Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
File: aKfCyE_6STTPD3PvGhoaM3hzGCY.mft (raw, json)
Hash identifier: 7ZHKqJpPk/6cD74wqJagTFWyiudaqsL1cYe88sVscmg=
Subject key identifier: F2:7F:01:FF:34:9E:86:AF:C5:0A:45:21:62:06:FF:91:4F:AD:59:1C
Authority key identifier: 68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
Certificate issuer: /CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Certificate serial: 019A50074BD0E96B5F16D0DD5EE36F35874A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
Manifest number: 0DF3
Signing time: Tue 04 Nov 2025 18:00:46 +0000
Manifest this update: Tue 04 Nov 2025 18:00:46 +0000
Manifest next update: Wed 05 Nov 2025 18:00:46 +0000
Files and hashes: 1: KnUOYk5bdwDOyPRpWUFQ6FTo7gs.roa (hash: oV64n7K/Nu3TxpzkL+waUqCMMUTsVFeqTi3s1yY0Zn0=)
2: aKfCyE_6STTPD3PvGhoaM3hzGCY.crl (hash: DEU6Db+XVBOiJyoWuBMKthxVbIoMffvPhm7Pz6+MBX4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:4b:d0:e9:6b:5f:16:d0:dd:5e:e3:6f:35:87:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a7c2c84ffa4934cf0f73ef1a1a1a3378731826
Validity
Not Before: Nov 4 18:00:46 2025 GMT
Not After : Nov 5 18:00:46 2025 GMT
Subject: CN=f27f01ff349e86afc50a45216206ff914fad591c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fa:99:16:d2:50:d8:83:0b:3c:eb:9e:09:0a:
9e:43:27:ca:67:b4:32:7c:a0:22:e1:8b:90:2b:a1:
82:5f:13:2f:c9:c3:40:d8:cc:e7:e0:41:3e:9a:3c:
a3:6b:59:38:a8:3a:b3:bb:0e:57:c1:1d:6a:ef:fd:
cb:80:4c:25:f9:2b:a2:45:9f:61:0f:bf:a9:5a:cc:
d2:6b:b0:e7:8a:5e:e6:f6:5d:a4:37:06:0f:a0:66:
90:1d:70:2f:4f:46:27:27:24:80:f0:b2:eb:19:53:
0c:b4:fd:c3:07:b5:cc:7f:f6:98:fb:fd:c9:e3:d9:
ef:32:40:cf:13:79:32:8b:11:3b:ef:df:5d:0b:19:
cc:5f:f9:28:af:71:24:6c:a9:dc:c9:41:a6:16:f4:
6a:46:f0:c0:9f:7a:c3:d1:58:d3:41:6f:b8:10:c5:
df:21:1e:fe:ec:3b:23:09:d4:42:10:ae:3e:86:51:
9c:2d:45:1b:e6:58:ea:46:45:a5:dd:c9:e1:cc:95:
e9:59:f4:8a:8f:0d:85:e1:be:f1:81:20:be:2e:1d:
6c:93:1d:bb:43:ea:99:61:2b:e6:07:0c:9a:3c:45:
ec:49:06:7e:78:d8:21:30:e9:0e:ac:2c:ff:e8:8e:
32:a0:12:02:14:21:ce:bc:fd:79:b4:54:cf:9a:b9:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7F:01:FF:34:9E:86:AF:C5:0A:45:21:62:06:FF:91:4F:AD:59:1C
X509v3 Authority Key Identifier:
keyid:68:A7:C2:C8:4F:FA:49:34:CF:0F:73:EF:1A:1A:1A:33:78:73:18:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKfCyE_6STTPD3PvGhoaM3hzGCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe455d-f6ce-436c-8327-db6ddb4a44e5/1/aKfCyE_6STTPD3PvGhoaM3hzGCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:b4:22:56:44:c9:d3:07:01:ba:24:52:4d:c8:19:7b:67:5f:
13:e6:d6:ac:d4:6b:cf:af:d6:12:79:0e:9d:45:6d:8b:22:e5:
37:23:2f:ea:06:9b:a2:47:f0:7a:1f:38:6b:13:0f:6f:e9:93:
8e:3a:80:05:52:c9:bb:39:04:e4:8c:49:de:47:f2:69:18:69:
99:90:78:e1:ee:2d:e9:cf:74:37:a9:ac:35:4d:1b:e7:7b:58:
bc:7d:da:68:53:48:7e:e5:32:88:55:34:a0:61:8f:65:9e:8a:
36:76:d2:25:2c:ba:5f:dc:fa:ae:50:f3:67:ab:d1:ee:16:c1:
be:7c:ee:fa:71:d9:d3:74:13:c6:31:3c:17:af:c4:32:50:3f:
54:dd:56:b4:81:1d:88:62:9d:08:c2:85:3e:f1:40:bb:25:1e:
04:ce:7b:e8:49:90:4c:a5:69:55:7d:97:1d:35:53:0a:a3:a1:
3d:67:d6:c9:39:ef:50:dc:da:0e:13:34:53:ba:81:00:e7:bd:
f4:e0:7f:06:24:12:0c:2b:7e:16:5a:2e:0f:b6:13:8e:23:21:
da:c0:d4:6b:e6:75:c1:fc:ae:2c:3d:15:2a:f0:15:26:dc:76:
0d:7e:88:52:e1:d8:e5:42:36:a2:98:cf:41:ad:3b:80:b8:03:
82:ab:ba:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB0vQ6WtfFtDdXuNvNYdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTdjMmM4NGZmYTQ5MzRjZjBmNzNlZjFhMWExYTMzNzg3
MzE4MjYwHhcNMjUxMTA0MTgwMDQ2WhcNMjUxMTA1MTgwMDQ2WjAzMTEwLwYDVQQD
EyhmMjdmMDFmZjM0OWU4NmFmYzUwYTQ1MjE2MjA2ZmY5MTRmYWQ1OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/qZFtJQ2IMLPOueCQqeQyfKZ7Qy
fKAi4YuQK6GCXxMvycNA2Mzn4EE+mjyja1k4qDqzuw5XwR1q7/3LgEwl+SuiRZ9h
D7+pWszSa7Dnil7m9l2kNwYPoGaQHXAvT0YnJySA8LLrGVMMtP3DB7XMf/aY+/3J
49nvMkDPE3kyixE7799dCxnMX/kor3EkbKncyUGmFvRqRvDAn3rD0VjTQW+4EMXf
IR7+7DsjCdRCEK4+hlGcLUUb5ljqRkWl3cnhzJXpWfSKjw2F4b7xgSC+Lh1skx27
Q+qZYSvmBwyaPEXsSQZ+eNghMOkOrCz/6I4yoBICFCHOvP15tFTPmrnGLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJ/Af80noavxQpFIWIG/5FPrVkcMB8GA1UdIwQY
MBaAFGinwshP+kk0zw9z7xoaGjN4cxgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjct
ZGI2ZGRiNGE0NGU1LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTQ1NWQtZjZjZS00MzZjLTgzMjctZGI2ZGRiNGE0NGU1
LzEvYUtmQ3lFXzZTVFRQRDNQdkdob2FNM2h6R0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkbQiVkTJ
0wcBuiRSTcgZe2dfE+bWrNRrz6/WEnkOnUVtiyLlNyMv6gabokfweh84axMPb+mT
jjqABVLJuzkE5IxJ3kfyaRhpmZB44e4t6c90N6msNU0b53tYvH3aaFNIfuUyiFU0
oGGPZZ6KNnbSJSy6X9z6rlDzZ6vR7hbBvnzu+nHZ03QTxjE8F6/EMlA/VN1WtIEd
iGKdCMKFPvFAuyUeBM576EmQTKVpVX2XHTVTCqOhPWfWyTnvUNzaDhM0U7qBAOe9
9OB/BiQSDCt+FlouD7YTjiMh2sDUa+Z1wfyuLD0VKvAVJtx2DX6IUuHY5UI2opjP
Qa07gLgDgqu6Cw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:58:21 2025 by rpki-client