUrSDRo8rh4erDebyzoN6EJptuKLN6lMVazq62CGc
ZU+OQ5agYtkUNg/gNM4p0CUUD//AZiMl7G1N3iOjQgcBLxBA024pmC0L/BseCbNE
M82/oHB94wWEUUcAK24vyuYFivDNXT+8Thkq0cu5AI8lSnrx/BFce6A/pf3NLOIu
10TY6QoYSvO5w/myQ4/iy0PoSFBXuuSliDZ8x3itHTW81GHZcYcfM6tRAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRxzsjMSftj6WGbx/3xautFlgKNMB8GA1UdIwQY
MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt
NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0
LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkyV7k4Yj
GEhrvD1JFa/MybrOsQ5CUNMW2HpIDoHc50AvoPHI2Y3EaVohpK9Q2ISbtUkMYJN9
DnX5NtbYRaie0tFpYCJun0X1P7gN4wpZ2387yiH6FC7yNAmgRewKvhiRzDD9yIfB
MkFVxLdgDA7EC8yaJXNVCZa7eqVQn00eyhzoJXb+CLuiG9kRQlfJId06uX2YoUZZ
ybpcZ+dDBoX19bTAU8rDuzh3yS+o8l+/s3uE+jUfTxsXWj+gAs8o6jPAhNh+809k
2DKrN96AHIQhlVTdKorPaUwmp7sUw8P4ypUR2g2C/VeSVZq97Rx+9xNsNvzyPJV4
fNydSwpXSrINVA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:47:01 2025 by rpki-client