Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: 4VUdNtcnppnodnLZU0dp4CtwicbZJmCmUzhzrC2sWqw=
Subject key identifier: B7:04:FC:B8:18:80:73:A6:DB:E1:42:C4:7D:1D:21:9B:EE:80:02:57
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0199FDD90BEA4202D819BEF56C58CF70DE5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 16E5
Signing time: Sun 19 Oct 2025 19:01:23 +0000
Manifest this update: Sun 19 Oct 2025 19:01:23 +0000
Manifest next update: Mon 20 Oct 2025 19:01:23 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: 6LehxNdgn9pRfEfh8Jm741Q2iWn/vsSA8cAi7RFlcBs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:0b:ea:42:02:d8:19:be:f5:6c:58:cf:70:de:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Oct 19 19:01:23 2025 GMT
Not After : Oct 20 19:01:23 2025 GMT
Subject: CN=b704fcb8188073a6dbe142c47d1d219bee800257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:b1:88:d5:5f:98:8c:9b:e6:e0:90:ed:0c:
c3:56:7b:bd:33:00:cc:0a:d8:ae:1d:c5:3f:7f:4c:
1c:bf:b9:c0:a5:ae:1c:ce:17:cb:0c:4a:ac:46:ea:
bb:c6:c9:ec:33:3f:c7:4d:a3:b7:b2:da:41:88:47:
84:62:c2:7e:49:3c:12:94:64:af:ff:d9:fd:79:97:
e1:40:17:b9:1f:9b:27:0b:91:eb:96:41:18:00:56:
dc:4a:02:12:79:25:f1:0b:89:db:68:09:48:be:5d:
49:8e:c6:5d:a3:c7:66:2e:e3:0c:49:5f:d5:db:04:
ac:79:e0:9d:6d:ee:67:01:95:75:d2:d3:43:9e:4c:
05:47:cf:75:5a:b8:30:ba:01:1f:f6:c1:97:3c:83:
a0:26:6a:f4:ac:3e:1b:9e:12:05:c1:8b:91:6c:e2:
49:90:23:b9:94:24:dc:3e:6c:3c:9a:58:39:43:dc:
15:8e:57:d8:7e:35:3c:a0:b5:ab:9c:5d:be:38:8e:
a6:3f:17:7d:ef:d1:64:dc:93:b6:8d:5b:4b:c4:b7:
18:74:24:dd:e2:b7:e0:34:3d:01:14:3c:77:f5:93:
fa:76:d7:2b:ab:e4:48:28:ee:65:af:df:41:09:2d:
3e:e9:62:f6:77:92:8b:3a:d3:f0:dc:af:7b:17:a8:
f7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:04:FC:B8:18:80:73:A6:DB:E1:42:C4:7D:1D:21:9B:EE:80:02:57
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:ff:6e:ed:18:98:30:fe:d7:2c:fa:df:7c:b5:4e:ce:59:0b:
23:e8:b7:b5:83:4a:f3:36:ae:33:04:35:ee:68:01:6d:e1:0b:
2b:60:48:14:20:5e:33:cd:6c:0f:8d:35:5f:44:63:88:11:60:
78:81:e9:81:49:1a:d5:64:4d:ff:22:b8:55:5d:d8:7d:58:72:
33:bc:ce:2a:60:ae:f5:79:fe:16:8e:04:0c:f4:a5:79:66:90:
e9:49:0b:9b:f1:bc:3b:8e:36:70:ac:16:45:ad:79:74:b0:6b:
77:ed:9a:53:24:1f:7b:a9:6c:a8:f6:27:a1:45:c9:ee:b7:3e:
96:58:63:c0:4d:b3:33:48:c2:b7:7f:b9:5d:5d:43:2e:7a:c3:
14:68:21:aa:b4:e3:48:f9:f8:0e:ce:ef:7f:cc:0f:e8:e2:fc:
d6:08:49:be:2c:a7:75:ef:a0:9b:7a:61:9e:09:d8:fd:ad:28:
2b:5d:b0:94:af:bc:75:3a:b2:0e:5c:d8:19:47:83:9a:d0:13:
8c:5c:a8:09:99:b6:31:ac:df:0a:f3:8b:84:8a:87:59:fc:c2:
d8:61:33:75:b7:95:34:12:af:3f:47:38:9a:2d:40:36:72:8b:
aa:5a:f5:c9:cf:17:b6:01:e4:3e:c9:32:c5:66:33:b8:f0:5b:
f5:98:f5:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92QvqQgLYGb71bFjPcN5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUxMDE5MTkwMTIzWhcNMjUxMDIwMTkwMTIzWjAzMTEwLwYDVQQD
EyhiNzA0ZmNiODE4ODA3M2E2ZGJlMTQyYzQ3ZDFkMjE5YmVlODAwMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CqxiNVfmIyb5uCQ7QzDVnu9MwDM
CtiuHcU/f0wcv7nApa4czhfLDEqsRuq7xsnsMz/HTaO3stpBiEeEYsJ+STwSlGSv
/9n9eZfhQBe5H5snC5HrlkEYAFbcSgISeSXxC4nbaAlIvl1JjsZdo8dmLuMMSV/V
2wSseeCdbe5nAZV10tNDnkwFR891WrgwugEf9sGXPIOgJmr0rD4bnhIFwYuRbOJJ
kCO5lCTcPmw8mlg5Q9wVjlfYfjU8oLWrnF2+OI6mPxd979Fk3JO2jVtLxLcYdCTd
4rfgND0BFDx39ZP6dtcrq+RIKO5lr99BCS0+6WL2d5KLOtPw3K97F6j3VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcE/LgYgHOm2+FCxH0dIZvugAJXMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMP9u7RiY
MP7XLPrffLVOzlkLI+i3tYNK8zauMwQ17mgBbeELK2BIFCBeM81sD401X0RjiBFg
eIHpgUka1WRN/yK4VV3YfVhyM7zOKmCu9Xn+Fo4EDPSleWaQ6UkLm/G8O442cKwW
Ra15dLBrd+2aUyQfe6lsqPYnoUXJ7rc+llhjwE2zM0jCt3+5XV1DLnrDFGghqrTj
SPn4Ds7vf8wP6OL81ghJviynde+gm3phngnY/a0oK12wlK+8dTqyDlzYGUeDmtAT
jFyoCZm2MazfCvOLhIqHWfzC2GEzdbeVNBKvP0c4mi1ANnKLqlr1yc8XtgHkPsky
xWYzuPBb9Zj1jA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:47:25 2025 by rpki-client