Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
File: aJQuPste6nkqdvray-wBqFaOl_Q.mft (raw, json)
Hash identifier: JYd4nq2culEek3ZUwU7F2ixSvU7Wxk8rIXeBDbPSd+Y=
Subject key identifier: E1:42:3A:E0:01:FB:45:9B:33:F8:3B:21:E8:7B:6A:E0:68:39:B5:36
Authority key identifier: 68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4
Certificate issuer: /CN=68942e3ecb5eea792a76fadacbec01a8568e97f4
Certificate serial: 019A4E86C5FA9D8CA4814B8C98D9CE83B80C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 11:00:46 +0000
Manifest this update: Tue 04 Nov 2025 11:00:46 +0000
Manifest next update: Wed 05 Nov 2025 11:00:46 +0000
Files and hashes: 1: 2I7Ug_0TKUirYBKdCRFB3X-yPVM.roa (hash: OuAKBuCtiZrdtqQo3Ia+YQ9DdlyXDqDuhn9BW+I9wGc=)
2: aJQuPste6nkqdvray-wBqFaOl_Q.crl (hash: FuoDM82m22cbBbZYCNFL6CO1rykxEZGkPOkxkVBH3ms=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:c5:fa:9d:8c:a4:81:4b:8c:98:d9:ce:83:b8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68942e3ecb5eea792a76fadacbec01a8568e97f4
Validity
Not Before: Nov 4 11:00:46 2025 GMT
Not After : Nov 5 11:00:46 2025 GMT
Subject: CN=e1423ae001fb459b33f83b21e87b6ae06839b536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d9:4a:3f:84:d3:e8:44:18:95:ce:4b:f3:2b:
7a:7b:ea:90:86:80:3a:be:30:47:f1:35:a4:be:df:
93:5e:a9:2a:5e:5b:b2:59:14:58:2d:98:bb:d9:20:
f8:cc:92:6b:38:3c:ed:c7:b5:51:83:18:19:87:11:
53:df:5c:7b:a3:7b:d6:6d:8f:71:fe:e9:da:3e:35:
c8:1a:8d:5f:28:37:b5:04:e7:d6:10:90:2e:d8:71:
fa:27:80:41:b0:00:93:19:57:8b:25:02:d1:95:52:
a9:e0:ba:56:da:59:d7:fc:17:3d:77:85:0c:b4:86:
2c:88:0a:7b:96:5f:4f:24:c9:a1:da:d3:37:81:a7:
e5:09:48:cf:b4:26:ea:fa:e8:28:43:6d:fa:d1:85:
43:00:3d:ad:a8:18:36:35:8e:26:cf:c5:40:2e:62:
e9:d4:29:90:1b:68:dc:8b:36:78:43:f8:24:b9:22:
41:32:da:25:d8:d4:54:28:7e:52:80:06:f9:5f:7c:
2c:fc:4a:e9:0f:99:6d:ed:ca:95:5c:78:0f:7f:86:
0a:e9:42:b3:e0:65:fa:4a:b0:da:d4:bf:65:3f:23:
bf:89:bf:0f:23:62:10:32:90:9d:f2:6c:5d:30:ac:
7c:34:01:52:c0:fa:87:4c:f2:d8:45:0c:3b:a6:50:
55:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:42:3A:E0:01:FB:45:9B:33:F8:3B:21:E8:7B:6A:E0:68:39:B5:36
X509v3 Authority Key Identifier:
keyid:68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:2d:ea:e8:a5:be:22:5f:20:b1:fa:93:4d:43:aa:40:10:9e:
2c:9f:d9:12:7d:08:ca:e0:65:c3:cd:fa:57:97:06:ae:6d:07:
0e:93:62:d4:2f:75:7b:54:ea:a3:89:75:6d:f8:56:39:5c:84:
38:ea:c0:18:8c:31:db:dd:c8:83:cd:3a:7b:48:4f:1c:52:1a:
94:84:8f:c7:d4:d2:30:ce:5b:8d:4d:d0:27:38:cf:0e:fb:14:
bc:fd:6c:d7:2a:74:f9:c1:ec:81:d2:62:c6:2d:0a:db:3d:a3:
05:b9:cb:9e:9e:35:ab:d1:59:44:d3:61:af:86:a6:c7:50:91:
0c:b9:67:00:39:a4:3d:9c:d1:ab:cc:aa:79:49:43:f7:54:7d:
a6:38:91:98:22:eb:96:45:cb:30:6b:a1:e0:3c:17:e2:b6:75:
2f:31:9c:67:a5:4e:b2:96:82:cf:8c:7a:5b:22:e9:f9:f6:2e:
0c:84:c0:53:be:65:c8:b3:dc:a9:fc:a4:ee:5c:c3:d4:04:fc:
c0:66:c7:77:9a:c2:ce:32:34:85:27:45:c1:4b:12:ca:4f:27:
a5:70:3b:b6:9f:31:9c:77:2d:7f:1a:95:8d:ef:c4:c1:44:9f:
a2:93:7e:bb:25:d1:c6:49:45:6a:33:ee:cc:4e:c0:f3:76:66:
4c:5f:63:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhsX6nYykgUuMmNnOg7gMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OTQyZTNlY2I1ZWVhNzkyYTc2ZmFkYWNiZWMwMWE4NTY4
ZTk3ZjQwHhcNMjUxMTA0MTEwMDQ2WhcNMjUxMTA1MTEwMDQ2WjAzMTEwLwYDVQQD
EyhlMTQyM2FlMDAxZmI0NTliMzNmODNiMjFlODdiNmFlMDY4MzliNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9lKP4TT6EQYlc5L8yt6e+qQhoA6
vjBH8TWkvt+TXqkqXluyWRRYLZi72SD4zJJrODztx7VRgxgZhxFT31x7o3vWbY9x
/unaPjXIGo1fKDe1BOfWEJAu2HH6J4BBsACTGVeLJQLRlVKp4LpW2lnX/Bc9d4UM
tIYsiAp7ll9PJMmh2tM3gaflCUjPtCbq+ugoQ2360YVDAD2tqBg2NY4mz8VALmLp
1CmQG2jcizZ4Q/gkuSJBMtol2NRUKH5SgAb5X3ws/ErpD5lt7cqVXHgPf4YK6UKz
4GX6SrDa1L9lPyO/ib8PI2IQMpCd8mxdMKx8NAFSwPqHTPLYRQw7plBVVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFCOuAB+0WbM/g7Ieh7auBoObU2MB8GA1UdIwQY
MBaAFGiULj7LXup5Knb62svsAahWjpf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQt
MDNjY2UzOTY5ZjljLzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQtMDNjY2UzOTY5Zjlj
LzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIi3q6KW+
Il8gsfqTTUOqQBCeLJ/ZEn0IyuBlw836V5cGrm0HDpNi1C91e1Tqo4l1bfhWOVyE
OOrAGIwx293Ig806e0hPHFIalISPx9TSMM5bjU3QJzjPDvsUvP1s1yp0+cHsgdJi
xi0K2z2jBbnLnp41q9FZRNNhr4amx1CRDLlnADmkPZzRq8yqeUlD91R9pjiRmCLr
lkXLMGuh4DwX4rZ1LzGcZ6VOspaCz4x6WyLp+fYuDITAU75lyLPcqfyk7lzD1AT8
wGbHd5rCzjI0hSdFwUsSyk8npXA7tp8xnHctfxqVje/EwUSfopN+uyXRxklFajPu
zE7A83ZmTF9j6g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:13 2025 by rpki-client