Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft
File: aaUdRFt2erm2YncC5KKzkE0gP3c.mft (raw, json)
Hash identifier: ksarc8YlDA/LFQE+HjYzbI8c/vpmH/MdO+U4BKJs9w4=
Subject key identifier: 3A:FA:68:5A:9D:D1:FB:23:F8:57:AA:8F:62:4E:F5:B7:63:BC:96:2C
Authority key identifier: 69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
Certificate issuer: /CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Certificate serial: 019A5119A6054C9EBCA598711F1FD846A834
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft
Manifest number: 16A0
Signing time: Tue 04 Nov 2025 23:00:26 +0000
Manifest this update: Tue 04 Nov 2025 23:00:26 +0000
Manifest next update: Wed 05 Nov 2025 23:00:26 +0000
Files and hashes: 1: aaUdRFt2erm2YncC5KKzkE0gP3c.crl (hash: cUnPvg+Uoy0evt8ST0deGMohQY0n89Dpx+LOitMyUMk=)
2: gvJBtDmrBY4y1m9tVe-S6ndjy20.roa (hash: e9qz/rQIxQf43DTjLpdblCilaun5V9rCKHAnrG6oKJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:19:a6:05:4c:9e:bc:a5:98:71:1f:1f:d8:46:a8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a51d445b767ab9b6627702e4a2b3904d203f77
Validity
Not Before: Nov 4 23:00:26 2025 GMT
Not After : Nov 5 23:00:26 2025 GMT
Subject: CN=3afa685a9dd1fb23f857aa8f624ef5b763bc962c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:45:83:9f:72:7f:b7:a9:1e:21:44:5c:bb:27:
39:47:4d:be:01:59:30:c2:b2:15:61:76:ba:a7:7c:
e4:4c:5e:2a:da:9a:ae:96:da:3f:6f:2d:6b:a1:6b:
7b:3a:cf:71:2d:8b:7a:1c:a0:89:65:c8:4e:c4:41:
2c:62:79:6c:4e:0f:bf:73:19:25:4c:32:8b:1a:40:
db:97:87:53:82:fc:3e:bb:2c:2a:03:d8:2a:34:21:
4c:c8:3a:3e:4f:5a:5c:76:39:2a:56:f3:64:cf:3a:
ac:3c:62:bf:b4:c5:fc:ad:a0:19:34:b5:59:f9:3a:
17:4b:31:b5:92:de:da:85:0c:10:08:82:32:44:cc:
de:08:37:f6:aa:ae:1d:d4:f5:b7:6e:44:85:32:d5:
60:34:73:3e:9e:6b:2c:16:47:c6:f2:bf:70:2e:e1:
7c:ea:89:eb:1c:40:69:f4:72:fc:09:02:2a:36:79:
1f:2e:d5:6d:c6:ee:2e:73:92:6d:e6:7c:9b:9a:84:
5c:7b:23:26:a0:ec:aa:f5:aa:56:41:0a:3c:22:aa:
61:8b:ba:49:16:d4:c4:b3:01:39:6d:c3:6d:e4:99:
25:34:5a:94:5f:bc:ad:50:20:88:f0:51:60:38:a5:
d5:9c:5c:84:93:85:a9:03:d5:51:0e:06:05:60:37:
6f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FA:68:5A:9D:D1:FB:23:F8:57:AA:8F:62:4E:F5:B7:63:BC:96:2C
X509v3 Authority Key Identifier:
keyid:69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:ef:05:15:59:fb:25:e1:05:89:27:ae:76:90:57:27:49:82:
29:25:66:16:41:00:07:69:55:c1:5f:98:c7:3e:4e:8b:a8:f1:
12:77:e2:21:57:e1:ac:fa:ec:0e:5c:62:39:e9:27:ee:f1:15:
93:ed:2f:1c:ab:3f:d0:f9:bc:a8:7b:b3:df:cf:65:b1:ae:c1:
cf:24:eb:c6:f4:49:99:1c:41:b4:b8:c8:38:10:e8:a3:c2:d0:
ae:75:37:fc:e1:34:7b:8e:1c:e1:74:36:2a:ea:a7:69:37:5d:
a4:f2:04:d8:cd:8b:49:a8:0d:db:8f:cd:71:3c:ed:a7:07:21:
d7:0a:15:a9:d5:19:90:b4:22:e1:d0:ef:f0:c6:45:cf:ab:67:
3a:42:b0:56:b1:d7:5f:df:6d:87:88:82:4e:99:5b:07:50:cf:
5c:2a:5b:9e:d8:1f:85:ed:93:6d:75:07:fb:86:4c:7e:5f:a1:
c2:d7:52:12:c1:64:85:b7:a2:35:4f:51:0d:ea:e6:d1:4c:24:
99:e7:08:58:9d:38:70:f1:9e:ba:82:28:20:0f:4a:f9:16:fa:
6c:f5:aa:bc:b8:08:1b:30:94:7d:38:e4:5d:b6:ef:ea:a9:3e:
ba:32:1d:76:11:58:b7:47:d0:c2:5c:2c:6c:a5:23:66:7f:2e:
ab:ca:6b:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGaYFTJ68pZhxHx/YRqg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTUxZDQ0NWI3NjdhYjliNjYyNzcwMmU0YTJiMzkwNGQy
MDNmNzcwHhcNMjUxMTA0MjMwMDI2WhcNMjUxMTA1MjMwMDI2WjAzMTEwLwYDVQQD
EygzYWZhNjg1YTlkZDFmYjIzZjg1N2FhOGY2MjRlZjViNzYzYmM5NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EWDn3J/t6keIURcuyc5R02+AVkw
wrIVYXa6p3zkTF4q2pqulto/by1roWt7Os9xLYt6HKCJZchOxEEsYnlsTg+/cxkl
TDKLGkDbl4dTgvw+uywqA9gqNCFMyDo+T1pcdjkqVvNkzzqsPGK/tMX8raAZNLVZ
+ToXSzG1kt7ahQwQCIIyRMzeCDf2qq4d1PW3bkSFMtVgNHM+nmssFkfG8r9wLuF8
6onrHEBp9HL8CQIqNnkfLtVtxu4uc5Jt5nybmoRceyMmoOyq9apWQQo8Iqphi7pJ
FtTEswE5bcNt5JklNFqUX7ytUCCI8FFgOKXVnFyEk4WpA9VRDgYFYDdvqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDr6aFqd0fsj+Feqj2JO9bdjvJYsMB8GA1UdIwQY
MBaAFGmlHURbdnq5tmJ3AuSis5BNID93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDkt
NzA1MjBlYTc2MzY5LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDktNzA1MjBlYTc2MzY5
LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+8FFVn7
JeEFiSeudpBXJ0mCKSVmFkEAB2lVwV+Yxz5Oi6jxEnfiIVfhrPrsDlxiOekn7vEV
k+0vHKs/0Pm8qHuz389lsa7BzyTrxvRJmRxBtLjIOBDoo8LQrnU3/OE0e44c4XQ2
KuqnaTddpPIE2M2LSagN24/NcTztpwch1woVqdUZkLQi4dDv8MZFz6tnOkKwVrHX
X99th4iCTplbB1DPXCpbntgfhe2TbXUH+4ZMfl+hwtdSEsFkhbeiNU9RDerm0Uwk
mecIWJ04cPGeuoIoIA9K+Rb6bPWqvLgIGzCUfTjkXbbv6qk+ujIddhFYt0fQwlws
bKUjZn8uq8prSw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:43:09 2025 by rpki-client