Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
File: aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft (raw, json)
Hash identifier: vHoqopOSBA29mvvHeh19JWKOjKF3/eUmzo7wcMMebQk=
Subject key identifier: 64:E7:DF:82:4B:8D:32:4E:C8:14:B2:E1:0C:79:D6:77:9A:BC:A0:EF
Authority key identifier: 68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
Certificate issuer: /CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Certificate serial: 019A503E6665CAC25DFE393CDE0ED70ECC70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
Manifest number: 0678
Signing time: Tue 04 Nov 2025 19:00:57 +0000
Manifest this update: Tue 04 Nov 2025 19:00:57 +0000
Manifest next update: Wed 05 Nov 2025 19:00:57 +0000
Files and hashes: 1: AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa (hash: O5F5OKdgmFhYvl6NemyAslo9muG5v3CdZb38avB1q8I=)
2: aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl (hash: 8kVxImNI13HAT9154T7WK1KWbItIKvcbsdnyQrImBzk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:66:65:ca:c2:5d:fe:39:3c:de:0e:d7:0e:cc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97
Validity
Not Before: Nov 4 19:00:57 2025 GMT
Not After : Nov 5 19:00:57 2025 GMT
Subject: CN=64e7df824b8d324ec814b2e10c79d6779abca0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:a4:1c:ed:06:b9:e5:ab:b2:e7:f1:57:3a:
19:b0:c1:39:33:39:21:3a:22:49:43:05:1a:60:1c:
bc:8e:76:7b:86:a6:16:31:44:fc:df:7f:dd:4b:a5:
67:de:14:23:c3:02:5d:0b:5a:d5:8a:a9:45:95:b3:
7f:9f:e0:cb:c4:95:4d:8b:d1:5c:43:91:89:7e:20:
72:b1:2d:dd:21:91:69:1f:fa:5b:04:fa:ca:b0:ad:
70:46:a4:ba:58:69:3b:c8:61:5f:09:a1:53:c3:cd:
3b:52:30:25:b4:26:53:68:02:b4:39:9e:db:cf:35:
3c:da:79:28:46:d2:74:d8:0a:95:ae:bb:e3:92:74:
0c:a0:9d:fe:33:34:05:cc:06:dd:3a:4f:b6:ce:4d:
60:27:f4:c0:e8:cc:75:71:e8:d4:28:da:ba:50:4b:
71:d1:fc:2d:17:76:0f:de:a0:12:67:44:92:03:bd:
2a:17:8f:e1:97:82:fe:f5:35:db:ec:06:08:0a:49:
11:cd:b7:7a:db:74:bc:99:68:ac:56:3e:84:ff:f3:
e4:49:ec:47:d9:6c:76:fb:ad:33:c5:9b:25:1a:27:
4f:66:bc:d6:5f:1a:ae:51:0e:5d:7c:9f:a3:16:42:
99:7e:95:e2:9f:d5:f9:26:0a:dc:6b:77:ed:2f:9b:
12:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E7:DF:82:4B:8D:32:4E:C8:14:B2:E1:0C:79:D6:77:9A:BC:A0:EF
X509v3 Authority Key Identifier:
keyid:68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:22:59:bf:dd:d2:d2:f8:7e:92:11:64:a2:03:f6:98:59:a4:
0f:2e:e2:6b:d7:8d:eb:07:50:ec:a0:74:30:ed:e0:d3:62:3a:
6a:62:d5:68:ca:16:69:6c:e6:a3:88:10:e0:9c:d0:83:b2:31:
c8:f8:4b:5b:08:88:eb:0c:39:b0:cc:ec:8c:1e:92:a2:13:e9:
50:cf:26:a0:01:02:03:0a:85:65:4f:e4:31:32:3b:8e:cd:d2:
1d:a0:c3:e8:f5:64:56:c8:8f:59:c9:eb:cb:94:72:52:06:84:
61:be:6a:a2:fb:6e:42:1a:11:ad:3d:19:d7:29:53:24:8c:14:
5a:7c:07:1b:4f:7c:28:36:93:5d:1c:c5:b4:33:34:97:ae:e0:
16:ad:0b:b8:bb:cf:de:9d:87:4b:ff:de:6f:c8:5d:3d:47:c6:
a8:1c:ba:96:98:5a:ce:6e:7a:c7:29:24:92:32:b3:3c:6e:3a:
0a:1d:ff:db:65:e2:3e:07:06:0a:54:c9:d2:96:e6:d0:8a:30:
ae:fa:6c:d6:fb:52:35:1c:c3:e7:18:d1:41:72:1e:bf:ce:d1:
21:c8:ca:df:38:34:25:c1:10:ad:5e:5d:a9:6d:96:bb:a4:84:
9d:0c:cc:27:16:d1:c2:a3:59:1a:46:3d:bd:69:38:b6:a1:f0:
9d:92:81:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPmZlysJd/jk83g7XDsxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2I5MWVkYTE2YjZmMWIxZmEwMTc1ZDY3Yzc5OTRmNjkx
ZDhlOTcwHhcNMjUxMTA0MTkwMDU3WhcNMjUxMTA1MTkwMDU3WjAzMTEwLwYDVQQD
Eyg2NGU3ZGY4MjRiOGQzMjRlYzgxNGIyZTEwYzc5ZDY3NzlhYmNhMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotmkHO0GueWrsufxVzoZsME5Mzkh
OiJJQwUaYBy8jnZ7hqYWMUT833/dS6Vn3hQjwwJdC1rViqlFlbN/n+DLxJVNi9Fc
Q5GJfiBysS3dIZFpH/pbBPrKsK1wRqS6WGk7yGFfCaFTw807UjAltCZTaAK0OZ7b
zzU82nkoRtJ02AqVrrvjknQMoJ3+MzQFzAbdOk+2zk1gJ/TA6Mx1cejUKNq6UEtx
0fwtF3YP3qASZ0SSA70qF4/hl4L+9TXb7AYICkkRzbd623S8mWisVj6E//PkSexH
2Wx2+60zxZslGidPZrzWXxquUQ5dfJ+jFkKZfpXin9X5Jgrca3ftL5sSfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTn34JLjTJOyBSy4Qx51neavKDvMB8GA1UdIwQY
MBaAFGh7ke2ha28bH6AXXWfHmU9pHY6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWIt
ZGZmZTU5MDIzZTg5LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWItZGZmZTU5MDIzZTg5
LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfCJZv93S
0vh+khFkogP2mFmkDy7ia9eN6wdQ7KB0MO3g02I6amLVaMoWaWzmo4gQ4JzQg7Ix
yPhLWwiI6ww5sMzsjB6SohPpUM8moAECAwqFZU/kMTI7js3SHaDD6PVkVsiPWcnr
y5RyUgaEYb5qovtuQhoRrT0Z1ylTJIwUWnwHG098KDaTXRzFtDM0l67gFq0LuLvP
3p2HS//eb8hdPUfGqBy6lphazm56xykkkjKzPG46Ch3/22XiPgcGClTJ0pbm0Iow
rvps1vtSNRzD5xjRQXIev87RIcjK3zg0JcEQrV5dqW2Wu6SEnQzMJxbRwqNZGkY9
vWk4tqHwnZKBdg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:56:39 2025 by rpki-client