Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: cCk+KTNnSx2Lb6xmjFioR25SkF0Q8vv2wMUFKv5YiNY=
Subject key identifier: 7D:4D:27:66:36:6D:56:06:4A:A3:86:42:47:D9:3B:4A:67:2F:29:A6
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 019A4E18BBE3817BB9162DBB8CC362A08CAE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 13A1
Signing time: Tue 04 Nov 2025 09:00:35 +0000
Manifest this update: Tue 04 Nov 2025 09:00:35 +0000
Manifest next update: Wed 05 Nov 2025 09:00:35 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: CZiz/PW55OiQv4E00L8JUM6NPUJRikKouTPvqyvqcRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:bb:e3:81:7b:b9:16:2d:bb:8c:c3:62:a0:8c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Nov 4 09:00:35 2025 GMT
Not After : Nov 5 09:00:35 2025 GMT
Subject: CN=7d4d2766366d56064aa3864247d93b4a672f29a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:b8:17:69:a7:21:43:d8:5d:7d:43:5a:ff:
1f:a6:b5:ca:ac:fb:d7:ca:46:6e:28:11:a6:aa:98:
f5:5f:2d:b9:a4:80:5a:22:61:c5:c5:f5:2e:7e:76:
df:36:87:e7:62:fd:5a:bf:95:aa:69:3e:a3:51:d0:
29:95:71:68:32:21:9d:72:48:b4:e0:67:2d:0a:be:
1d:62:76:5a:02:72:bc:b5:03:f4:e2:e1:ab:80:0d:
44:e4:e3:e0:6a:41:19:be:d4:5b:2a:45:af:31:06:
4c:94:f3:f9:6f:43:14:20:8b:4d:87:23:4e:9e:3e:
80:2c:16:3e:9d:20:d3:1a:3d:c3:8f:a8:69:5b:ea:
8f:5c:51:87:a0:04:ce:27:b3:a2:3a:d1:2f:d3:4b:
60:45:29:56:4c:ad:e9:3e:e7:78:3f:5d:75:4a:4c:
8f:1e:f8:38:e3:b6:c9:df:43:66:58:c3:4f:d6:e5:
75:8e:25:fc:21:78:4f:24:db:90:f9:fa:99:44:a2:
cb:ad:56:cb:01:0f:91:15:2e:79:ec:06:bb:48:0b:
db:a0:b6:9c:26:8c:fb:d6:35:36:a0:8c:38:37:74:
1d:a4:72:c3:d8:c2:da:e1:45:e1:d8:80:db:d0:40:
18:08:4c:39:2b:f3:c2:a4:19:be:4f:c7:05:be:fb:
41:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4D:27:66:36:6D:56:06:4A:A3:86:42:47:D9:3B:4A:67:2F:29:A6
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:66:b6:87:b7:aa:1c:05:27:16:d4:30:b4:7a:1c:84:30:8c:
4b:31:97:ab:bc:6c:e3:3a:87:ab:2c:96:33:18:04:53:e4:27:
ad:8e:8a:f4:ff:4f:4c:1a:26:5e:26:2d:7b:86:bf:ea:9f:a1:
7f:9d:c1:bf:e8:7d:fa:2f:35:8e:8c:23:16:22:af:6a:8b:13:
a0:f1:5d:10:4b:e1:f7:c7:27:e1:b4:1e:78:a4:0b:22:7f:01:
a0:c3:f5:dc:18:4e:80:cb:15:25:30:fe:4e:49:bf:ef:1b:32:
58:b0:84:de:75:fe:e8:b1:b8:a5:d4:35:a0:b9:7f:4c:b6:7a:
45:7a:0a:73:fa:74:4d:3e:d1:cc:3b:ee:f3:d9:43:65:59:36:
ff:da:fa:8e:3f:87:fd:f1:b3:65:06:c5:ab:8f:9e:da:72:03:
6e:e4:95:9c:28:59:0e:93:58:14:43:ad:87:69:47:4a:c2:d5:
8c:2d:41:07:b5:6d:52:4c:fe:08:90:2e:a7:5d:5f:23:8f:e4:
e8:3f:93:43:4a:47:5d:fb:a4:e3:37:a3:c2:39:d8:76:74:45:
77:c1:62:96:a8:05:54:57:75:c6:bc:d6:85:24:f9:c4:c3:77:
0f:95:cc:ff:08:74:4f:16:88:eb:7a:dc:8b:3c:18:5e:a3:67:
ab:e0:e6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGLvjgXu5Fi27jMNioIyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUxMTA0MDkwMDM1WhcNMjUxMTA1MDkwMDM1WjAzMTEwLwYDVQQD
Eyg3ZDRkMjc2NjM2NmQ1NjA2NGFhMzg2NDI0N2Q5M2I0YTY3MmYyOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ+4F2mnIUPYXX1DWv8fprXKrPvX
ykZuKBGmqpj1Xy25pIBaImHFxfUufnbfNofnYv1av5WqaT6jUdAplXFoMiGdcki0
4GctCr4dYnZaAnK8tQP04uGrgA1E5OPgakEZvtRbKkWvMQZMlPP5b0MUIItNhyNO
nj6ALBY+nSDTGj3Dj6hpW+qPXFGHoATOJ7OiOtEv00tgRSlWTK3pPud4P111SkyP
Hvg447bJ30NmWMNP1uV1jiX8IXhPJNuQ+fqZRKLLrVbLAQ+RFS557Aa7SAvboLac
Joz71jU2oIw4N3QdpHLD2MLa4UXh2IDb0EAYCEw5K/PCpBm+T8cFvvtBdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1NJ2Y2bVYGSqOGQkfZO0pnLymmMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT2a2h7eq
HAUnFtQwtHochDCMSzGXq7xs4zqHqyyWMxgEU+QnrY6K9P9PTBomXiYte4a/6p+h
f53Bv+h9+i81jowjFiKvaosToPFdEEvh98cn4bQeeKQLIn8BoMP13BhOgMsVJTD+
Tkm/7xsyWLCE3nX+6LG4pdQ1oLl/TLZ6RXoKc/p0TT7RzDvu89lDZVk2/9r6jj+H
/fGzZQbFq4+e2nIDbuSVnChZDpNYFEOth2lHSsLVjC1BB7VtUkz+CJAup11fI4/k
6D+TQ0pHXfuk4zejwjnYdnRFd8FilqgFVFd1xrzWhST5xMN3D5XM/wh0TxaI63rc
izwYXqNnq+Dm3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:52:31 2025 by rpki-client