Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: D+gRgMBxUTuszYEfMRDX6PN6EeelzQhoqzxkVP5bWl0=
Subject key identifier: 8F:88:40:70:8B:7B:BA:46:2E:37:49:90:6A:40:CC:A3:E6:F4:F4:00
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 0199FD6B061508521FAEFA003D3301F99596
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 1336
Signing time: Sun 19 Oct 2025 17:01:13 +0000
Manifest this update: Sun 19 Oct 2025 17:01:13 +0000
Manifest next update: Mon 20 Oct 2025 17:01:13 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: 5a2d+IG/Mbdx95bfrgijUe3ZuhmHfoh9ULnXV/XZd5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:06:15:08:52:1f:ae:fa:00:3d:33:01:f9:95:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Oct 19 17:01:13 2025 GMT
Not After : Oct 20 17:01:13 2025 GMT
Subject: CN=8f8840708b7bba462e3749906a40cca3e6f4f400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:2e:29:92:30:05:01:1c:65:b0:7c:7d:07:
32:f4:4c:56:77:eb:9d:3e:4f:87:76:f1:b9:fe:cf:
e2:d8:f0:bd:d1:34:a6:3d:ee:c5:49:91:38:2a:7e:
a0:e4:1d:96:76:2a:5e:6d:49:a8:4c:84:d5:6f:f0:
c0:55:bc:b0:67:70:95:f8:bc:40:cc:ef:88:05:14:
29:7b:d1:75:e1:32:4a:21:f5:3f:ca:25:6d:de:c0:
4b:0d:0d:41:a4:3b:d4:85:32:6b:bb:2a:10:c5:43:
75:54:2d:68:40:cc:6a:80:5c:ce:12:d0:35:3d:ee:
ea:11:df:79:c3:d1:40:b6:03:9f:53:67:75:f5:96:
58:71:d8:3b:1b:bc:8a:08:5f:9e:e3:b3:7c:ff:36:
1c:17:36:c3:d9:64:76:56:6b:62:e6:96:4c:53:c2:
a1:ed:3e:6f:b5:98:0c:50:5f:6f:23:c9:33:52:97:
2d:53:40:88:4a:8d:6d:09:3b:a7:93:fd:01:3a:aa:
fc:7f:2c:2a:d5:75:9a:58:17:a3:56:7a:7f:e0:c8:
1f:07:0a:75:ef:cb:3a:8d:19:cc:97:07:3f:a3:83:
0a:f0:68:26:9d:91:32:0d:e3:66:00:7d:2b:9e:dd:
64:e8:ee:75:c4:7f:fb:71:a3:0a:a5:4e:78:0d:32:
09:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:88:40:70:8B:7B:BA:46:2E:37:49:90:6A:40:CC:A3:E6:F4:F4:00
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:94:52:0d:89:37:54:04:34:a8:36:c7:b4:c5:98:48:d2:fc:
50:54:b0:2e:38:bc:8d:a1:6b:69:a1:8c:03:fb:a9:3e:94:15:
cc:3b:27:c0:c4:cb:20:5e:c7:f5:de:ad:41:84:73:9d:b2:96:
cc:e5:ed:06:9a:52:10:6b:43:da:d8:38:27:be:67:69:5f:d7:
6c:9f:2e:55:90:5d:84:99:6a:5e:65:9c:eb:2b:a9:d0:49:52:
ef:18:65:5c:05:e7:4b:0f:63:a4:2d:37:e8:5e:97:fc:2a:b3:
3b:d6:89:48:9a:0d:d4:30:18:94:3a:51:e9:6d:82:32:65:63:
79:45:02:91:12:70:4b:e6:b2:9f:9d:c5:34:be:2f:6d:0b:64:
01:ea:fd:c8:f4:64:67:ef:3b:87:7a:1f:12:94:94:4b:c7:d0:
5c:a2:10:1c:91:14:79:3c:d9:76:09:86:33:2b:78:56:54:c9:
e4:b2:28:38:37:30:e5:5e:bf:24:2f:d1:51:ed:3e:c2:44:54:
d3:dd:20:4d:a0:62:ac:d5:52:f6:f3:78:d9:3a:57:00:27:28:
73:b8:fa:64:ef:90:cf:15:b5:b9:67:51:f0:4f:6a:e2:18:89:
17:d0:cb:05:d9:46:c2:fb:bd:31:c7:17:54:a5:4a:c9:eb:2c:
e5:a2:12:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9awYVCFIfrvoAPTMB+ZWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUxMDE5MTcwMTEzWhcNMjUxMDIwMTcwMTEzWjAzMTEwLwYDVQQD
Eyg4Zjg4NDA3MDhiN2JiYTQ2MmUzNzQ5OTA2YTQwY2NhM2U2ZjRmNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDwuKZIwBQEcZbB8fQcy9ExWd+ud
Pk+HdvG5/s/i2PC90TSmPe7FSZE4Kn6g5B2WdipebUmoTITVb/DAVbywZ3CV+LxA
zO+IBRQpe9F14TJKIfU/yiVt3sBLDQ1BpDvUhTJruyoQxUN1VC1oQMxqgFzOEtA1
Pe7qEd95w9FAtgOfU2d19ZZYcdg7G7yKCF+e47N8/zYcFzbD2WR2Vmti5pZMU8Kh
7T5vtZgMUF9vI8kzUpctU0CISo1tCTunk/0BOqr8fywq1XWaWBejVnp/4MgfBwp1
78s6jRnMlwc/o4MK8GgmnZEyDeNmAH0rnt1k6O51xH/7caMKpU54DTIJ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+IQHCLe7pGLjdJkGpAzKPm9PQAMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZRSDYk3
VAQ0qDbHtMWYSNL8UFSwLji8jaFraaGMA/upPpQVzDsnwMTLIF7H9d6tQYRznbKW
zOXtBppSEGtD2tg4J75naV/XbJ8uVZBdhJlqXmWc6yup0ElS7xhlXAXnSw9jpC03
6F6X/CqzO9aJSJoN1DAYlDpR6W2CMmVjeUUCkRJwS+ayn53FNL4vbQtkAer9yPRk
Z+87h3ofEpSUS8fQXKIQHJEUeTzZdgmGMyt4VlTJ5LIoODcw5V6/JC/RUe0+wkRU
090gTaBirNVS9vN42TpXACcoc7j6ZO+QzxW1uWdR8E9q4hiJF9DLBdlGwvu9MccX
VKVKyess5aISgw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:32:19 2025 by rpki-client