Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json)
Hash identifier: OrRDfvY2Xpgpy0MsNrNU4UGUZepICc7r6vQAdmg3y7Y=
Subject key identifier: D9:6C:80:89:51:94:CA:A0:5B:1C:48:E0:16:1E:B6:55:ED:FE:FE:22
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 0199FFFE55FA04D2E614622863355F2E4D8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
Manifest number: 16F0
Signing time: Mon 20 Oct 2025 05:01:22 +0000
Manifest this update: Mon 20 Oct 2025 05:01:22 +0000
Manifest next update: Tue 21 Oct 2025 05:01:22 +0000
Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=)
2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: 8WegEEBxdXFOaxMssDfhL8CfmYVGFxbFG4arPrirUQg=)
3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:55:fa:04:d2:e6:14:62:28:63:35:5f:2e:4d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Oct 20 05:01:22 2025 GMT
Not After : Oct 21 05:01:22 2025 GMT
Subject: CN=d96c80895194caa05b1c48e0161eb655edfefe22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4f:9f:f9:3f:e4:bb:de:84:ff:20:ba:06:ee:
6c:46:6f:b5:4c:76:9d:d1:c1:29:dc:03:9e:e0:d6:
59:d0:c0:df:54:53:f5:ed:5e:32:e6:0b:6d:fa:87:
f7:68:33:88:4b:e2:95:1c:40:2a:d7:7b:a0:9a:69:
6f:ce:08:49:91:75:0e:a4:94:6e:5a:1f:49:df:f3:
70:60:bb:65:20:47:98:3a:79:fc:af:86:83:c1:f6:
6d:c8:0f:f2:ca:19:7a:37:31:85:96:e2:36:59:cd:
8b:61:99:c2:d6:8f:70:b4:a6:e8:b9:57:2d:cc:c6:
c5:a0:8c:d3:c8:ef:08:bf:d5:38:ef:89:ff:51:2d:
c6:b1:19:0f:6a:c8:3c:fa:41:77:d3:8c:66:5f:ef:
eb:c4:0b:5d:3a:9b:e6:ff:a0:64:1b:90:4a:39:cc:
59:44:13:89:00:89:54:0c:c3:02:3f:49:77:53:bc:
f0:72:27:54:8b:1e:c7:9b:66:0a:a6:7f:30:e7:c7:
fc:9d:3c:35:d0:5a:fa:6c:4d:9b:71:9b:71:67:c3:
0e:bf:88:cd:71:50:43:46:93:b4:1f:70:b4:de:3f:
1f:00:16:73:7a:f4:b6:86:c8:fc:56:de:2c:91:24:
f5:b2:92:04:24:4d:47:b4:49:ea:d9:da:37:ab:a3:
e9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6C:80:89:51:94:CA:A0:5B:1C:48:E0:16:1E:B6:55:ED:FE:FE:22
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:10:96:51:d9:f1:5c:3d:65:6b:4b:c0:5a:1d:42:6e:65:bc:
e6:04:88:8d:f9:9b:27:21:36:fc:93:58:11:2e:81:d2:15:dd:
0b:e3:73:41:df:0e:ca:e6:7b:70:77:79:cd:fd:a0:13:b0:69:
39:4c:75:82:ef:37:7e:6b:33:19:ce:0b:39:29:d7:e0:15:d1:
07:22:e5:31:be:d1:c2:00:0b:82:d9:a8:f1:bb:00:ca:fa:54:
ba:9b:b1:50:3c:f0:1d:63:ec:cf:ef:da:db:75:7a:6b:c3:28:
b6:1c:25:1a:c3:77:cb:f6:9a:e6:43:3f:dd:15:9f:af:fc:02:
41:0d:e9:b6:dc:8a:2e:87:83:44:bc:9e:91:28:c4:1d:83:e5:
ac:78:e2:9c:e5:c1:44:e0:76:4e:7d:f3:51:bd:c3:3c:fc:c5:
8b:c5:9e:3c:9e:eb:21:bf:f7:5c:db:c3:f5:2a:58:cc:13:ec:
77:51:0f:d9:f7:f0:1f:0f:a0:39:98:3b:5b:39:31:97:41:ed:
61:0d:01:ba:d7:dd:dd:15:ac:07:d6:64:b0:a8:7d:55:da:70:
b3:39:e7:0f:72:35:fc:36:d3:0a:c4:72:8b:b4:cf:ce:76:0d:
87:ff:17:e5:b0:37:34:e0:c8:a3:db:2a:35:0f:9e:49:2f:24:
a8:3c:b5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//lX6BNLmFGIoYzVfLk2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUxMDIwMDUwMTIyWhcNMjUxMDIxMDUwMTIyWjAzMTEwLwYDVQQD
EyhkOTZjODA4OTUxOTRjYWEwNWIxYzQ4ZTAxNjFlYjY1NWVkZmVmZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0+f+T/ku96E/yC6Bu5sRm+1THad
0cEp3AOe4NZZ0MDfVFP17V4y5gtt+of3aDOIS+KVHEAq13ugmmlvzghJkXUOpJRu
Wh9J3/NwYLtlIEeYOnn8r4aDwfZtyA/yyhl6NzGFluI2Wc2LYZnC1o9wtKbouVct
zMbFoIzTyO8Iv9U474n/US3GsRkPasg8+kF304xmX+/rxAtdOpvm/6BkG5BKOcxZ
RBOJAIlUDMMCP0l3U7zwcidUix7Hm2YKpn8w58f8nTw10Fr6bE2bcZtxZ8MOv4jN
cVBDRpO0H3C03j8fABZzevS2hsj8Vt4skST1spIEJE1HtEnq2do3q6Pp5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlsgIlRlMqgWxxI4BYetlXt/v4iMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArBCWUdnx
XD1la0vAWh1CbmW85gSIjfmbJyE2/JNYES6B0hXdC+NzQd8OyuZ7cHd5zf2gE7Bp
OUx1gu83fmszGc4LOSnX4BXRByLlMb7RwgALgtmo8bsAyvpUupuxUDzwHWPsz+/a
23V6a8MothwlGsN3y/aa5kM/3RWfr/wCQQ3pttyKLoeDRLyekSjEHYPlrHjinOXB
ROB2Tn3zUb3DPPzFi8WePJ7rIb/3XNvD9SpYzBPsd1EP2ffwHw+gOZg7Wzkxl0Ht
YQ0Butfd3RWsB9ZksKh9VdpwsznnD3I1/DbTCsRyi7TPznYNh/8X5bA3NODIo9sq
NQ+eSS8kqDy1Lw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:14:42 2025 by rpki-client