Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File: aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier: eAxNtH90HhGvf4ehQd39eBh7hXt0btxLuJZUqAu1fuw=
Subject key identifier: 25:DC:C0:EA:A4:D5:4D:88:B3:3C:1F:87:05:F3:4F:5E:94:42:61:85
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 019A4E866E05118EB964D614E4813E5D67A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number: 1660
Signing time: Tue 04 Nov 2025 11:00:23 +0000
Manifest this update: Tue 04 Nov 2025 11:00:23 +0000
Manifest next update: Wed 05 Nov 2025 11:00:23 +0000
Files and hashes: 1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: u3pwWGGe9X/TUb+Tdql8oieDd2vaFMiBgaCGlBsIlqk=)
3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:6e:05:11:8e:b9:64:d6:14:e4:81:3e:5d:67:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Nov 4 11:00:23 2025 GMT
Not After : Nov 5 11:00:23 2025 GMT
Subject: CN=25dcc0eaa4d54d88b33c1f8705f34f5e94426185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:21:44:07:ff:66:9a:29:2a:06:36:a6:dd:
87:35:5d:05:d6:e8:11:76:88:1c:bc:be:e3:f3:52:
cb:5f:37:25:d5:9b:66:45:de:e5:e4:62:97:17:26:
9d:0e:e2:c2:33:20:2a:11:51:8e:c6:95:79:91:a9:
26:29:e3:89:79:c4:12:bf:f4:4a:56:de:c9:33:6c:
9c:22:db:19:f5:28:fe:bf:b0:32:29:c4:e8:fc:60:
65:1d:0b:08:46:d3:a7:6c:4c:7d:96:a4:c0:b1:a4:
f2:34:d4:2d:9a:0b:25:06:45:cb:9b:3b:96:fc:fc:
c9:34:1d:7f:7b:a1:71:b9:9e:8e:0d:91:a4:ae:20:
73:10:92:e4:cb:f7:76:d3:05:8f:14:23:39:63:62:
89:11:22:d4:30:27:f3:c8:82:e5:e6:09:c9:e5:17:
9e:55:7d:29:76:37:fc:39:b9:1e:9b:65:68:db:4c:
b2:34:62:73:0a:f8:35:ec:3c:18:ef:53:0f:ef:d7:
ef:c1:54:16:47:3a:d2:79:64:b6:aa:0f:26:44:9c:
a7:f9:a4:a4:aa:b1:34:82:4a:6d:c0:48:d1:01:a7:
c7:d9:f3:5c:40:2e:47:a9:b4:25:25:d9:de:72:c7:
15:d8:3c:33:55:f2:e8:08:09:af:5b:c3:c0:5d:10:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DC:C0:EA:A4:D5:4D:88:B3:3C:1F:87:05:F3:4F:5E:94:42:61:85
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:48:d1:b4:bb:71:a7:26:15:ab:e8:cb:9e:08:8c:88:cb:eb:
f0:9c:1e:8a:ef:17:73:37:0e:cb:82:0d:9b:d8:01:e1:96:37:
ce:c7:47:ba:24:39:6f:c7:2f:17:f8:fe:6f:97:2d:7d:be:e0:
9e:ec:b8:99:62:50:bf:68:36:e5:7d:81:e6:63:a2:8e:12:17:
53:56:84:0a:d7:46:6e:c1:e6:5a:2b:af:79:1b:4c:f0:a6:10:
be:56:90:ca:62:09:1e:7e:34:34:c7:83:9e:77:21:84:fe:0f:
b2:be:b2:6f:44:e7:21:8c:a8:93:f9:35:2b:a6:bc:55:72:18:
0b:ae:40:ed:76:2c:64:ef:a2:b1:20:a7:8c:3c:e8:76:b0:a4:
d9:bd:6c:6c:3a:66:92:57:cf:e5:1d:99:3e:e7:7c:f3:2a:e7:
64:68:f5:fb:1d:26:c8:29:02:0e:0e:f8:0f:d9:16:ad:6b:b2:
fe:99:fc:b3:23:a3:fd:46:9a:04:23:54:12:67:53:31:68:23:
18:c4:a7:5f:ab:f6:d0:dc:38:f3:7d:d0:ea:eb:b7:64:af:f4:
cd:f1:b1:e0:ca:a5:cb:55:39:b9:23:5d:8b:31:cf:51:e3:96:
4f:f8:00:79:91:d2:38:d9:ba:95:00:60:ab:94:76:ac:c6:06:
bf:89:e4:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhm4FEY65ZNYU5IE+XWeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUxMTA0MTEwMDIzWhcNMjUxMTA1MTEwMDIzWjAzMTEwLwYDVQQD
EygyNWRjYzBlYWE0ZDU0ZDg4YjMzYzFmODcwNWYzNGY1ZTk0NDI2MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArswhRAf/ZpopKgY2pt2HNV0F1ugR
dogcvL7j81LLXzcl1ZtmRd7l5GKXFyadDuLCMyAqEVGOxpV5kakmKeOJecQSv/RK
Vt7JM2ycItsZ9Sj+v7AyKcTo/GBlHQsIRtOnbEx9lqTAsaTyNNQtmgslBkXLmzuW
/PzJNB1/e6FxuZ6ODZGkriBzEJLky/d20wWPFCM5Y2KJESLUMCfzyILl5gnJ5Ree
VX0pdjf8Obkem2Vo20yyNGJzCvg17DwY71MP79fvwVQWRzrSeWS2qg8mRJyn+aSk
qrE0gkptwEjRAafH2fNcQC5HqbQlJdnecscV2DwzVfLoCAmvW8PAXRBJLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXcwOqk1U2IszwfhwXzT16UQmGFMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm0jRtLtx
pyYVq+jLngiMiMvr8Jweiu8XczcOy4INm9gB4ZY3zsdHuiQ5b8cvF/j+b5ctfb7g
nuy4mWJQv2g25X2B5mOijhIXU1aECtdGbsHmWiuveRtM8KYQvlaQymIJHn40NMeD
nnchhP4Psr6yb0TnIYyok/k1K6a8VXIYC65A7XYsZO+isSCnjDzodrCk2b1sbDpm
klfP5R2ZPud88yrnZGj1+x0myCkCDg74D9kWrWuy/pn8syOj/UaaBCNUEmdTMWgj
GMSnX6v20Nw4833Q6uu3ZK/0zfGx4Mqly1U5uSNdizHPUeOWT/gAeZHSONm6lQBg
q5R2rMYGv4nkuw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:54:37 2025 by rpki-client