Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: pZ+w3Jbso2mDQmO96cR8orMlsK27IgslT4t/QMuAhzQ=
Subject key identifier: D7:7C:48:A5:89:F3:9F:35:89:FE:2D:07:48:DB:5D:04:BE:6D:6D:F8
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 0199FB0F1AC617974CE13B2CD1D0BC3EB5E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0AD2
Signing time: Sun 19 Oct 2025 06:01:34 +0000
Manifest this update: Sun 19 Oct 2025 06:01:34 +0000
Manifest next update: Mon 20 Oct 2025 06:01:34 +0000
Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: AO/G0VjGbF1x8PiKLtXQ99BpLEnew3p9UVMqh3THsZ4=)
2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:0f:1a:c6:17:97:4c:e1:3b:2c:d1:d0:bc:3e:b5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Oct 19 06:01:34 2025 GMT
Not After : Oct 20 06:01:34 2025 GMT
Subject: CN=d77c48a589f39f3589fe2d0748db5d04be6d6df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:7c:db:cf:e6:45:73:84:97:a8:31:05:e1:
5b:2f:03:6d:e8:8a:33:e4:f4:cf:b2:8b:c6:52:d1:
db:05:ee:dc:41:3b:4e:f9:76:b3:e8:c4:21:b9:60:
bb:5d:a4:53:ca:6f:f0:c3:79:a3:8e:59:27:3a:54:
b4:85:bc:d9:40:43:96:61:f4:df:70:f2:39:b8:91:
c3:26:95:44:5e:b8:53:be:6e:5c:83:78:7f:bd:f5:
c7:3a:38:50:3e:30:5f:59:96:94:03:44:72:be:84:
08:f9:d4:85:82:36:4d:ee:f0:aa:5b:97:14:dd:09:
66:d2:95:1b:51:de:c1:38:d9:c7:6b:44:ba:24:bb:
be:8c:16:ed:75:36:03:3f:9a:2d:b6:af:56:a9:19:
52:ed:98:a1:bd:2e:64:b7:7c:e4:3d:b1:62:47:90:
f9:ac:cf:91:45:7e:b4:51:e9:0e:83:14:c9:91:61:
ef:fb:a0:59:7d:c6:fb:d5:ea:ee:de:8d:6d:a8:d5:
74:19:9f:50:71:07:8a:3d:87:b2:a3:4f:b9:d8:ce:
de:67:59:c7:5a:6a:81:94:bf:10:f1:46:3b:e0:47:
e3:70:81:40:cd:12:42:1d:26:67:9b:df:f3:e9:60:
42:6f:6b:0c:94:91:72:03:21:81:b9:eb:70:01:f9:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7C:48:A5:89:F3:9F:35:89:FE:2D:07:48:DB:5D:04:BE:6D:6D:F8
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:85:33:32:1b:35:89:28:36:fa:a2:4f:ae:c5:6d:8d:b0:fa:
d5:53:84:25:a3:34:13:e5:66:63:20:a8:a2:e9:1e:2f:6a:72:
32:a1:d9:67:f7:63:dc:81:ed:31:af:0c:db:9a:9d:92:55:78:
e1:f3:5f:ef:15:ee:3f:db:40:11:ac:81:9e:b0:ff:5b:96:6f:
f9:4b:e2:54:b1:4c:10:6d:bf:51:af:3c:84:68:10:bd:bc:46:
e1:cd:77:b3:9f:a6:43:cf:2e:07:a1:cb:75:d4:0d:61:8a:7a:
d4:17:fc:ff:de:ec:b0:4e:7d:07:43:df:66:ba:51:ac:1a:29:
3d:f4:97:2b:d7:60:b7:de:6e:0b:92:80:fe:f4:d8:87:92:42:
95:50:d1:3b:4e:3c:68:fb:a5:91:59:42:8e:63:41:86:b7:eb:
03:d6:9f:23:bf:ff:3e:f6:11:22:86:94:dc:18:c7:e6:06:17:
5c:09:2e:59:59:df:78:4b:7a:7b:fd:0a:ce:98:17:c9:51:6a:
44:f0:54:9d:1a:a7:af:11:8d:a1:c6:62:23:6d:e5:8a:58:5e:
da:18:3e:9b:c9:da:20:11:7f:02:86:86:91:ae:02:ae:5b:4d:
00:27:66:56:af:3c:cc:52:c9:eb:af:cd:53:e3:ff:48:ec:7d:
c1:0d:0d:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DxrGF5dM4Tss0dC8PrXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjUxMDE5MDYwMTM0WhcNMjUxMDIwMDYwMTM0WjAzMTEwLwYDVQQD
EyhkNzdjNDhhNTg5ZjM5ZjM1ODlmZTJkMDc0OGRiNWQwNGJlNmQ2ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtil828/mRXOEl6gxBeFbLwNt6Ioz
5PTPsovGUtHbBe7cQTtO+Xaz6MQhuWC7XaRTym/ww3mjjlknOlS0hbzZQEOWYfTf
cPI5uJHDJpVEXrhTvm5cg3h/vfXHOjhQPjBfWZaUA0RyvoQI+dSFgjZN7vCqW5cU
3Qlm0pUbUd7BONnHa0S6JLu+jBbtdTYDP5ottq9WqRlS7ZihvS5kt3zkPbFiR5D5
rM+RRX60UekOgxTJkWHv+6BZfcb71eru3o1tqNV0GZ9QcQeKPYeyo0+52M7eZ1nH
WmqBlL8Q8UY74EfjcIFAzRJCHSZnm9/z6WBCb2sMlJFyAyGBuetwAfnNQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNd8SKWJ8581if4tB0jbXQS+bW34MB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoUzMhs1
iSg2+qJPrsVtjbD61VOEJaM0E+VmYyCooukeL2pyMqHZZ/dj3IHtMa8M25qdklV4
4fNf7xXuP9tAEayBnrD/W5Zv+UviVLFMEG2/Ua88hGgQvbxG4c13s5+mQ88uB6HL
ddQNYYp61Bf8/97ssE59B0PfZrpRrBopPfSXK9dgt95uC5KA/vTYh5JClVDRO048
aPulkVlCjmNBhrfrA9afI7//PvYRIoaU3BjH5gYXXAkuWVnfeEt6e/0KzpgXyVFq
RPBUnRqnrxGNocZiI23lilhe2hg+m8naIBF/AoaGka4CrltNACdmVq88zFLJ66/N
U+P/SOx9wQ0NTQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:06:49 2025 by rpki-client