Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json)
Hash identifier: lGGRqaZawmX3+b/9IMIFCc+wsTEiE4/LR1y/GbS7Iz0=
Subject key identifier: EB:E9:26:AC:24:1A:41:C6:56:C2:78:BA:36:BB:7D:AF:68:61:2F:DB
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019A51F5C40F719C35D08A774564BAE90064
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
Manifest number: 1429
Signing time: Wed 05 Nov 2025 03:00:52 +0000
Manifest this update: Wed 05 Nov 2025 03:00:52 +0000
Manifest next update: Thu 06 Nov 2025 03:00:52 +0000
Files and hashes: 1: CcO4X5owbp8OTsQUAi4Se0U0bGo.roa (hash: Rjhil4a1bZ7IivISF1+emC+myyX4/SSXPPEDg9r6bJ4=)
2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: qG6LuP08kV/YWAutv/1UnXMp6RO/cQGYdRndZ3u9we8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:c4:0f:71:9c:35:d0:8a:77:45:64:ba:e9:00:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Nov 5 03:00:52 2025 GMT
Not After : Nov 6 03:00:52 2025 GMT
Subject: CN=ebe926ac241a41c656c278ba36bb7daf68612fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d1:f5:bd:7d:01:c8:04:8d:15:00:1c:a7:09:
b6:8e:2c:72:80:77:fc:e7:e4:91:1c:d9:ec:b3:ef:
8a:bd:0b:05:7f:8e:ad:cf:45:26:79:2b:d8:b5:bd:
c1:f9:dd:74:ac:52:58:30:cc:cb:0c:54:a4:03:e0:
10:3e:61:9a:a8:5b:87:bd:08:09:33:d8:6e:f0:28:
d9:47:00:8c:98:fb:81:53:77:b9:d9:b8:25:d8:50:
ec:dd:93:c8:f6:1a:f0:cf:89:48:43:e2:70:45:f9:
69:44:0b:d4:a2:f2:01:f9:1c:39:0e:85:c9:8f:f4:
40:04:5d:ef:25:47:a7:d6:cc:f5:11:15:ba:be:57:
c1:cc:ec:a2:11:70:3a:4b:25:5d:a1:96:a0:3c:7e:
94:d9:9f:92:43:cb:bb:04:8c:cb:9d:a2:59:90:64:
98:f7:cb:1b:9f:69:48:ba:9d:33:c4:8f:4b:7d:60:
4d:e3:62:8a:16:5a:15:1b:54:0f:94:44:09:10:2b:
b4:1b:3a:46:3b:c3:aa:e6:fa:ff:61:86:9e:c8:19:
23:9b:1e:8e:45:1d:55:34:c0:e9:9f:72:10:16:77:
55:b0:3e:9a:35:72:40:3a:56:ab:cc:50:47:1c:08:
8e:84:68:26:03:ea:5e:e3:8f:8e:d8:44:53:2d:7e:
d9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E9:26:AC:24:1A:41:C6:56:C2:78:BA:36:BB:7D:AF:68:61:2F:DB
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:d5:8a:14:66:a9:53:25:c3:3f:a8:4c:57:82:e0:5b:29:7e:
eb:fe:d0:62:1c:3f:84:82:03:eb:de:7b:1e:23:de:42:92:b9:
ea:83:94:99:d6:18:46:da:92:dc:f3:21:3b:29:c9:23:71:d9:
7f:b6:86:20:b4:d4:21:d7:48:0c:23:81:7c:b6:d4:d4:d3:db:
df:cc:88:61:6d:6c:c4:60:76:37:c8:19:7f:16:ba:87:17:e9:
20:19:20:da:0d:8c:6d:71:a8:a3:dd:32:9b:65:e7:3b:3d:8b:
06:14:1d:59:1b:99:b9:20:0b:d9:ac:c7:f0:9f:30:19:87:93:
f9:5d:fb:8f:30:51:16:67:5f:0d:4b:9d:af:73:f7:88:4e:3f:
ac:24:96:8d:92:d3:db:0a:a7:3d:23:b4:98:8b:00:0d:a0:70:
94:57:e0:60:5f:41:7f:0d:e7:88:02:51:29:18:a3:c1:de:34:
dc:41:5c:e0:cb:48:ca:4b:45:e8:ed:33:36:95:8f:84:ab:89:
57:88:86:1e:d8:18:19:87:f4:81:64:d9:0a:35:5e:e1:f5:df:
f6:f4:3e:06:4d:e6:a6:ef:a0:94:15:f0:75:5b:7b:b1:a1:74:
08:ff:98:0a:df:0b:ad:0d:a7:41:55:ff:95:89:15:7c:bf:65:
b5:27:05:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9cQPcZw10Ip3RWS66QBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjUxMTA1MDMwMDUyWhcNMjUxMTA2MDMwMDUyWjAzMTEwLwYDVQQD
EyhlYmU5MjZhYzI0MWE0MWM2NTZjMjc4YmEzNmJiN2RhZjY4NjEyZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9H1vX0ByASNFQAcpwm2jixygHf8
5+SRHNnss++KvQsFf46tz0UmeSvYtb3B+d10rFJYMMzLDFSkA+AQPmGaqFuHvQgJ
M9hu8CjZRwCMmPuBU3e52bgl2FDs3ZPI9hrwz4lIQ+JwRflpRAvUovIB+Rw5DoXJ
j/RABF3vJUen1sz1ERW6vlfBzOyiEXA6SyVdoZagPH6U2Z+SQ8u7BIzLnaJZkGSY
98sbn2lIup0zxI9LfWBN42KKFloVG1QPlEQJECu0GzpGO8Oq5vr/YYaeyBkjmx6O
RR1VNMDpn3IQFndVsD6aNXJAOlarzFBHHAiOhGgmA+pe44+O2ERTLX7ZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvpJqwkGkHGVsJ4uja7fa9oYS/bMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUNWKFGap
UyXDP6hMV4LgWyl+6/7QYhw/hIID6957HiPeQpK56oOUmdYYRtqS3PMhOynJI3HZ
f7aGILTUIddIDCOBfLbU1NPb38yIYW1sxGB2N8gZfxa6hxfpIBkg2g2MbXGoo90y
m2XnOz2LBhQdWRuZuSAL2azH8J8wGYeT+V37jzBRFmdfDUudr3P3iE4/rCSWjZLT
2wqnPSO0mIsADaBwlFfgYF9Bfw3niAJRKRijwd403EFc4MtIyktF6O0zNpWPhKuJ
V4iGHtgYGYf0gWTZCjVe4fXf9vQ+Bk3mpu+glBXwdVt7saF0CP+YCt8LrQ2nQVX/
lYkVfL9ltScFvQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:14:49 2025 by rpki-client