Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
File: aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft (raw, json)
Hash identifier: ij6UomRtNHiIsBsZ5atNo60wqwnQKoakTfb5QHj6Eio=
Subject key identifier: A2:8F:06:3F:88:B2:D2:13:37:E0:8B:83:3C:45:41:8E:89:EB:35:E2
Authority key identifier: 69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00
Certificate issuer: /CN=699710a1693710ac835f0b6745f90d2d680a1200
Certificate serial: 019A54BFAF927553039E4E75AF3CD382950D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
Manifest number: 16A2
Signing time: Wed 05 Nov 2025 16:00:39 +0000
Manifest this update: Wed 05 Nov 2025 16:00:39 +0000
Manifest next update: Thu 06 Nov 2025 16:00:39 +0000
Files and hashes: 1: aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl (hash: bmnG428hxwX6/C4zGQltvqV9n4JaZ0nknDPET9xrv6E=)
2: koGXGlmTeestynS-D79F1iRgKe8.roa (hash: t/wGg6Ba4t68swMex8wPDhVXcBtDTQUAFrp4xf0H+oE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 16:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:bf:af:92:75:53:03:9e:4e:75:af:3c:d3:82:95:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699710a1693710ac835f0b6745f90d2d680a1200
Validity
Not Before: Nov 5 16:00:39 2025 GMT
Not After : Nov 6 16:00:39 2025 GMT
Subject: CN=a28f063f88b2d21337e08b833c45418e89eb35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:44:82:6e:bb:8f:85:09:68:8c:63:2d:55:fb:
50:b4:01:d8:bc:5c:6f:53:7b:05:f6:78:66:23:1a:
1e:ca:42:e5:85:c4:ea:ae:43:f0:88:a3:fc:fd:38:
9c:bf:be:e9:95:e4:de:62:38:d8:33:47:e1:f5:19:
22:fd:3b:9f:ea:93:7a:aa:dc:fc:c0:4c:5c:90:88:
9a:84:04:70:6b:37:18:6f:34:11:e5:33:e0:b1:85:
1f:c1:30:b1:03:dd:94:fc:4a:61:68:61:5d:2c:f5:
b8:6a:cb:bd:dd:c5:75:4f:5d:6f:dc:32:99:25:55:
ce:c3:74:40:ef:92:9b:46:b5:64:de:9e:fb:10:4e:
07:b2:1d:37:2b:fd:4a:d0:18:d5:18:33:8d:8d:c3:
77:2d:c8:5f:f6:91:30:06:29:1b:69:e7:cb:58:38:
eb:b3:ce:c0:71:53:ea:06:e0:6f:5a:15:1c:81:a6:
d3:01:9c:f3:eb:04:7e:f3:e9:6f:1e:1b:5b:8a:0c:
36:70:91:29:06:82:9f:2d:42:70:52:61:9f:d7:15:
46:8e:e7:9a:2c:5b:0f:e7:40:e2:af:ab:a2:48:e5:
25:0f:e7:33:ed:f1:90:1b:be:5f:03:0b:62:6d:7e:
f4:d4:22:68:2a:77:8f:6c:50:d4:db:49:c1:0d:a1:
f9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8F:06:3F:88:B2:D2:13:37:E0:8B:83:3C:45:41:8E:89:EB:35:E2
X509v3 Authority Key Identifier:
keyid:69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:85:47:9e:29:7e:b9:1c:5b:2c:50:74:16:90:64:80:c6:fe:
29:31:0e:44:ee:7e:07:f0:55:22:ce:64:5b:3e:1f:05:12:29:
a9:93:b0:4b:ae:01:bd:46:45:98:9d:7a:08:8e:02:94:77:b3:
cf:64:9f:14:27:e3:51:4e:8c:0a:49:70:44:3a:0d:e0:a0:17:
6a:29:04:ca:d7:e9:64:2c:4f:50:43:c5:28:a1:4f:81:16:16:
5e:11:86:7d:6f:69:be:b9:80:40:73:a2:89:84:40:db:16:0e:
29:92:31:e1:24:e1:dc:90:d0:08:0a:a5:4c:35:42:73:c6:a8:
13:2b:fb:96:81:8e:0f:b0:db:ca:6f:ae:6a:f9:8e:87:3a:aa:
e2:d5:98:d1:ac:b2:72:fc:d2:25:7e:c4:23:0d:f6:ab:1a:80:
9b:81:14:3f:85:35:29:38:bc:28:e9:f9:80:36:89:82:fe:d9:
56:b2:fd:1d:d2:c7:de:87:71:c6:c8:2c:26:47:6c:0f:76:68:
14:c9:a1:e9:d0:d0:fd:ab:d4:2a:da:b7:c3:83:f1:4f:4b:3a:
a7:a7:53:f6:7a:f6:10:e1:47:88:44:96:73:e9:5d:e1:f3:ee:
c0:c3:06:d3:6e:34:4c:91:a7:88:c0:6c:6a:fc:93:6b:50:c4:
08:e8:0c:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv6+SdVMDnk51rzzTgpUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTcxMGExNjkzNzEwYWM4MzVmMGI2NzQ1ZjkwZDJkNjgw
YTEyMDAwHhcNMjUxMTA1MTYwMDM5WhcNMjUxMTA2MTYwMDM5WjAzMTEwLwYDVQQD
EyhhMjhmMDYzZjg4YjJkMjEzMzdlMDhiODMzYzQ1NDE4ZTg5ZWIzNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUSCbruPhQlojGMtVftQtAHYvFxv
U3sF9nhmIxoeykLlhcTqrkPwiKP8/Ticv77pleTeYjjYM0fh9Rki/Tuf6pN6qtz8
wExckIiahARwazcYbzQR5TPgsYUfwTCxA92U/EphaGFdLPW4asu93cV1T11v3DKZ
JVXOw3RA75KbRrVk3p77EE4Hsh03K/1K0BjVGDONjcN3Lchf9pEwBikbaefLWDjr
s87AcVPqBuBvWhUcgabTAZzz6wR+8+lvHhtbigw2cJEpBoKfLUJwUmGf1xVGjuea
LFsP50Dir6uiSOUlD+cz7fGQG75fAwtibX701CJoKnePbFDU20nBDaH5IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKPBj+IstITN+CLgzxFQY6J6zXiMB8GA1UdIwQY
MBaAFGmXEKFpNxCsg18LZ0X5DS1oChIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYt
MjliOThlY2RmZjEyLzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYtMjliOThlY2RmZjEy
LzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIVHnil+
uRxbLFB0FpBkgMb+KTEORO5+B/BVIs5kWz4fBRIpqZOwS64BvUZFmJ16CI4ClHez
z2SfFCfjUU6MCklwRDoN4KAXaikEytfpZCxPUEPFKKFPgRYWXhGGfW9pvrmAQHOi
iYRA2xYOKZIx4STh3JDQCAqlTDVCc8aoEyv7loGOD7Dbym+uavmOhzqq4tWY0ayy
cvzSJX7EIw32qxqAm4EUP4U1KTi8KOn5gDaJgv7ZVrL9HdLH3odxxsgsJkdsD3Zo
FMmh6dDQ/avUKtq3w4PxT0s6p6dT9nr2EOFHiESWc+ld4fPuwMMG0240TJGniMBs
avyTa1DECOgMjw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 22:31:55 2025 by rpki-client