Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
File: l_aXATQzuJHWRpfZKGY75zTbpOc.mft (raw, json)
Hash identifier: cAx1BA1SMPpWno0Ts2Oy1IfgMgpiR/rS8lPDB5FiM94=
Subject key identifier: 1E:EB:66:41:16:C4:0D:8D:D8:48:F1:17:13:EC:37:AC:E9:BB:F5:92
Authority key identifier: 97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
Certificate issuer: /CN=97f697013433b891d64697d928663be734dba4e7
Certificate serial: 019A4E4FFAD8B66644ABFE760B90FFCD0AAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 10:00:55 +0000
Manifest this update: Tue 04 Nov 2025 10:00:55 +0000
Manifest next update: Wed 05 Nov 2025 10:00:55 +0000
Files and hashes: 1: Q01X85MGyHMF5rr2gbqyxSbVGJU.roa (hash: 3pLndBzBIS9IcjtzdUX4XacaMZCMolKRG+4KwxWHWEU=)
2: l_aXATQzuJHWRpfZKGY75zTbpOc.crl (hash: J5aNCQ0Cy+O5avm/OIs0UyKKl60YX+A9Ac9l2IDmb94=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:fa:d8:b6:66:44:ab:fe:76:0b:90:ff:cd:0a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f697013433b891d64697d928663be734dba4e7
Validity
Not Before: Nov 4 10:00:55 2025 GMT
Not After : Nov 5 10:00:55 2025 GMT
Subject: CN=1eeb664116c40d8dd848f11713ec37ace9bbf592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cb:ce:77:e7:1a:93:6a:e8:61:59:39:c7:bc:
a5:b8:98:f1:e1:ec:f9:0c:ee:e2:4e:35:46:24:b1:
f8:1a:21:f0:84:4a:09:17:0d:a0:ec:7c:4e:76:72:
99:f2:3a:1b:db:ca:bf:d5:8d:05:d6:ef:d9:ab:00:
06:48:d0:88:ee:0c:fc:95:5b:17:12:e4:03:18:ba:
28:28:b7:b3:31:be:0e:fb:4f:a1:84:24:bd:48:73:
2d:bc:c3:d7:48:49:97:a8:f2:01:f9:42:70:ef:9d:
e7:0d:f1:5d:39:45:2d:3f:39:ae:52:dd:96:f2:fc:
72:03:d9:6f:c4:4c:d0:b7:69:b7:b3:f5:ce:ae:b4:
2b:f8:6b:79:a0:01:9c:d1:43:c8:71:0a:f8:43:6e:
4b:94:f9:e0:e5:e2:cf:c1:21:73:fe:b2:7f:19:69:
48:d3:1f:1f:e8:be:44:3a:9a:6d:71:32:74:06:73:
99:2b:67:c2:f2:e4:ef:9d:81:6c:98:cc:3f:76:8f:
9c:0e:f6:86:5d:8a:d4:ba:04:97:e6:7b:86:85:67:
5f:8e:36:5b:b3:90:6d:ac:13:07:e6:99:b6:96:c6:
d9:3e:01:96:74:56:0e:39:79:63:ea:af:e6:ca:b6:
1d:8f:d2:c0:dd:74:bc:35:60:52:18:a5:2c:45:fe:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EB:66:41:16:C4:0D:8D:D8:48:F1:17:13:EC:37:AC:E9:BB:F5:92
X509v3 Authority Key Identifier:
keyid:97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:30:f1:ed:50:90:cf:f2:41:9f:ca:0b:e6:61:ab:12:60:bc:
a1:b6:2e:40:bc:e2:af:61:63:be:01:99:e2:bd:56:28:83:c6:
5f:74:49:0a:52:e5:03:0e:39:c2:4f:74:c5:b0:fe:60:ea:6e:
aa:ff:7d:7d:11:08:f9:7c:c4:00:7b:40:83:18:1e:ed:83:8c:
cf:28:01:2e:26:67:1f:1b:70:4d:69:4b:c1:c9:6f:07:c4:da:
ab:08:0d:58:57:74:3d:c1:38:43:a4:0a:4d:0a:6a:50:e3:48:
40:8a:d9:a9:09:7a:6b:c9:1a:9e:ac:e7:54:76:b9:fe:14:ad:
8f:09:bf:e4:a5:f9:ec:4b:c8:6c:c1:9e:9d:fa:f1:cf:af:45:
09:05:2f:b5:55:f9:03:e9:be:11:33:1d:c1:eb:4c:54:53:ba:
64:81:d4:f9:a8:df:7b:d5:56:e1:d7:5f:87:82:f0:63:9f:92:
c7:74:30:c4:73:b9:f6:7e:80:ff:ce:30:7b:e9:14:b1:8d:26:
8a:72:6b:63:bb:51:88:3c:cc:d8:03:40:b2:54:53:b9:78:49:
77:4c:c0:6e:91:ec:9f:48:e9:77:42:fd:88:d8:81:18:38:4f:
5c:13:a7:ad:ab:a1:f5:e0:8c:63:04:ba:23:ec:b8:89:83:ca:
33:01:35:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT/rYtmZEq/52C5D/zQqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjY5NzAxMzQzM2I4OTFkNjQ2OTdkOTI4NjYzYmU3MzRk
YmE0ZTcwHhcNMjUxMTA0MTAwMDU1WhcNMjUxMTA1MTAwMDU1WjAzMTEwLwYDVQQD
EygxZWViNjY0MTE2YzQwZDhkZDg0OGYxMTcxM2VjMzdhY2U5YmJmNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MvOd+cak2roYVk5x7yluJjx4ez5
DO7iTjVGJLH4GiHwhEoJFw2g7HxOdnKZ8job28q/1Y0F1u/ZqwAGSNCI7gz8lVsX
EuQDGLooKLezMb4O+0+hhCS9SHMtvMPXSEmXqPIB+UJw753nDfFdOUUtPzmuUt2W
8vxyA9lvxEzQt2m3s/XOrrQr+Gt5oAGc0UPIcQr4Q25LlPng5eLPwSFz/rJ/GWlI
0x8f6L5EOpptcTJ0BnOZK2fC8uTvnYFsmMw/do+cDvaGXYrUugSX5nuGhWdfjjZb
s5BtrBMH5pm2lsbZPgGWdFYOOXlj6q/myrYdj9LA3XS8NWBSGKUsRf5K7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7rZkEWxA2N2EjxFxPsN6zpu/WSMB8GA1UdIwQY
MBaAFJf2lwE0M7iR1kaX2ShmO+c026TnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjIt
N2JjODMyMjBmYjYyLzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjItN2JjODMyMjBmYjYy
LzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgTDx7VCQ
z/JBn8oL5mGrEmC8obYuQLzir2FjvgGZ4r1WKIPGX3RJClLlAw45wk90xbD+YOpu
qv99fREI+XzEAHtAgxge7YOMzygBLiZnHxtwTWlLwclvB8TaqwgNWFd0PcE4Q6QK
TQpqUONIQIrZqQl6a8kanqznVHa5/hStjwm/5KX57EvIbMGenfrxz69FCQUvtVX5
A+m+ETMdwetMVFO6ZIHU+ajfe9VW4ddfh4LwY5+Sx3QwxHO59n6A/84we+kUsY0m
inJrY7tRiDzM2ANAslRTuXhJd0zAbpHsn0jpd0L9iNiBGDhPXBOnrauh9eCMYwS6
I+y4iYPKMwE1kQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:50:59 2025 by rpki-client