Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
File: o52_aHirAKRS-LB_iQ06s0g3Yns.mft (raw, json)
Hash identifier: xD3qJl5dDnmpbSW6CuU8NTr7XvkOm02DQhekVwc4Svs=
Subject key identifier: 2A:99:92:4C:F0:3F:F0:2B:B2:A7:0D:33:67:E3:61:C0:88:A2:11:0C
Authority key identifier: A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B
Certificate issuer: /CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
Certificate serial: 019A4D0735F7DE718FFEF37B73866A4F5BB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
Manifest number: 05CF
Signing time: Tue 04 Nov 2025 04:01:49 +0000
Manifest this update: Tue 04 Nov 2025 04:01:49 +0000
Manifest next update: Wed 05 Nov 2025 04:01:49 +0000
Files and hashes: 1: ExGaGMHRMHV6Wwq7HUUBGaTmIOs.roa (hash: GrRPycpKBiqBeJAl7ze1jROyMQik0DJu7nFgEpAVFB8=)
2: o52_aHirAKRS-LB_iQ06s0g3Yns.crl (hash: vPApSqnl/g2ulnsITVOzTnpANZYXZ5u6y3o1HNMj6KA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:07:35:f7:de:71:8f:fe:f3:7b:73:86:6a:4f:5b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
Validity
Not Before: Nov 4 04:01:49 2025 GMT
Not After : Nov 5 04:01:49 2025 GMT
Subject: CN=2a99924cf03ff02bb2a70d3367e361c088a2110c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2e:15:ab:14:22:1a:ad:66:11:74:7b:89:be:
39:d5:de:ae:cb:26:3f:bf:58:3c:5c:6b:22:e1:02:
22:b3:bd:26:d2:14:67:d6:a7:cf:ad:25:70:ca:dd:
d1:3a:dd:70:2c:0e:1c:5b:2a:7b:21:7f:bb:68:0c:
39:a8:fa:43:c1:8e:5f:2e:4d:4a:b9:d3:54:37:34:
fa:72:16:5f:47:3c:19:d9:43:f5:8e:38:7d:fb:75:
2b:db:6d:3c:4e:46:a7:49:9b:19:6f:2a:dc:6b:fd:
34:98:de:1a:55:33:7c:ea:87:55:4a:bf:2a:b1:9c:
7a:1a:30:6d:39:0d:95:df:7b:8a:6f:0c:e0:4f:27:
9c:7b:2b:9b:3f:45:13:99:42:3d:75:38:c2:67:ac:
1a:85:2a:b6:a0:3b:16:02:f0:d3:70:94:80:21:09:
8b:76:71:9e:ac:c9:6a:d2:7c:45:5c:43:d0:84:9a:
ba:a2:e8:91:9d:be:00:98:6f:e7:85:28:e2:b4:da:
f1:5c:9e:c1:a1:92:9b:ea:d9:86:86:b2:ab:b1:b4:
a7:58:ab:0e:4a:b7:f5:9c:cd:1b:bd:f6:a8:8c:c3:
fc:ab:2d:ce:25:e4:4c:2c:50:94:bf:cb:c6:66:d7:
9f:23:a8:13:45:76:ca:73:cd:86:90:4d:57:d2:c7:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:99:92:4C:F0:3F:F0:2B:B2:A7:0D:33:67:E3:61:C0:88:A2:11:0C
X509v3 Authority Key Identifier:
keyid:A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:bc:92:93:8f:a4:18:73:65:a1:49:ac:8e:f5:71:0a:bf:b8:
55:5a:45:7f:18:5a:df:01:9c:55:d3:05:9b:31:52:ce:f1:13:
94:95:c6:fe:57:12:4e:99:f3:57:4c:e9:b3:d3:74:a9:34:5e:
19:ba:a2:54:f4:e3:ca:7e:94:b1:41:f4:17:84:5f:77:b0:a7:
45:52:92:22:1f:06:2c:d3:0e:32:f2:17:c7:72:11:3d:ff:78:
1f:f7:27:e8:af:47:4f:99:63:38:af:90:79:7b:c9:e9:56:0f:
95:ca:fe:60:99:04:fc:b5:39:15:f8:42:3c:d4:c9:b5:bb:38:
37:dd:69:da:ac:5c:a9:6a:19:9e:db:4b:f3:81:32:39:48:41:
fe:7d:9d:cc:44:69:71:3d:41:97:91:a4:ce:a7:64:86:01:b0:
49:f4:82:5f:b5:84:56:97:75:7a:63:d9:93:32:59:d8:98:a9:
b4:84:8f:be:5c:c5:b0:dd:d4:06:0e:2f:70:6f:4e:ed:e4:2e:
7f:17:6b:4b:62:d3:6c:1b:94:4f:af:46:ce:f7:69:b8:ae:f5:
04:c3:2c:34:ea:e0:41:a3:2b:70:ec:74:91:89:a3:27:d7:ce:
6d:bc:d6:8c:ce:b8:b8:4f:8c:0e:4c:41:c8:fb:a6:aa:c1:fe:
ec:11:40:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBzX33nGP/vN7c4ZqT1u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWRiZjY4NzhhYjAwYTQ1MmY4YjA3Zjg5MGQzYWIzNDgz
NzYyN2IwHhcNMjUxMTA0MDQwMTQ5WhcNMjUxMTA1MDQwMTQ5WjAzMTEwLwYDVQQD
EygyYTk5OTI0Y2YwM2ZmMDJiYjJhNzBkMzM2N2UzNjFjMDg4YTIxMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS4VqxQiGq1mEXR7ib451d6uyyY/
v1g8XGsi4QIis70m0hRn1qfPrSVwyt3ROt1wLA4cWyp7IX+7aAw5qPpDwY5fLk1K
udNUNzT6chZfRzwZ2UP1jjh9+3Ur2208TkanSZsZbyrca/00mN4aVTN86odVSr8q
sZx6GjBtOQ2V33uKbwzgTyeceyubP0UTmUI9dTjCZ6wahSq2oDsWAvDTcJSAIQmL
dnGerMlq0nxFXEPQhJq6ouiRnb4AmG/nhSjitNrxXJ7BoZKb6tmGhrKrsbSnWKsO
Srf1nM0bvfaojMP8qy3OJeRMLFCUv8vGZtefI6gTRXbKc82GkE1X0seqmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqZkkzwP/ArsqcNM2fjYcCIohEMMB8GA1UdIwQY
MBaAFKOdv2h4qwCkUviwf4kNOrNIN2J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAt
YWQ0NDIzNzY1ODkyLzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAtYWQ0NDIzNzY1ODky
LzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7ySk4+k
GHNloUmsjvVxCr+4VVpFfxha3wGcVdMFmzFSzvETlJXG/lcSTpnzV0zps9N0qTRe
GbqiVPTjyn6UsUH0F4Rfd7CnRVKSIh8GLNMOMvIXx3IRPf94H/cn6K9HT5ljOK+Q
eXvJ6VYPlcr+YJkE/LU5FfhCPNTJtbs4N91p2qxcqWoZnttL84EyOUhB/n2dzERp
cT1Bl5GkzqdkhgGwSfSCX7WEVpd1emPZkzJZ2JiptISPvlzFsN3UBg4vcG9O7eQu
fxdrS2LTbBuUT69GzvdpuK71BMMsNOrgQaMrcOx0kYmjJ9fObbzWjM64uE+MDkxB
yPumqsH+7BFAeA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:52:29 2025 by rpki-client