Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
File: aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft (raw, json)
Hash identifier: rlk9PRgPMNDT1ajnQTckH/U/N0ltx5gNa9fXjOV+cdA=
Subject key identifier: BF:DF:94:C4:42:0D:38:64:FF:91:DE:30:D3:0E:7E:2E:2A:4B:4C:47
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 019A4E867CDB910FB1F370B4ED35A8434BE8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
Manifest number: 074A
Signing time: Tue 04 Nov 2025 11:00:27 +0000
Manifest this update: Tue 04 Nov 2025 11:00:27 +0000
Manifest next update: Wed 05 Nov 2025 11:00:27 +0000
Files and hashes: 1: aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl (hash: aQxa25qvndbi2TO6mQ0Fzhdb4PqchYgps6lhInetFmE=)
2: hnTM8e9DDp88O_jCAHz8InVW_vE.roa (hash: 8skhoEZiI2jfYQ4DDQgvqEaBRoMspiQzmuxF61YcMEA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:7c:db:91:0f:b1:f3:70:b4:ed:35:a8:43:4b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Nov 4 11:00:27 2025 GMT
Not After : Nov 5 11:00:27 2025 GMT
Subject: CN=bfdf94c4420d3864ff91de30d30e7e2e2a4b4c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:55:44:56:69:c5:84:ee:e7:d0:f2:c9:85:
f4:e8:9c:fc:fd:fb:e1:80:03:e8:05:54:22:ed:d5:
35:12:c0:e7:57:c7:92:00:70:8a:7e:42:f2:cc:94:
0c:93:27:06:8c:7e:40:5a:c5:6e:dc:79:03:c5:75:
81:e6:0e:5c:fc:d5:a2:ae:10:06:ba:45:7e:d0:b0:
f1:fc:e8:3f:b6:f1:65:d3:8a:86:7d:d9:88:d1:b7:
9b:0c:c3:2e:9c:57:d7:45:cc:3c:7a:c5:3a:4d:49:
b0:9b:ee:62:85:76:c3:18:d6:35:60:b2:89:c7:17:
09:81:87:32:09:bf:7f:11:d1:1b:3e:b0:b0:ee:d2:
da:b9:f7:d4:ed:86:d3:ab:39:86:f1:37:6b:1e:b9:
29:65:1b:b3:42:2e:81:93:9d:32:a4:3c:e9:47:56:
38:d8:bc:b2:96:c6:1e:de:c9:85:6a:c3:32:9b:3a:
c1:44:8a:c8:9e:ea:29:6f:78:bf:80:0d:21:9e:d9:
48:b7:79:ae:55:bb:b5:ca:c7:a5:c8:de:28:9c:f9:
54:ed:73:9e:6a:84:5a:48:d9:21:53:56:50:16:38:
79:a7:8c:1d:57:94:d7:dc:26:ea:09:90:4b:f9:85:
8c:a7:d7:7b:2a:95:42:0f:34:6a:f6:e8:08:40:cf:
fb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DF:94:C4:42:0D:38:64:FF:91:DE:30:D3:0E:7E:2E:2A:4B:4C:47
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:6b:08:4e:91:df:31:3e:1b:8b:5f:99:92:a5:30:39:a0:c6:
8c:20:24:ee:25:bf:60:04:4d:47:f4:0e:c3:76:21:26:c1:a1:
05:67:f8:d7:76:62:1d:f2:09:e3:30:11:7e:67:3b:0a:35:c5:
09:cc:0e:c0:0b:2b:56:66:97:5a:cb:f3:d3:1e:a6:d4:a1:99:
cd:d3:10:4b:cf:dc:a9:3d:49:2d:8c:c0:a4:06:65:6e:7c:11:
f0:a6:3e:63:0e:63:5a:92:b3:c1:63:a6:2b:b1:a4:a0:82:80:
e0:bd:01:80:10:27:b5:b2:3e:32:45:be:6b:ab:e9:e8:32:73:
f3:1e:4e:d8:dd:c3:6c:4f:6b:53:29:bd:ee:4f:75:34:70:70:
03:c4:04:85:8e:77:d8:2a:29:49:55:c2:f5:9f:29:1c:45:ad:
39:40:3d:d6:1f:b1:c3:c4:98:9c:5a:9f:9e:3a:a8:f5:a4:e8:
69:18:fd:e9:cb:81:94:4e:de:85:3c:12:9f:9d:71:9d:88:8a:
94:ef:a4:46:4a:86:ba:e9:e3:b8:45:26:d8:53:28:18:1a:2d:
e2:6c:ca:4e:88:d0:52:08:e8:b0:00:5b:4e:38:76:8a:78:f3:
2d:35:fd:b1:f3:b8:ca:41:50:cf:3f:8e:d3:f0:07:13:34:13:
97:ac:3b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhnzbkQ+x83C07TWoQ0voMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjUxMTA0MTEwMDI3WhcNMjUxMTA1MTEwMDI3WjAzMTEwLwYDVQQD
EyhiZmRmOTRjNDQyMGQzODY0ZmY5MWRlMzBkMzBlN2UyZTJhNGI0YzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnINVRFZpxYTu59DyyYX06Jz8/fvh
gAPoBVQi7dU1EsDnV8eSAHCKfkLyzJQMkycGjH5AWsVu3HkDxXWB5g5c/NWirhAG
ukV+0LDx/Og/tvFl04qGfdmI0bebDMMunFfXRcw8esU6TUmwm+5ihXbDGNY1YLKJ
xxcJgYcyCb9/EdEbPrCw7tLauffU7YbTqzmG8TdrHrkpZRuzQi6Bk50ypDzpR1Y4
2LyylsYe3smFasMymzrBRIrInuopb3i/gA0hntlIt3muVbu1yselyN4onPlU7XOe
aoRaSNkhU1ZQFjh5p4wdV5TX3CbqCZBL+YWMp9d7KpVCDzRq9ugIQM/7fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/flMRCDThk/5HeMNMOfi4qS0xHMB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUWsITpHf
MT4bi1+ZkqUwOaDGjCAk7iW/YARNR/QOw3YhJsGhBWf413ZiHfIJ4zARfmc7CjXF
CcwOwAsrVmaXWsvz0x6m1KGZzdMQS8/cqT1JLYzApAZlbnwR8KY+Yw5jWpKzwWOm
K7GkoIKA4L0BgBAntbI+MkW+a6vp6DJz8x5O2N3DbE9rUym97k91NHBwA8QEhY53
2CopSVXC9Z8pHEWtOUA91h+xw8SYnFqfnjqo9aToaRj96cuBlE7ehTwSn51xnYiK
lO+kRkqGuunjuEUm2FMoGBot4mzKTojQUgjosABbTjh2injzLTX9sfO4ykFQzz+O
0/AHEzQTl6w7DQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:46:43 2025 by rpki-client