Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
File: 5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft (raw, json)
Hash identifier: BqxZeQHjQGpCHSmeOTbDcRk+6J654gtVgGBacaDgT/M=
Subject key identifier: 22:B6:61:55:E1:44:7C:8E:F1:95:D2:90:5F:77:4E:14:7B:9B:3E:BA
Authority key identifier: 5A:FF:13:D5:A7:1C:FB:0D:A3:8D:8D:3D:81:E1:3E:AF:40:41:6A:74
Certificate issuer: /CN=5aff13d5a71cfb0da38d8d3d81e13eaf40416a74
Certificate serial: 4DF48FE151CA76613187B68ED1F46A51D1E16069
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
Manifest number: 049B
Signing time: Mon 03 Nov 2025 20:36:57 +0000
Manifest this update: Mon 03 Nov 2025 20:31:57 +0000
Manifest next update: Tue 04 Nov 2025 23:02:57 +0000
Files and hashes: 1: 39312e3232392e3138302e302f32342d3234203d3e2036303739.roa (hash: +bVqrEMFd6OlmJt6OXUAm36lf7U27Wity5s8ggfbbQs=)
2: 5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl (hash: OMYuDUbYlvUYkoEaA6DWQvnhiiZGUkhFZYztopMvXfo=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl
rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 23:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:f4:8f:e1:51:ca:76:61:31:87:b6:8e:d1:f4:6a:51:d1:e1:60:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aff13d5a71cfb0da38d8d3d81e13eaf40416a74
Validity
Not Before: Nov 3 20:31:57 2025 GMT
Not After : Nov 4 23:02:57 2025 GMT
Subject: CN=22B66155E1447C8EF195D2905F774E147B9B3EBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c4:cb:ef:ba:d4:3e:e2:ac:46:d2:eb:fb:11:
6a:88:42:23:49:a2:7b:2e:81:30:d1:8a:10:69:66:
fa:44:4d:fb:27:b9:81:7d:b9:94:3f:f6:5b:f5:22:
f7:b8:b9:e7:fe:27:bb:d3:b6:53:de:5d:f4:e6:73:
25:b9:60:13:70:b5:6a:e9:58:e5:34:44:0f:a4:cd:
ee:38:4b:86:62:b7:78:3b:6b:c2:a6:ae:9b:e5:5b:
fe:14:01:0e:84:36:b5:6f:cb:a2:69:30:c1:f1:61:
f3:94:48:87:07:40:d9:6d:aa:28:59:1b:28:a1:5c:
da:84:bc:91:2a:16:6b:63:8b:9c:58:54:30:2b:44:
1f:f0:43:fb:f7:c5:22:34:a6:cd:fd:a5:51:e2:26:
4d:d1:a8:d1:eb:52:bf:b9:f3:d6:3d:26:1f:07:f5:
50:e3:3b:31:f2:eb:44:82:ae:d5:99:02:1e:a2:7e:
31:41:5d:87:d7:aa:a6:ea:a2:8f:83:68:17:1f:ab:
e5:1e:aa:ad:08:06:90:90:33:51:68:de:33:84:d0:
4c:a6:1f:b2:6b:cb:e0:06:2e:17:ef:7f:9b:29:9c:
81:e6:fd:a1:4e:6d:2e:99:37:bd:29:25:8e:a5:ee:
c7:35:b3:7e:5c:8f:5a:4c:2f:18:19:33:ec:5f:c8:
04:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B6:61:55:E1:44:7C:8E:F1:95:D2:90:5F:77:4E:14:7B:9B:3E:BA
X509v3 Authority Key Identifier:
keyid:5A:FF:13:D5:A7:1C:FB:0D:A3:8D:8D:3D:81:E1:3E:AF:40:41:6A:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wv8T1acc-w2jjY09geE-r0BBanQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6073c95a-aac7-43ec-818b-1f42f62275f5/0/5AFF13D5A71CFB0DA38D8D3D81E13EAF40416A74.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:ab:5e:14:67:ef:39:65:83:2b:66:b2:bf:30:85:5e:ec:3f:
5e:b8:0d:ca:3c:ef:e3:4b:6a:65:aa:32:c6:b3:ca:5c:68:52:
a9:1e:b5:82:11:ef:87:84:97:87:9c:f5:e9:33:59:88:4a:52:
59:eb:e5:16:62:fd:0e:f7:d0:e6:95:78:d4:2f:00:08:b9:1d:
58:37:57:a1:23:c4:bd:4f:dc:56:a2:ce:94:d1:f3:c6:f0:a6:
04:52:2d:89:71:5e:d5:78:fc:85:b0:67:f7:2f:cb:28:d4:2c:
59:bd:f3:4d:51:78:c0:ff:ee:16:b1:af:06:76:1b:4f:0d:78:
8d:43:a4:16:60:f2:59:61:11:e0:d0:48:ad:be:84:c7:37:d3:
77:17:0d:0c:df:76:0c:7b:71:22:37:86:83:89:71:62:ec:a8:
33:9a:d4:39:e2:28:07:cf:fa:d0:85:90:74:2b:cc:99:86:62:
7e:8d:4f:2c:af:68:1e:85:01:fa:6a:ed:be:d5:34:5e:d1:34:
36:c7:21:50:ff:e9:4d:8e:92:e9:e7:a3:99:39:9e:dd:8c:0f:
3d:8e:03:36:9c:df:f4:bd:2c:31:1d:65:6a:2a:4f:f4:46:64:
fc:98:ef:03:7c:2c:1c:04:a5:bf:b4:59:ff:78:3e:29:6e:6b:
df:02:23:a7
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUTfSP4VHKdmExh7aO0fRqUdHhYGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFmZjEzZDVhNzFjZmIwZGEzOGQ4ZDNkODFlMTNlYWY0
MDQxNmE3NDAeFw0yNTExMDMyMDMxNTdaFw0yNTExMDQyMzAyNTdaMDMxMTAvBgNV
BAMTKDIyQjY2MTU1RTE0NDdDOEVGMTk1RDI5MDVGNzc0RTE0N0I5QjNFQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPxMvvutQ+4qxG0uv7EWqIQiNJ
onsugTDRihBpZvpETfsnuYF9uZQ/9lv1Ive4uef+J7vTtlPeXfTmcyW5YBNwtWrp
WOU0RA+kze44S4Zit3g7a8KmrpvlW/4UAQ6ENrVvy6JpMMHxYfOUSIcHQNltqihZ
GyihXNqEvJEqFmtji5xYVDArRB/wQ/v3xSI0ps39pVHiJk3RqNHrUr+589Y9Jh8H
9VDjOzHy60SCrtWZAh6ifjFBXYfXqqbqoo+DaBcfq+Ueqq0IBpCQM1Fo3jOE0Eym
H7Jry+AGLhfvf5spnIHm/aFObS6ZN70pJY6l7sc1s35cj1pMLxgZM+xfyARpAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUIrZhVeFEfI7xldKQX3dOFHubProwHwYDVR0j
BBgwFoAUWv8T1acc+w2jjY09geE+r0BBanQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA3M2M5NWEtYWFjNy00M2VjLTgxOGItMWY0MmY2MjI3
NWY1LzAvNUFGRjEzRDVBNzFDRkIwREEzOEQ4RDNEODFFMTNFQUY0MDQxNkE3NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d2OFQxYWNjLXcyampZMDlnZUUtcjBC
QmFuUS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82MDczYzk1YS1h
YWM3LTQzZWMtODE4Yi0xZjQyZjYyMjc1ZjUvMC81QUZGMTNENUE3MUNGQjBEQTM4
RDhEM0Q4MUUxM0VBRjQwNDE2QTc0Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6teFGfvOWWDK2ayvzCF
Xuw/XrgNyjzv40tqZaoyxrPKXGhSqR61ghHvh4SXh5z16TNZiEpSWevlFmL9DvfQ
5pV41C8ACLkdWDdXoSPEvU/cVqLOlNHzxvCmBFItiXFe1Xj8hbBn9y/LKNQsWb3z
TVF4wP/uFrGvBnYbTw14jUOkFmDyWWER4NBIrb6ExzfTdxcNDN92DHtxIjeGg4lx
YuyoM5rUOeIoB8/60IWQdCvMmYZifo1PLK9oHoUB+mrtvtU0XtE0NschUP/pTY6S
6eejmTme3YwPPY4DNpzf9L0sMR1laipP9EZk/JjvA3wsHASlv7RZ/3g+KW5r3wIj
pw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:51:09 2025 by rpki-client