Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json)
Hash identifier: PsGzDvsaHAPD7gZ/gLx7xNv6MdRcekq8KpkD6LZtkLE=
Subject key identifier: 24:5B:0D:B1:65:C6:CF:DE:40:3C:A3:DC:9A:E3:9A:39:88:2B:CD:B0
Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Certificate serial: 0199FFC83C453DFD84FF50BA060D4C4D9E2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
Manifest number: 0824
Signing time: Mon 20 Oct 2025 04:02:16 +0000
Manifest this update: Mon 20 Oct 2025 04:02:16 +0000
Manifest next update: Tue 21 Oct 2025 04:02:16 +0000
Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: KpRL7JdAAfuBBwCmiH/2qQD0819xZh2t4ThDeKoNgsM=)
2: szxe0DPYsGTMI_tgKM1yaWgLDtI.roa (hash: fjZgmmGMINi/iYDucRgC4NEVBx45QTUkAnBaw6M5XK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:3c:45:3d:fd:84:ff:50:ba:06:0d:4c:4d:9e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6
Validity
Not Before: Oct 20 04:02:16 2025 GMT
Not After : Oct 21 04:02:16 2025 GMT
Subject: CN=245b0db165c6cfde403ca3dc9ae39a39882bcdb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1d:15:5a:e1:6d:ed:52:08:32:31:98:ad:73:
dd:2f:f1:58:32:02:ee:7a:01:68:5d:42:2a:00:27:
3a:09:be:af:20:0b:49:da:0d:cc:cf:fa:d3:49:fc:
6c:cd:1b:96:5e:05:fd:88:1b:5e:70:fb:be:a5:c3:
0d:69:10:50:8c:c9:51:32:ed:ca:68:4e:0e:2b:d7:
c3:21:82:2e:b2:81:a0:7a:ad:f4:88:28:7a:f3:e4:
2c:d9:b0:3d:fd:ff:99:2e:16:55:b8:36:ff:e0:98:
08:f0:2c:99:1e:c5:7d:fc:8f:66:d9:58:f6:e8:bb:
5a:61:82:fd:f6:0d:0e:90:7f:60:f0:cb:b1:cc:d2:
3b:75:78:6d:50:47:e1:97:1d:78:73:25:68:b8:7a:
70:cc:a4:14:6a:fb:b4:10:db:f7:ca:b0:45:73:65:
61:19:49:3c:e0:29:3d:57:48:4d:99:14:e9:38:07:
56:3a:43:34:a6:4b:56:b7:8c:62:a5:a2:3d:30:f7:
16:25:6f:6f:83:7d:47:13:5f:c2:26:54:63:6f:39:
f5:9f:4c:c8:b9:e0:13:be:cf:21:58:20:48:2f:95:
cc:c7:91:f0:ef:86:de:02:d3:86:92:51:c3:9b:12:
f7:a3:7c:64:c9:ec:56:5b:04:c9:82:a3:fb:9a:1a:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5B:0D:B1:65:C6:CF:DE:40:3C:A3:DC:9A:E3:9A:39:88:2B:CD:B0
X509v3 Authority Key Identifier:
keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:40:75:2b:b6:3b:83:3a:0e:fa:ef:ec:b4:84:fe:e0:bd:9c:
bd:08:f4:03:b3:0f:cd:6e:c3:a2:8b:46:20:5f:df:4b:39:49:
31:04:4b:05:c3:5a:72:d6:53:00:df:bc:55:1f:44:ea:b9:43:
2b:72:b1:f2:dc:34:21:d8:10:00:49:7d:da:17:3a:95:b5:eb:
dc:af:cb:87:af:d6:56:2b:c5:e6:01:24:e7:de:04:73:55:f7:
29:db:02:50:f8:f9:45:38:55:cf:7a:10:a7:58:a7:4b:61:99:
fe:ad:b5:dc:7f:fa:d2:a4:b2:81:a8:a2:c8:22:ac:31:b8:11:
f9:86:ac:01:99:de:53:73:e9:34:28:31:19:02:6d:25:14:df:
e4:0c:a3:17:cc:ed:06:7b:32:a3:d7:67:b3:40:c7:f8:bf:0b:
ea:b5:4c:75:0e:4c:bc:ff:8f:96:0f:2f:42:18:0b:e5:d9:8a:
ee:76:f5:67:fb:09:3b:31:3c:58:57:24:d2:3e:56:83:fc:84:
14:4c:67:0e:ee:6f:38:66:32:55:9d:f9:4d:00:d7:28:f5:34:
07:a4:41:43:db:80:ed:ca:4e:7f:01:a5:52:45:08:9f:ee:d7:
41:f0:51:cb:f6:c6:42:70:97:7e:fa:e1:17:75:a0:79:09:e0:
70:1e:03:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDxFPf2E/1C6Bg1MTZ4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw
MmYyZDYwHhcNMjUxMDIwMDQwMjE2WhcNMjUxMDIxMDQwMjE2WjAzMTEwLwYDVQQD
EygyNDViMGRiMTY1YzZjZmRlNDAzY2EzZGM5YWUzOWEzOTg4MmJjZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2R0VWuFt7VIIMjGYrXPdL/FYMgLu
egFoXUIqACc6Cb6vIAtJ2g3Mz/rTSfxszRuWXgX9iBtecPu+pcMNaRBQjMlRMu3K
aE4OK9fDIYIusoGgeq30iCh68+Qs2bA9/f+ZLhZVuDb/4JgI8CyZHsV9/I9m2Vj2
6LtaYYL99g0OkH9g8MuxzNI7dXhtUEfhlx14cyVouHpwzKQUavu0ENv3yrBFc2Vh
GUk84Ck9V0hNmRTpOAdWOkM0pktWt4xipaI9MPcWJW9vg31HE1/CJlRjbzn1n0zI
ueATvs8hWCBIL5XMx5Hw74beAtOGklHDmxL3o3xkyexWWwTJgqP7mhrDuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRbDbFlxs/eQDyj3JrjmjmIK82wMB8GA1UdIwQY
MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt
ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl
LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIkB1K7Y7
gzoO+u/stIT+4L2cvQj0A7MPzW7DootGIF/fSzlJMQRLBcNactZTAN+8VR9E6rlD
K3Kx8tw0IdgQAEl92hc6lbXr3K/Lh6/WVivF5gEk594Ec1X3KdsCUPj5RThVz3oQ
p1inS2GZ/q213H/60qSygaiiyCKsMbgR+YasAZneU3PpNCgxGQJtJRTf5AyjF8zt
Bnsyo9dns0DH+L8L6rVMdQ5MvP+Plg8vQhgL5dmK7nb1Z/sJOzE8WFck0j5Wg/yE
FExnDu5vOGYyVZ35TQDXKPU0B6RBQ9uA7cpOfwGlUkUIn+7XQfBRy/bGQnCXfvrh
F3WgeQngcB4Dxg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:42:04 2025 by rpki-client