Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
File: aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft (raw, json)
Hash identifier: 3zeHK6GpxF1B/0RF6cQWGMydweA494FjbAIPYr8M3HI=
Subject key identifier: BB:5E:3C:66:50:BD:3B:34:0F:3C:AD:3D:FF:A5:76:EE:46:D7:8A:AB
Authority key identifier: 69:0A:E1:75:FB:E6:3B:0E:93:04:69:09:7C:94:92:D4:2E:D7:92:49
Certificate issuer: /CN=690ae175fbe63b0e930469097c9492d42ed79249
Certificate serial: 019A5308618F5ADDC6E6F82F2C812EFD8474
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
Manifest number: F7
Signing time: Wed 05 Nov 2025 08:00:49 +0000
Manifest this update: Wed 05 Nov 2025 08:00:49 +0000
Manifest next update: Thu 06 Nov 2025 08:00:49 +0000
Files and hashes: 1: Ft7Frn9ocyQeuHjXMeEeGoh_tdk.roa (hash: +hbGdiT9EB+gQ7hEwq4X6SV+6RnEdb4t2Cal6rg6Zcw=)
2: aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl (hash: RLt6P+m/hXv5Blxvp3FPNo0L8+l0ceM/9H2pzFyJTqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:08:61:8f:5a:dd:c6:e6:f8:2f:2c:81:2e:fd:84:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=690ae175fbe63b0e930469097c9492d42ed79249
Validity
Not Before: Nov 5 08:00:49 2025 GMT
Not After : Nov 6 08:00:49 2025 GMT
Subject: CN=bb5e3c6650bd3b340f3cad3dffa576ee46d78aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:ac:8d:fe:db:52:95:6a:f1:3a:cb:ec:92:
13:d4:05:df:3e:be:cd:7c:1c:88:24:2e:c9:5a:41:
b6:b5:4c:d3:44:ac:db:bc:d9:fc:02:0c:80:3e:c8:
c2:c9:32:96:8c:61:0f:fe:94:f6:48:b6:df:a5:6f:
07:b3:75:50:70:f7:81:d4:07:35:de:87:a3:88:ee:
b9:e9:a3:7e:2a:83:b6:9f:9b:d8:ba:ee:78:28:64:
1b:d7:0e:7f:cd:03:3f:3f:e8:5f:12:85:a2:a6:1b:
a6:e5:67:2b:22:f1:a7:99:f1:74:20:a0:05:17:6f:
14:58:6d:2f:41:fd:e4:d6:50:22:c2:36:53:a6:3d:
42:9b:84:eb:50:9f:97:40:6b:3e:74:e4:39:e6:4f:
07:2b:a4:db:32:cb:d3:e9:5d:73:e2:2b:53:a3:44:
35:90:61:88:45:d0:e2:b8:5b:66:55:b3:4d:1c:a2:
6a:2b:73:34:ec:7a:a0:97:81:07:2b:69:83:b9:1e:
86:83:89:10:bf:29:f3:bf:ed:6b:47:9a:9d:60:c4:
19:94:1b:37:17:7e:5e:95:33:c5:a5:ed:ec:1f:80:
9f:f8:a2:29:5e:5b:03:20:66:60:7e:19:a1:df:1a:
91:0a:e8:85:42:1b:80:4b:59:2e:8a:3e:e2:1a:e9:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5E:3C:66:50:BD:3B:34:0F:3C:AD:3D:FF:A5:76:EE:46:D7:8A:AB
X509v3 Authority Key Identifier:
keyid:69:0A:E1:75:FB:E6:3B:0E:93:04:69:09:7C:94:92:D4:2E:D7:92:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:f1:f3:95:13:45:06:24:6e:3d:34:c3:f2:50:8c:3c:35:81:
f8:18:19:a8:95:61:19:13:4c:c3:a2:6c:15:20:f4:50:06:73:
d1:4a:01:b9:2f:ec:32:fb:4f:6f:6a:bb:17:fe:1f:01:25:13:
11:ef:86:c5:56:b0:cf:4a:52:ec:b3:f2:7c:58:c8:d1:75:78:
34:c4:90:0e:a4:42:d7:29:75:09:87:da:1a:ba:25:06:71:ed:
b2:01:10:e7:6d:4b:96:24:34:ff:60:64:ea:f6:a7:2d:fe:ae:
a6:35:3f:d7:2c:b3:21:fc:81:00:18:9b:67:d5:25:3b:a2:87:
82:92:9f:25:f7:f4:c3:d8:1a:95:23:a8:41:ec:7c:1b:6b:44:
91:fb:05:c8:eb:53:94:50:3f:43:06:2c:31:a1:4d:95:19:14:
8d:0e:b5:22:5b:2b:09:8e:2b:6b:e8:b8:00:b0:a1:3f:f8:dd:
1d:55:c1:a0:b3:63:6f:93:49:77:3a:d7:10:15:4b:2f:ae:c2:
27:08:e9:d7:71:85:91:a0:a3:a1:46:09:4d:5c:69:e2:21:81:
ab:d4:c4:4b:20:5a:37:7d:2e:51:83:dd:79:f3:65:81:6c:f6:
ea:26:20:23:c9:ee:df:10:b5:44:e5:23:6f:85:79:01:1d:2c:
e8:cd:fb:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTCGGPWt3G5vgvLIEu/YR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MGFlMTc1ZmJlNjNiMGU5MzA0NjkwOTdjOTQ5MmQ0MmVk
NzkyNDkwHhcNMjUxMTA1MDgwMDQ5WhcNMjUxMTA2MDgwMDQ5WjAzMTEwLwYDVQQD
EyhiYjVlM2M2NjUwYmQzYjM0MGYzY2FkM2RmZmE1NzZlZTQ2ZDc4YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAKsjf7bUpVq8TrL7JIT1AXfPr7N
fByIJC7JWkG2tUzTRKzbvNn8AgyAPsjCyTKWjGEP/pT2SLbfpW8Hs3VQcPeB1Ac1
3oejiO656aN+KoO2n5vYuu54KGQb1w5/zQM/P+hfEoWiphum5WcrIvGnmfF0IKAF
F28UWG0vQf3k1lAiwjZTpj1Cm4TrUJ+XQGs+dOQ55k8HK6TbMsvT6V1z4itTo0Q1
kGGIRdDiuFtmVbNNHKJqK3M07Hqgl4EHK2mDuR6Gg4kQvynzv+1rR5qdYMQZlBs3
F35elTPFpe3sH4Cf+KIpXlsDIGZgfhmh3xqRCuiFQhuAS1kuij7iGukuYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtePGZQvTs0DzytPf+ldu5G14qrMB8GA1UdIwQY
MBaAFGkK4XX75jsOkwRpCXyUktQu15JJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iODg0YzAtNGQwNS00NDAxLTk4NTgt
OGEwODZlYTk0YmU1LzEvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iODg0YzAtNGQwNS00NDAxLTk4NTgtOGEwODZlYTk0YmU1
LzEvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwPHzlRNF
BiRuPTTD8lCMPDWB+BgZqJVhGRNMw6JsFSD0UAZz0UoBuS/sMvtPb2q7F/4fASUT
Ee+GxVawz0pS7LPyfFjI0XV4NMSQDqRC1yl1CYfaGrolBnHtsgEQ521LliQ0/2Bk
6vanLf6upjU/1yyzIfyBABibZ9UlO6KHgpKfJff0w9galSOoQex8G2tEkfsFyOtT
lFA/QwYsMaFNlRkUjQ61IlsrCY4ra+i4ALChP/jdHVXBoLNjb5NJdzrXEBVLL67C
Jwjp13GFkaCjoUYJTVxp4iGBq9TESyBaN30uUYPdefNlgWz26iYgI8nu3xC1ROUj
b4V5AR0s6M37GA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:06:09 2025 by rpki-client