Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json)
Hash identifier: byhhpv7w1/CAJXcj+jblf6JYa8e+bvgMghrVHxP3oA8=
Subject key identifier: AF:3A:94:F1:E4:47:38:36:40:16:1C:14:6C:23:3C:9D:29:4A:A2:FD
Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Certificate serial: 019A4D06E091433D1C56ECAA92C62587FB0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
Manifest number: 084C
Signing time: Tue 04 Nov 2025 04:01:27 +0000
Manifest this update: Tue 04 Nov 2025 04:01:27 +0000
Manifest next update: Wed 05 Nov 2025 04:01:27 +0000
Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: fZqefkSndUB8fAB2OvQgB5SJequU2owB6srUosYNKaw=)
2: szxe0DPYsGTMI_tgKM1yaWgLDtI.roa (hash: fjZgmmGMINi/iYDucRgC4NEVBx45QTUkAnBaw6M5XK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:06:e0:91:43:3d:1c:56:ec:aa:92:c6:25:87:fb:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Validity
Not Before: Nov 4 04:01:27 2025 GMT
Not After : Nov 5 04:01:27 2025 GMT
Subject: CN=af3a94f1e447383640161c146c233c9d294aa2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:aa:4b:63:be:06:33:0d:ed:0a:15:bb:3f:
9f:fd:45:ee:6b:cc:a3:56:97:2e:26:7d:a2:9b:74:
1f:82:05:81:7f:62:c2:95:0b:15:17:11:32:2f:fa:
8d:fe:4c:4b:28:12:b5:a3:0b:23:8a:3b:43:85:3e:
51:b9:1f:8a:56:0a:61:f0:64:4b:f0:71:0d:21:b1:
27:21:21:81:2c:8d:73:72:da:dd:11:a5:d0:60:f0:
fc:ff:51:43:b8:65:d5:8a:ff:fb:3f:58:e4:d2:40:
0a:ac:6c:b4:23:ac:70:2d:02:3f:7b:ad:54:b6:33:
35:01:fd:69:d7:80:bb:8d:51:57:9e:ec:d7:68:e1:
15:96:b0:ab:68:1c:9e:19:86:9b:90:e2:58:f2:5a:
b8:b1:f5:fc:97:bf:ef:59:2a:11:a0:a7:76:37:16:
ea:b1:0f:df:9a:cd:d3:0f:d1:04:64:7f:52:6f:9f:
b0:5c:94:ac:1e:1b:fe:f9:f4:05:5a:f7:88:46:ce:
b4:10:c0:cb:ef:bc:fe:d2:15:67:f6:83:6b:17:aa:
01:95:fa:45:a7:8b:81:f4:5d:35:56:94:16:50:9d:
ee:b3:cb:d3:65:a4:e4:97:7b:b8:bd:55:44:91:19:
43:c2:35:fb:f7:1b:dd:cf:79:88:3e:75:9e:da:cc:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:94:F1:E4:47:38:36:40:16:1C:14:6C:23:3C:9D:29:4A:A2:FD
X509v3 Authority Key Identifier:
keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:c9:ed:3a:f7:06:a5:ad:93:9f:ee:f6:54:86:9c:6b:33:d4:
ca:03:37:ef:d7:b0:e5:e6:3c:46:98:92:6a:68:9f:75:12:dc:
11:c7:0f:8d:02:ea:8d:d3:1b:ef:e4:c4:84:8f:14:95:89:53:
b8:24:af:98:7a:89:90:f4:0e:1c:c5:0f:42:12:22:ec:13:cf:
5b:bd:6b:20:fb:ef:a6:a1:52:b0:4d:82:ce:57:64:58:e3:85:
67:90:f3:5a:4b:3a:d0:ef:2e:fa:66:a6:b7:ce:02:0b:1c:30:
0f:2d:d1:a1:27:bb:74:90:7f:bd:5c:1f:4c:a6:c5:ac:08:a4:
84:1d:34:44:cd:0d:d4:94:f4:a8:6f:94:8b:ae:9a:95:d5:fc:
83:f0:02:81:8b:4f:bc:26:98:d6:dc:fe:25:62:4a:a5:50:93:
bf:d9:00:f4:a7:2b:53:a6:92:47:2b:ca:5f:0a:db:87:5b:e7:
1c:9c:cb:1b:09:bc:63:12:1c:8b:14:73:ba:d1:a8:36:63:1e:
35:d7:46:83:2c:40:26:51:85:b8:8d:26:0f:3a:05:bc:84:0b:
8d:48:49:a4:f5:c7:b0:dd:83:97:9e:df:92:53:9c:ff:66:c0:
b3:ac:10:72:38:0e:9d:2a:f6:8b:07:5c:4f:3f:be:fc:ee:c7:
8e:9c:79:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBuCRQz0cVuyqksYlh/sMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw
MmYyZDYwHhcNMjUxMTA0MDQwMTI3WhcNMjUxMTA1MDQwMTI3WjAzMTEwLwYDVQQD
EyhhZjNhOTRmMWU0NDczODM2NDAxNjFjMTQ2YzIzM2M5ZDI5NGFhMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHOqS2O+BjMN7QoVuz+f/UXua8yj
VpcuJn2im3QfggWBf2LClQsVFxEyL/qN/kxLKBK1owsjijtDhT5RuR+KVgph8GRL
8HENIbEnISGBLI1zctrdEaXQYPD8/1FDuGXViv/7P1jk0kAKrGy0I6xwLQI/e61U
tjM1Af1p14C7jVFXnuzXaOEVlrCraByeGYabkOJY8lq4sfX8l7/vWSoRoKd2Nxbq
sQ/fms3TD9EEZH9Sb5+wXJSsHhv++fQFWveIRs60EMDL77z+0hVn9oNrF6oBlfpF
p4uB9F01VpQWUJ3us8vTZaTkl3u4vVVEkRlDwjX79xvdz3mIPnWe2sxO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK86lPHkRzg2QBYcFGwjPJ0pSqL9MB8GA1UdIwQY
MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt
ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl
LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcntOvcG
pa2Tn+72VIacazPUygM379ew5eY8RpiSamifdRLcEccPjQLqjdMb7+TEhI8UlYlT
uCSvmHqJkPQOHMUPQhIi7BPPW71rIPvvpqFSsE2CzldkWOOFZ5DzWks60O8u+mam
t84CCxwwDy3RoSe7dJB/vVwfTKbFrAikhB00RM0N1JT0qG+Ui66aldX8g/ACgYtP
vCaY1tz+JWJKpVCTv9kA9KcrU6aSRyvKXwrbh1vnHJzLGwm8YxIcixRzutGoNmMe
NddGgyxAJlGFuI0mDzoFvIQLjUhJpPXHsN2Dl57fklOc/2bAs6wQcjgOnSr2iwdc
Tz++/O7Hjpx5NQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:45:52 2025 by rpki-client