Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
File: aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft (raw, json)
Hash identifier: djY/R8BNVeijSvHFtiJFDNetNfLZEADbXN1RKw7Jpqs=
Subject key identifier: 21:88:3D:B3:08:69:B4:31:65:7E:DF:5B:07:C7:FC:AC:22:7B:00:5C
Authority key identifier: 68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
Certificate issuer: /CN=683b33dc7218b3fe883c49505134cb39a664fd28
Certificate serial: 0199FBEAF4ACA382E55A65FA2DF964F1CBCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
Manifest number: 0B4B
Signing time: Sun 19 Oct 2025 10:01:43 +0000
Manifest this update: Sun 19 Oct 2025 10:01:43 +0000
Manifest next update: Mon 20 Oct 2025 10:01:43 +0000
Files and hashes: 1: PecnHh8YFMYIBEgD1PQBC-sYFMY.roa (hash: G67Iyj0Q7isunYlJO9b465cfL0xQGyEo+TS/2SlDQcA=)
2: aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl (hash: lfFKUDtOZZht3Qn5Ly/5E+19d+wqRZVPUYbsp5POcjs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:f4:ac:a3:82:e5:5a:65:fa:2d:f9:64:f1:cb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=683b33dc7218b3fe883c49505134cb39a664fd28
Validity
Not Before: Oct 19 10:01:43 2025 GMT
Not After : Oct 20 10:01:43 2025 GMT
Subject: CN=21883db30869b431657edf5b07c7fcac227b005c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:44:d8:6c:ea:68:11:4b:26:79:4b:ac:bf:ac:
12:65:c9:d6:46:71:0f:21:51:a6:e1:57:75:0b:5d:
28:10:47:2b:4c:b9:20:3d:d6:fa:52:84:92:0a:41:
57:82:2a:5b:47:fc:69:22:09:a9:0d:bf:b9:a0:c7:
37:dd:1f:39:6c:e3:00:b7:31:77:48:d5:89:c1:ac:
2d:84:0f:e4:1c:44:6e:9a:09:be:2b:67:c6:93:26:
35:ce:7f:21:70:61:0a:0a:58:fa:03:bb:56:3c:6c:
60:22:5a:41:4d:50:1b:e1:7a:56:1f:f8:84:91:e9:
f4:90:3e:31:65:f6:85:80:c3:ef:71:45:da:78:72:
a5:3e:d4:70:62:c6:e6:59:bc:99:75:30:76:aa:fc:
e0:1e:87:6c:a8:ed:c5:b3:d7:f9:8f:d7:d6:90:64:
7f:60:bb:d2:ea:ce:6a:f5:05:06:5b:58:08:1b:30:
47:c3:a7:b3:66:b7:d0:e5:b9:49:6f:fb:46:c8:c3:
87:06:86:03:bb:c8:47:f1:b0:ac:9f:6e:8d:91:ea:
be:e3:c1:fe:0d:46:f8:16:2d:88:8d:97:36:2e:f3:
22:7a:a5:54:32:07:4b:7b:91:9d:af:93:fb:e1:cb:
ff:48:1f:b3:04:2e:05:07:4f:df:b3:9d:8b:4f:e2:
5c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:88:3D:B3:08:69:B4:31:65:7E:DF:5B:07:C7:FC:AC:22:7B:00:5C
X509v3 Authority Key Identifier:
keyid:68:3B:33:DC:72:18:B3:FE:88:3C:49:50:51:34:CB:39:A6:64:FD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDsz3HIYs_6IPElQUTTLOaZk_Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3e00-3c96-4cde-b81a-14c6b954d976/1/aDsz3HIYs_6IPElQUTTLOaZk_Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:1f:37:db:57:4c:47:ff:78:77:be:d9:ff:9d:a3:41:f6:80:
09:94:8a:e9:44:13:47:5b:af:4c:ad:9b:1c:f9:d0:ec:5f:ee:
9e:ce:51:e0:41:4f:32:50:f5:58:21:e6:9d:ac:33:a2:81:3c:
6d:18:ea:35:67:a3:90:a2:c3:9f:e2:15:00:36:56:c2:c4:be:
78:40:5f:d6:69:18:f5:5f:6b:ea:a1:d2:14:6f:28:ea:d1:92:
dd:11:fc:60:0d:98:04:7e:4f:fd:a6:5c:0f:b0:0f:e4:db:ad:
84:67:e1:c7:4b:c9:8d:49:76:09:d9:fc:55:ef:b9:62:92:3b:
d8:57:8d:42:4d:2e:c6:38:c1:ba:54:96:a5:4a:0c:32:3c:1b:
41:98:a1:c6:25:08:79:a8:28:79:d2:8d:6b:87:4a:8d:4f:05:
c2:14:30:ae:d9:36:69:dd:5f:45:ad:36:41:cc:33:88:97:72:
16:59:42:08:80:b3:a3:ed:77:8b:a0:60:10:36:14:54:1f:27:
88:7e:5a:16:9e:14:f9:92:2d:d9:9c:70:70:76:29:eb:95:78:
fb:ee:81:b0:1f:fe:02:15:6d:63:04:f4:70:dc:e0:b3:cc:65:
53:7a:9a:c0:3a:79:9a:24:24:60:ce:b3:49:8f:7b:d9:bd:ba:
d6:61:ae:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76vSso4LlWmX6Lflk8cvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4M2IzM2RjNzIxOGIzZmU4ODNjNDk1MDUxMzRjYjM5YTY2
NGZkMjgwHhcNMjUxMDE5MTAwMTQzWhcNMjUxMDIwMTAwMTQzWjAzMTEwLwYDVQQD
EygyMTg4M2RiMzA4NjliNDMxNjU3ZWRmNWIwN2M3ZmNhYzIyN2IwMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0TYbOpoEUsmeUusv6wSZcnWRnEP
IVGm4Vd1C10oEEcrTLkgPdb6UoSSCkFXgipbR/xpIgmpDb+5oMc33R85bOMAtzF3
SNWJwawthA/kHERumgm+K2fGkyY1zn8hcGEKClj6A7tWPGxgIlpBTVAb4XpWH/iE
ken0kD4xZfaFgMPvcUXaeHKlPtRwYsbmWbyZdTB2qvzgHodsqO3Fs9f5j9fWkGR/
YLvS6s5q9QUGW1gIGzBHw6ezZrfQ5blJb/tGyMOHBoYDu8hH8bCsn26Nkeq+48H+
DUb4Fi2IjZc2LvMieqVUMgdLe5Gdr5P74cv/SB+zBC4FB0/fs52LT+JcmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGIPbMIabQxZX7fWwfH/KwiewBcMB8GA1UdIwQY
MBaAFGg7M9xyGLP+iDxJUFE0yzmmZP0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEt
MTRjNmI5NTRkOTc2LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTNlMDAtM2M5Ni00Y2RlLWI4MWEtMTRjNmI5NTRkOTc2
LzEvYURzejNISVlzXzZJUEVsUVVUVExPYVprX1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWR8321dM
R/94d77Z/52jQfaACZSK6UQTR1uvTK2bHPnQ7F/uns5R4EFPMlD1WCHmnawzooE8
bRjqNWejkKLDn+IVADZWwsS+eEBf1mkY9V9r6qHSFG8o6tGS3RH8YA2YBH5P/aZc
D7AP5NuthGfhx0vJjUl2Cdn8Ve+5YpI72FeNQk0uxjjBulSWpUoMMjwbQZihxiUI
eagoedKNa4dKjU8FwhQwrtk2ad1fRa02QcwziJdyFllCCICzo+13i6BgEDYUVB8n
iH5aFp4U+ZIt2ZxwcHYp65V4++6BsB/+AhVtYwT0cNzgs8xlU3qawDp5miQkYM6z
SY972b261mGuvg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:30:25 2025 by rpki-client