Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File: rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier: NozS+aURdgEMVdS3+9dsH/GwP9ArswMPy61Rym/Xgrg=
Subject key identifier: 66:EB:0B:71:68:88:6F:67:00:3F:0F:37:78:79:A6:5F:35:9F:92:ED
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer: /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial: 0199FC586C32F6AE65BA11C91A9D1A70E8F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number: 0AF1
Signing time: Sun 19 Oct 2025 12:01:17 +0000
Manifest this update: Sun 19 Oct 2025 12:01:17 +0000
Manifest next update: Mon 20 Oct 2025 12:01:17 +0000
Files and hashes: 1: QsrgGtjjVfYUdnjVBy3FKVxOReM.roa (hash: /bct/glFTr5+fLpXRU1WLa/LnjLyQigL1zGVjyxrPQI=)
2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: SW02E5mBIilgUMzMEpHMY4KWt2zfKRyFFthc0GzSRro=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:6c:32:f6:ae:65:ba:11:c9:1a:9d:1a:70:e8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Validity
Not Before: Oct 19 12:01:17 2025 GMT
Not After : Oct 20 12:01:17 2025 GMT
Subject: CN=66eb0b7168886f67003f0f377879a65f359f92ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:65:5d:39:0c:0f:e6:fb:ce:f7:89:da:a9:9a:
f9:c5:75:16:ce:9b:79:3c:6c:43:ff:11:cb:45:43:
75:14:f0:c8:42:1a:f1:8d:e3:38:c6:58:d7:4a:1a:
b8:14:a5:6e:c4:c5:3d:bd:f4:b4:ef:02:cf:de:1a:
4f:54:4c:a7:f5:bb:66:42:28:80:a2:aa:a2:a0:29:
6a:80:c2:96:6a:64:e9:6c:1f:d1:81:a3:72:10:0c:
fb:a3:38:f8:61:9b:8a:b4:af:5d:38:58:ac:15:2d:
e0:84:f6:5c:f1:6f:d9:33:bf:05:62:93:b8:7a:48:
21:cc:51:1c:ae:57:19:d6:2f:4c:14:f2:d3:19:9f:
57:7d:f6:d4:6c:65:a2:fe:73:4b:ce:bc:2f:2e:69:
10:2e:ca:eb:5e:27:e4:5a:80:4a:be:2a:92:e4:17:
de:6e:93:05:12:0e:66:9d:2f:b7:99:7c:57:82:ae:
c3:97:5c:52:98:2d:23:27:21:ad:a0:76:d1:a9:e0:
5d:59:2e:96:41:c9:66:29:cf:7a:33:a6:68:42:f9:
97:ad:c1:3e:6b:e7:d6:6d:7b:d0:e9:06:29:6c:55:
21:ab:8d:9d:d0:2b:c2:d3:2a:8f:49:f0:70:cd:e1:
c0:1c:e0:fa:c4:79:ca:c2:32:ee:4e:75:23:fc:51:
0e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EB:0B:71:68:88:6F:67:00:3F:0F:37:78:79:A6:5F:35:9F:92:ED
X509v3 Authority Key Identifier:
keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:1b:f6:43:f8:0a:48:65:85:27:09:eb:27:cd:ae:38:63:01:
47:f3:46:19:da:3b:4a:06:42:ce:38:25:20:93:30:ce:57:8e:
9e:b3:7d:d8:48:5b:1e:54:32:60:1c:5f:1d:76:29:f2:6a:51:
bb:de:3d:4e:70:17:7a:3a:77:d3:b2:20:ea:97:a7:65:67:9d:
25:2a:89:c2:30:b2:c6:00:4f:56:a3:38:26:56:c2:0b:a1:89:
9f:ec:4a:fc:4b:8a:48:fe:5f:ce:4d:b8:d6:6a:4e:d7:0b:82:
b2:e0:ce:e5:21:28:c9:71:e5:7e:62:2d:1b:12:30:66:46:c9:
63:51:f0:e0:6a:c1:12:50:be:5b:9d:8d:cc:97:9f:d4:65:e1:
83:78:b3:1b:bc:2f:8e:09:46:cc:e4:ff:3d:71:50:4c:e2:3c:
47:e6:d1:11:60:bf:f9:30:cf:ae:f4:24:d5:13:3a:13:13:c0:
cd:e7:cc:39:50:ef:0a:90:38:1d:70:1a:e5:b8:62:f8:25:de:
dc:3a:a5:0a:95:46:ad:8d:4b:88:6c:72:1e:4d:51:71:9e:4c:
b9:4e:2b:b6:5c:f4:b1:c3:f1:2e:cf:3a:bc:f4:0f:62:46:8d:
90:79:16:7c:18:f1:1e:7e:db:ac:67:e4:83:3e:87:e2:57:b7:
e0:de:6c:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WGwy9q5luhHJGp0acOj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjUxMDE5MTIwMTE3WhcNMjUxMDIwMTIwMTE3WjAzMTEwLwYDVQQD
Eyg2NmViMGI3MTY4ODg2ZjY3MDAzZjBmMzc3ODc5YTY1ZjM1OWY5MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WVdOQwP5vvO94naqZr5xXUWzpt5
PGxD/xHLRUN1FPDIQhrxjeM4xljXShq4FKVuxMU9vfS07wLP3hpPVEyn9btmQiiA
oqqioClqgMKWamTpbB/RgaNyEAz7ozj4YZuKtK9dOFisFS3ghPZc8W/ZM78FYpO4
ekghzFEcrlcZ1i9MFPLTGZ9XffbUbGWi/nNLzrwvLmkQLsrrXifkWoBKviqS5Bfe
bpMFEg5mnS+3mXxXgq7Dl1xSmC0jJyGtoHbRqeBdWS6WQclmKc96M6ZoQvmXrcE+
a+fWbXvQ6QYpbFUhq42d0CvC0yqPSfBwzeHAHOD6xHnKwjLuTnUj/FEO0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbrC3FoiG9nAD8PN3h5pl81n5LtMB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqRv2Q/gK
SGWFJwnrJ82uOGMBR/NGGdo7SgZCzjglIJMwzleOnrN92EhbHlQyYBxfHXYp8mpR
u949TnAXejp307Ig6penZWedJSqJwjCyxgBPVqM4JlbCC6GJn+xK/EuKSP5fzk24
1mpO1wuCsuDO5SEoyXHlfmItGxIwZkbJY1Hw4GrBElC+W52NzJef1GXhg3izG7wv
jglGzOT/PXFQTOI8R+bREWC/+TDPrvQk1RM6ExPAzefMOVDvCpA4HXAa5bhi+CXe
3DqlCpVGrY1LiGxyHk1RcZ5MuU4rtlz0scPxLs86vPQPYkaNkHkWfBjxHn7brGfk
gz6H4le34N5sSg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:18:51 2025 by rpki-client