
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier: nctshA0uAS77eAsliWun5RUCFFBvnx8R9BfU4fmBO4Y=
Subject key identifier: B4:31:CA:D2:48:E3:E1:54:32:36:8B:11:BB:E0:9A:AD:28:69:06:84
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer: /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial: 0199FBEC3429C4E280EDFEB7E97CF4ADA239
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number: 13DF
Signing time: Sun 19 Oct 2025 10:03:04 +0000
Manifest this update: Sun 19 Oct 2025 10:03:04 +0000
Manifest next update: Mon 20 Oct 2025 10:03:04 +0000
Files and hashes: 1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: uSaohDG3pbzA7ifYHVl0htKkAHTixKMA5nbLNk6cv44=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ec:34:29:c4:e2:80:ed:fe:b7:e9:7c:f4:ad:a2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
Validity
Not Before: Oct 19 10:03:04 2025 GMT
Not After : Oct 20 10:03:04 2025 GMT
Subject: CN=b431cad248e3e15432368b11bbe09aad28690684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ca:af:83:e0:b1:40:9e:bc:38:32:41:be:63:
b1:33:c1:2b:fa:e1:03:70:71:f5:dc:e1:bb:a4:0d:
60:94:8f:89:91:ed:62:b2:02:d2:66:48:3c:99:0d:
cf:5c:0c:01:38:ab:ae:be:de:39:84:0b:72:28:c0:
91:31:a6:83:0e:be:44:76:89:60:4a:a8:df:11:c3:
d9:f4:91:73:a5:93:87:2d:62:0f:c0:e6:c6:f6:09:
2e:ae:af:88:fd:32:7b:95:f3:d5:f8:3f:48:12:e6:
ec:13:67:0c:5a:3b:75:10:fa:5e:72:c5:1b:68:44:
c5:92:93:4d:53:85:0c:0f:ab:e8:8d:a8:da:43:8c:
c4:f4:fe:a1:1c:83:d3:86:bd:0a:f6:95:9c:af:d2:
fc:b5:d9:d6:c1:16:15:a6:00:ad:05:ff:e9:ca:b8:
55:7f:b4:20:36:d0:53:7a:a1:d3:08:89:bb:d2:94:
70:d8:03:63:20:7f:7a:25:12:46:83:d8:82:3f:20:
09:fb:b0:d2:13:44:fa:dc:3e:31:8e:70:9e:d0:ca:
24:e5:ff:4b:bc:e3:5b:a5:a7:9f:d0:45:6c:78:ca:
ac:20:c1:0d:d5:e4:a8:26:a7:be:72:1b:a0:65:6f:
5e:dd:45:b0:82:bb:e0:06:f5:68:55:34:b5:e4:b8:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:31:CA:D2:48:E3:E1:54:32:36:8B:11:BB:E0:9A:AD:28:69:06:84
X509v3 Authority Key Identifier:
keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:3c:fa:a2:7f:22:98:fe:e7:20:04:b3:9f:72:da:d5:51:85:
83:d4:c7:d6:c6:07:05:75:3d:3c:17:9a:55:f9:bd:42:4c:16:
8d:bb:97:01:39:bd:be:20:96:f5:22:26:a0:d7:54:f4:53:83:
44:45:4c:8c:c5:87:71:4d:63:e3:74:8f:c8:e4:aa:ae:47:e9:
99:cd:a2:d4:fb:26:3d:41:0e:9d:4b:33:6c:52:31:93:82:36:
28:d6:75:cc:bf:6f:61:dc:58:12:a7:cb:67:92:7e:eb:e5:af:
1a:96:05:97:8e:f7:31:db:39:21:6b:09:f0:d0:23:06:df:e0:
03:0c:87:e8:d9:80:d7:6c:ab:7f:ab:c1:ed:d5:41:3d:f6:f9:
8e:1f:41:8c:63:1a:d6:e3:29:b8:ee:61:77:83:88:b9:be:db:
ad:d1:69:06:8e:be:f4:90:f6:25:c3:06:57:e4:95:c3:9a:95:
a9:93:0b:da:91:18:61:40:6a:df:48:10:e2:8e:d7:8f:98:33:
16:06:b2:bd:29:fa:4c:c3:0b:9b:91:1f:c4:38:75:37:63:e0:
09:db:a6:55:70:b8:eb:98:57:f4:6f:ac:95:c9:6d:d3:33:5f:
9f:dd:87:01:95:39:d5:22:46:a3:33:ac:b4:5e:31:8d:12:bc:
c2:90:9c:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77DQpxOKA7f636Xz0raI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjUxMDE5MTAwMzA0WhcNMjUxMDIwMTAwMzA0WjAzMTEwLwYDVQQD
EyhiNDMxY2FkMjQ4ZTNlMTU0MzIzNjhiMTFiYmUwOWFhZDI4NjkwNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMqvg+CxQJ68ODJBvmOxM8Er+uED
cHH13OG7pA1glI+Jke1isgLSZkg8mQ3PXAwBOKuuvt45hAtyKMCRMaaDDr5Edolg
SqjfEcPZ9JFzpZOHLWIPwObG9gkurq+I/TJ7lfPV+D9IEubsE2cMWjt1EPpecsUb
aETFkpNNU4UMD6vojajaQ4zE9P6hHIPThr0K9pWcr9L8tdnWwRYVpgCtBf/pyrhV
f7QgNtBTeqHTCIm70pRw2ANjIH96JRJGg9iCPyAJ+7DSE0T63D4xjnCe0Mok5f9L
vONbpaef0EVseMqsIMEN1eSoJqe+chugZW9e3UWwgrvgBvVoVTS15LiW6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQxytJI4+FUMjaLEbvgmq0oaQaEMB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDz6on8i
mP7nIASzn3La1VGFg9TH1sYHBXU9PBeaVfm9QkwWjbuXATm9viCW9SImoNdU9FOD
REVMjMWHcU1j43SPyOSqrkfpmc2i1PsmPUEOnUszbFIxk4I2KNZ1zL9vYdxYEqfL
Z5J+6+WvGpYFl473Mds5IWsJ8NAjBt/gAwyH6NmA12yrf6vB7dVBPfb5jh9BjGMa
1uMpuO5hd4OIub7brdFpBo6+9JD2JcMGV+SVw5qVqZML2pEYYUBq30gQ4o7Xj5gz
FgayvSn6TMMLm5EfxDh1N2PgCdumVXC465hX9G+slclt0zNfn92HAZU51SJGozOs
tF4xjRK8wpCc8w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:19 2025 by rpki-client