Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
File: aOi66pXUBANI8KiexOS9FSdfbDk.mft (raw, json)
Hash identifier: kvlgUk2rRDKJd92sHc7zuZ7dzCOyndJmznSzPCxLj9E=
Subject key identifier: B9:62:F5:C7:1A:DB:80:29:4C:3F:C4:93:DC:88:D3:96:B7:41:F7:F6
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 019A4E4F5E3C51CAF9F2F63911E3FFC41BB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 10:00:15 +0000
Manifest this update: Tue 04 Nov 2025 10:00:15 +0000
Manifest next update: Wed 05 Nov 2025 10:00:15 +0000
Files and hashes: 1: G3jkppDUZ7UShIbg3wj67wwITjQ.roa (hash: IM9aMDCOjn2pDhh5r2plZvteAbzhdwZ0L/lTf4RJayk=)
2: Tz1CIM1JoghruWTN6nGpazj8zTs.roa (hash: VV/wpFoAA0PEYjeaECSEYgoe19Q1uDYWZTbwDnhLY+0=)
3: aOi66pXUBANI8KiexOS9FSdfbDk.crl (hash: ae4zuFFj+7S9Ip01mMRKIidhGodWM4GkbfkcoCkyRi0=)
4: qOyspdHf0vEJQuyvIz0XkgRHk_0.roa (hash: yR7LTFxNYmFcq/nxWYOH7mZupl2rRRW8SrPwUWcJB0k=)
5: uiGdfZv36ngdlEPtH0Dctu5_0kI.roa (hash: kwlBzu/ziaLKG7neS7FV84L3FCZ7YdUCR1fgHvPBMoI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:5e:3c:51:ca:f9:f2:f6:39:11:e3:ff:c4:1b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Nov 4 10:00:15 2025 GMT
Not After : Nov 5 10:00:15 2025 GMT
Subject: CN=b962f5c71adb80294c3fc493dc88d396b741f7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:84:3c:69:20:d1:f1:61:64:3e:a3:e8:30:76:
b5:c2:f2:0a:fb:a0:54:f8:09:cf:23:38:ef:3d:62:
c1:a4:d5:8e:9c:97:60:11:36:cc:b9:6e:98:ee:57:
0a:b8:1c:5a:af:a0:77:4a:a0:ab:7f:6a:97:42:17:
f5:49:cd:01:42:88:0b:26:1b:49:97:58:16:e1:3f:
97:3e:71:2f:29:66:59:38:ab:38:96:03:4d:a2:b2:
bb:de:da:2f:7d:9b:b2:02:7d:0e:79:4c:37:ea:81:
02:a9:d4:7b:51:21:8b:ae:17:17:0b:39:67:95:fc:
80:6f:b9:fa:fa:c1:ab:69:12:9a:df:b7:18:36:77:
e4:50:46:a4:a9:c5:30:64:7f:f8:0d:51:81:3b:f7:
86:67:43:75:dc:18:4c:67:e9:cc:da:b3:0a:bd:c4:
fe:e9:e3:af:ce:44:a9:77:4e:d7:23:4f:b2:68:04:
94:69:58:53:9e:1e:ae:27:d5:c3:8a:46:99:e8:0a:
68:98:f7:c6:f5:71:ce:0c:c0:cc:65:ee:d9:39:42:
b4:e5:9c:03:10:d6:cb:54:2f:1b:9a:b5:56:91:aa:
88:a0:6c:93:3a:1e:d8:1b:41:64:33:0b:a4:23:54:
cd:c9:d9:7d:87:b7:0e:7e:3b:4b:94:19:5e:b7:99:
5d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:62:F5:C7:1A:DB:80:29:4C:3F:C4:93:DC:88:D3:96:B7:41:F7:F6
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:c6:a0:14:13:fc:3a:ce:fa:bb:b0:b0:f8:a9:52:e4:63:c3:
ba:ed:e9:2c:66:83:2d:69:0e:e0:aa:66:00:91:91:37:40:ac:
a1:7b:60:74:9e:f2:f2:1f:5b:51:be:ca:0a:f9:a4:4a:37:31:
cb:58:c8:7d:93:d4:a0:7b:1a:be:27:b9:5e:9f:fe:3f:6f:24:
af:ad:e1:ab:d3:20:fe:64:f7:f6:80:25:8e:3e:d2:67:d1:98:
c1:50:eb:fe:04:c9:8b:0b:23:db:53:59:4b:d2:e6:b3:cc:36:
45:f8:dd:34:38:c4:8c:c4:46:96:bd:96:66:03:5d:7f:7d:1b:
64:e3:c2:89:b5:9f:0d:87:d2:3b:26:6c:e2:ea:68:ba:19:0e:
61:01:e3:b8:f3:6b:2d:a2:50:7b:54:19:d5:fa:ca:a7:2c:7a:
87:d6:27:27:77:9e:8e:90:23:43:84:30:5b:25:af:28:69:13:
8b:17:58:26:67:fc:15:ee:60:66:4d:63:48:97:dc:08:33:76:
38:b9:73:2b:59:de:48:44:fa:52:13:d2:16:20:03:56:55:d6:
45:22:17:64:ec:74:70:35:dc:e3:95:ed:f1:3c:37:51:56:69:
d5:cc:11:a9:89:b4:d8:b1:ba:76:ef:4b:8d:2f:45:3f:b8:f9:
78:0d:a9:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT148Ucr58vY5EeP/xBu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjUxMTA0MTAwMDE1WhcNMjUxMTA1MTAwMDE1WjAzMTEwLwYDVQQD
EyhiOTYyZjVjNzFhZGI4MDI5NGMzZmM0OTNkYzg4ZDM5NmI3NDFmN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroQ8aSDR8WFkPqPoMHa1wvIK+6BU
+AnPIzjvPWLBpNWOnJdgETbMuW6Y7lcKuBxar6B3SqCrf2qXQhf1Sc0BQogLJhtJ
l1gW4T+XPnEvKWZZOKs4lgNNorK73tovfZuyAn0OeUw36oECqdR7USGLrhcXCzln
lfyAb7n6+sGraRKa37cYNnfkUEakqcUwZH/4DVGBO/eGZ0N13BhMZ+nM2rMKvcT+
6eOvzkSpd07XI0+yaASUaVhTnh6uJ9XDikaZ6ApomPfG9XHODMDMZe7ZOUK05ZwD
ENbLVC8bmrVWkaqIoGyTOh7YG0FkMwukI1TNydl9h7cOfjtLlBlet5ldhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLli9cca24ApTD/Ek9yI05a3Qff2MB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAscagFBP8
Os76u7Cw+KlS5GPDuu3pLGaDLWkO4KpmAJGRN0CsoXtgdJ7y8h9bUb7KCvmkSjcx
y1jIfZPUoHsavie5Xp/+P28kr63hq9Mg/mT39oAljj7SZ9GYwVDr/gTJiwsj21NZ
S9Lms8w2RfjdNDjEjMRGlr2WZgNdf30bZOPCibWfDYfSOyZs4upouhkOYQHjuPNr
LaJQe1QZ1frKpyx6h9YnJ3eejpAjQ4QwWyWvKGkTixdYJmf8Fe5gZk1jSJfcCDN2
OLlzK1neSET6UhPSFiADVlXWRSIXZOx0cDXc45Xt8Tw3UVZp1cwRqYm02LG6du9L
jS9FP7j5eA2pvg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:06:24 2025 by rpki-client