Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
File: AYGCKpyioAj1zRG5-duhbuLGFFk.mft (raw, json)
Hash identifier: xAeWlTjQ+OozSG8ayWsXxAYWr3PXgWJ5A1zMdlV0wFc=
Subject key identifier: 86:7C:64:C2:F9:5B:48:E5:F2:98:1F:47:6E:88:7D:CA:A7:8C:A0:BE
Authority key identifier: 01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59
Certificate issuer: /CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459
Certificate serial: 0199FCFD4C6F1B13385D32D4D6090860FC61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
Manifest number: 0228
Signing time: Sun 19 Oct 2025 15:01:22 +0000
Manifest this update: Sun 19 Oct 2025 15:01:22 +0000
Manifest next update: Mon 20 Oct 2025 15:01:22 +0000
Files and hashes: 1: AYGCKpyioAj1zRG5-duhbuLGFFk.crl (hash: QadOJRSQ/TokZ6iC2zI7iavwTRKfd2mOjKtuyQ/70DA=)
2: g2CXKA0Q172jL1FvPLyV_ep5ju0.roa (hash: 11gRkpCQE+58w0mcA/1mDxt2mYAAWr8ch94H20jZvcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:4c:6f:1b:13:38:5d:32:d4:d6:09:08:60:fc:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459
Validity
Not Before: Oct 19 15:01:22 2025 GMT
Not After : Oct 20 15:01:22 2025 GMT
Subject: CN=867c64c2f95b48e5f2981f476e887dcaa78ca0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:1c:e5:e1:65:27:01:5a:ec:44:97:d1:7a:
d1:23:be:75:73:7e:37:e2:b0:4d:f9:95:38:d1:98:
aa:0d:f8:ff:cd:c9:61:7c:5a:33:ed:df:25:3a:72:
e5:14:b8:be:85:10:ce:90:b9:df:6d:3f:79:0f:5e:
76:fd:61:2c:d1:aa:61:18:de:6c:4c:03:76:ee:e4:
2b:f5:0d:ae:ff:fe:0d:87:2b:cd:18:bd:e5:e4:5b:
c9:2c:dd:5e:72:be:55:e4:e0:a4:70:f7:8b:6b:45:
6d:0a:e6:32:b4:9b:31:70:9a:75:3b:f2:3b:b8:77:
01:5a:91:2a:c5:b6:f5:04:8b:e7:ae:a0:9a:9b:79:
5f:b0:82:ba:db:5e:59:c7:8f:80:a0:88:ff:86:d0:
91:54:e3:74:db:aa:dd:d7:eb:6c:ff:7b:43:2b:80:
84:1f:a3:7a:76:ba:6f:d9:33:be:fa:38:fa:88:c2:
23:3e:ab:54:a1:f2:37:b7:1b:b0:0e:f5:da:98:ef:
65:a7:ed:df:30:bc:52:50:63:90:36:15:f3:30:ee:
1e:37:0b:78:2e:1f:20:8e:8a:24:cb:54:69:1f:70:
84:fb:d0:b8:ee:14:87:81:0d:6c:bf:28:ce:fb:f8:
e1:75:5b:1f:18:85:de:75:3c:f1:f0:7e:91:9a:8a:
dd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7C:64:C2:F9:5B:48:E5:F2:98:1F:47:6E:88:7D:CA:A7:8C:A0:BE
X509v3 Authority Key Identifier:
keyid:01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:9f:32:2b:98:0a:fd:1e:d0:1c:09:5d:d5:80:56:29:0a:63:
08:d3:ea:17:7e:ae:2a:d1:b3:42:d4:c2:7a:c6:41:da:2f:19:
d7:74:53:ce:8f:5d:5a:0b:ec:c4:90:ee:97:91:38:30:18:d9:
a6:b7:e7:ce:6a:ed:62:12:c7:32:12:3b:f0:bf:bd:46:21:a7:
4a:e3:c3:ff:02:2c:2a:70:d8:a8:81:e8:0a:c4:bf:03:b2:7f:
91:bf:a6:f9:9d:66:82:8e:5a:83:6d:96:c7:db:b6:8d:44:0f:
ed:c4:94:1a:fc:6b:2d:25:eb:1f:88:bf:fa:2e:20:51:68:8e:
57:18:3e:e2:aa:52:6a:23:82:58:7a:33:c7:23:a0:a1:73:28:
a2:4c:f1:09:68:e6:0b:04:6a:9a:6d:95:31:08:2f:80:67:ca:
4a:ab:91:5e:a4:d0:1d:bb:86:f3:45:44:3f:ea:49:ef:82:e4:
86:17:eb:7f:ab:af:22:b6:0a:c9:cc:be:27:fa:df:73:77:81:
ba:e3:9c:ae:c0:db:c9:8c:0a:9c:9b:35:69:47:39:5b:48:7d:
70:23:34:52:63:be:59:e1:08:13:e4:19:8c:63:dc:be:62:f5:
ee:03:cb:c4:6a:fb:6a:9b:6c:bb:3d:3b:1d:f1:ac:93:5f:3a:
b3:0d:8b:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/UxvGxM4XTLU1gkIYPxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODE4MjJhOWNhMmEwMDhmNWNkMTFiOWY5ZGJhMTZlZTJj
NjE0NTkwHhcNMjUxMDE5MTUwMTIyWhcNMjUxMDIwMTUwMTIyWjAzMTEwLwYDVQQD
Eyg4NjdjNjRjMmY5NWI0OGU1ZjI5ODFmNDc2ZTg4N2RjYWE3OGNhMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbYc5eFlJwFa7ESX0XrRI751c343
4rBN+ZU40ZiqDfj/zclhfFoz7d8lOnLlFLi+hRDOkLnfbT95D152/WEs0aphGN5s
TAN27uQr9Q2u//4NhyvNGL3l5FvJLN1ecr5V5OCkcPeLa0VtCuYytJsxcJp1O/I7
uHcBWpEqxbb1BIvnrqCam3lfsIK6215Zx4+AoIj/htCRVON026rd1+ts/3tDK4CE
H6N6drpv2TO++jj6iMIjPqtUofI3txuwDvXamO9lp+3fMLxSUGOQNhXzMO4eNwt4
Lh8gjooky1RpH3CE+9C47hSHgQ1svyjO+/jhdVsfGIXedTzx8H6RmordUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZ8ZML5W0jl8pgfR26IfcqnjKC+MB8GA1UdIwQY
MBaAFAGBgiqcoqAI9c0RufnboW7ixhRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQt
ODBkNDk0NTkxMWRkLzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQtODBkNDk0NTkxMWRk
LzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC58yK5gK
/R7QHAld1YBWKQpjCNPqF36uKtGzQtTCesZB2i8Z13RTzo9dWgvsxJDul5E4MBjZ
prfnzmrtYhLHMhI78L+9RiGnSuPD/wIsKnDYqIHoCsS/A7J/kb+m+Z1mgo5ag22W
x9u2jUQP7cSUGvxrLSXrH4i/+i4gUWiOVxg+4qpSaiOCWHozxyOgoXMookzxCWjm
CwRqmm2VMQgvgGfKSquRXqTQHbuG80VEP+pJ74Lkhhfrf6uvIrYKycy+J/rfc3eB
uuOcrsDbyYwKnJs1aUc5W0h9cCM0UmO+WeEIE+QZjGPcvmL17gPLxGr7aptsuz07
HfGsk186sw2Leg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:09 2025 by rpki-client