Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: J3hQqpcXwYRKSmZV0TAHv59yKTioaWWotKdEjYhQlz0=
Subject key identifier: CC:2A:F5:C7:6D:EB:24:AC:A8:EC:57:DF:09:AB:B0:2A:AD:4D:89:9C
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 0199FBEB77E9A77116351637F616865A6F9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 044D
Signing time: Sun 19 Oct 2025 10:02:16 +0000
Manifest this update: Sun 19 Oct 2025 10:02:16 +0000
Manifest next update: Mon 20 Oct 2025 10:02:16 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: J43XQQ+6igdEckUF6gGoMDWZ281S1v5cul9LSeXkMI4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:77:e9:a7:71:16:35:16:37:f6:16:86:5a:6f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Oct 19 10:02:16 2025 GMT
Not After : Oct 20 10:02:16 2025 GMT
Subject: CN=cc2af5c76deb24aca8ec57df09abb02aad4d899c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5d:d2:33:25:a8:52:43:79:4b:b0:f8:56:54:
d3:51:f1:3b:cb:42:4c:c7:5a:f4:64:3b:e7:0b:8e:
e2:ab:ce:e7:3e:73:ac:f0:ed:d9:8c:2b:ac:4f:8a:
ea:54:51:86:d4:d0:b7:a2:a1:82:83:4a:e6:18:d6:
92:ec:72:f9:55:36:52:64:92:1c:92:ea:88:e3:5d:
97:a7:24:4c:dd:f3:36:fa:86:97:e7:ee:d7:32:62:
4d:7a:93:00:8a:81:63:a1:64:e9:81:c8:93:5e:99:
34:e7:ec:21:dc:42:0b:58:6d:ef:a2:ed:e9:48:ea:
e2:10:39:90:46:69:f0:f7:ac:77:8c:d1:e9:62:b6:
a2:d3:70:8c:da:7d:4d:75:7e:5f:db:ce:a9:40:a3:
f1:0b:0c:50:be:69:30:85:91:4f:e9:85:82:63:6c:
3d:9c:d3:9e:49:af:00:27:bf:da:25:ef:11:0b:c0:
e2:9a:fb:69:65:17:b2:c9:43:54:ff:e2:81:5a:7d:
3e:08:c2:c3:b9:9b:12:62:94:ad:95:f8:9e:ea:fb:
5b:79:86:da:f4:f3:b7:78:b7:87:31:0e:c0:02:e0:
3d:92:1e:20:76:46:db:09:af:64:3f:85:3e:5f:0e:
e2:a3:0e:1b:9d:14:b2:c9:e0:0e:a0:38:13:64:ab:
3c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2A:F5:C7:6D:EB:24:AC:A8:EC:57:DF:09:AB:B0:2A:AD:4D:89:9C
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:3f:19:13:eb:10:86:64:d0:56:8d:68:2a:6c:10:e6:94:69:
06:b7:5d:21:13:05:de:bd:71:22:a1:4e:a6:1b:6a:af:bc:10:
21:7b:c4:33:8c:e9:7a:31:78:53:41:89:c0:87:3f:88:3b:f4:
90:c8:b2:18:59:0a:df:02:bf:e7:fa:1f:6d:dc:33:ff:e9:89:
f5:46:56:5d:58:8b:16:2a:2d:80:69:2f:14:6c:73:a2:1d:ef:
a3:83:36:43:fb:58:7a:ce:84:81:ff:4a:25:10:c6:57:12:77:
4c:52:f7:8b:e5:9c:9b:06:d1:d2:0a:30:fa:3f:f3:a8:e3:50:
b8:0c:1c:a7:8b:28:3f:ee:40:8b:f0:a2:a4:53:9b:f9:f2:a0:
fa:8c:06:03:e7:0d:a0:70:b5:9b:11:81:18:b8:39:44:10:13:
38:40:b2:c2:c8:d7:b5:43:99:d4:54:da:4a:5d:f2:6b:80:5d:
23:d5:53:e6:51:4c:dc:52:b2:5f:65:8e:94:cf:45:9a:c1:cc:
19:24:de:3d:5e:c2:d1:b1:82:e5:77:f4:9a:a4:d9:6e:83:c6:
8e:ee:9c:bc:7a:f5:18:bb:6b:90:ab:ae:6d:de:c1:35:ee:78:
62:7f:2d:1f:3f:84:1f:09:b5:ee:6c:74:05:30:7a:99:22:f8:
38:97:e8:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763fpp3EWNRY39haGWm+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUxMDE5MTAwMjE2WhcNMjUxMDIwMTAwMjE2WjAzMTEwLwYDVQQD
EyhjYzJhZjVjNzZkZWIyNGFjYThlYzU3ZGYwOWFiYjAyYWFkNGQ4OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF3SMyWoUkN5S7D4VlTTUfE7y0JM
x1r0ZDvnC47iq87nPnOs8O3ZjCusT4rqVFGG1NC3oqGCg0rmGNaS7HL5VTZSZJIc
kuqI412XpyRM3fM2+oaX5+7XMmJNepMAioFjoWTpgciTXpk05+wh3EILWG3vou3p
SOriEDmQRmnw96x3jNHpYrai03CM2n1NdX5f286pQKPxCwxQvmkwhZFP6YWCY2w9
nNOeSa8AJ7/aJe8RC8DimvtpZReyyUNU/+KBWn0+CMLDuZsSYpStlfie6vtbeYba
9PO3eLeHMQ7AAuA9kh4gdkbbCa9kP4U+Xw7iow4bnRSyyeAOoDgTZKs8bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwq9cdt6ySsqOxX3wmrsCqtTYmcMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdT8ZE+sQ
hmTQVo1oKmwQ5pRpBrddIRMF3r1xIqFOphtqr7wQIXvEM4zpejF4U0GJwIc/iDv0
kMiyGFkK3wK/5/ofbdwz/+mJ9UZWXViLFiotgGkvFGxzoh3vo4M2Q/tYes6Egf9K
JRDGVxJ3TFL3i+WcmwbR0gow+j/zqONQuAwcp4soP+5Ai/CipFOb+fKg+owGA+cN
oHC1mxGBGLg5RBATOECywsjXtUOZ1FTaSl3ya4BdI9VT5lFM3FKyX2WOlM9FmsHM
GSTePV7C0bGC5Xf0mqTZboPGju6cvHr1GLtrkKuubd7BNe54Yn8tHz+EHwm17mx0
BTB6mSL4OJfosg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:30 2025 by rpki-client