Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
File: aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft (raw, json)
Hash identifier: /HMs3QS+cHhq7YGh7qcNEnmV8q2sG5vg5SWfSKKlgJ4=
Subject key identifier: 92:BF:AB:F5:A2:F2:2E:F2:0B:85:E4:84:7A:25:A4:D0:22:E6:11:AC
Authority key identifier: 69:0A:E1:75:FB:E6:3B:0E:93:04:69:09:7C:94:92:D4:2E:D7:92:49
Certificate issuer: /CN=690ae175fbe63b0e930469097c9492d42ed79249
Certificate serial: 0199FC21711D580DE6239233EA944D59F820
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
Manifest number: CA
Signing time: Sun 19 Oct 2025 11:01:13 +0000
Manifest this update: Sun 19 Oct 2025 11:01:13 +0000
Manifest next update: Mon 20 Oct 2025 11:01:13 +0000
Files and hashes: 1: Ft7Frn9ocyQeuHjXMeEeGoh_tdk.roa (hash: +hbGdiT9EB+gQ7hEwq4X6SV+6RnEdb4t2Cal6rg6Zcw=)
2: aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl (hash: PWD01cEXxWwzeSoCoJSKkO0AZHeeeVPnD2N/7lVPlRs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:71:1d:58:0d:e6:23:92:33:ea:94:4d:59:f8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=690ae175fbe63b0e930469097c9492d42ed79249
Validity
Not Before: Oct 19 11:01:13 2025 GMT
Not After : Oct 20 11:01:13 2025 GMT
Subject: CN=92bfabf5a2f22ef20b85e4847a25a4d022e611ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:22:43:12:4c:9c:e0:b7:ec:26:53:56:fd:
bf:4d:7c:18:be:9f:e3:34:f5:63:3a:23:29:cb:d5:
3e:b0:2c:02:d9:dd:da:7f:f9:db:b4:e4:72:3f:11:
dd:9d:62:3a:1d:11:b6:d7:16:e7:77:52:35:3d:77:
15:e8:e1:32:fa:49:61:f4:d5:5f:f4:bb:6c:b7:90:
de:1b:f1:7a:b7:45:fc:27:51:37:c0:fc:64:62:99:
b5:06:0a:93:15:b0:2c:85:1c:37:40:9b:61:73:f6:
e6:82:22:f6:8e:64:cc:44:54:d8:d2:23:92:55:f5:
38:a5:27:9e:81:0d:42:c6:d9:a0:7e:c1:de:2a:6d:
70:a4:83:cf:bb:92:c2:f0:a1:77:e8:5d:e8:ad:77:
01:ae:d9:40:45:4f:44:d1:b1:d2:b8:e9:78:91:d5:
6a:8f:8c:34:6e:89:a6:12:1a:63:d0:9e:e0:80:7c:
11:fb:82:3b:d1:19:3d:e2:4f:c3:08:65:fd:f5:f9:
85:d5:ae:2f:f7:4a:84:9a:d2:11:8f:a4:a1:7e:66:
49:d9:f6:02:8f:bd:e8:53:3b:e6:da:cd:79:e0:cf:
51:a9:a8:f3:a9:df:7e:fd:13:4e:83:12:a9:66:e4:
4d:22:8d:8e:b5:39:f4:d7:32:bd:d3:c3:04:ce:60:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BF:AB:F5:A2:F2:2E:F2:0B:85:E4:84:7A:25:A4:D0:22:E6:11:AC
X509v3 Authority Key Identifier:
keyid:69:0A:E1:75:FB:E6:3B:0E:93:04:69:09:7C:94:92:D4:2E:D7:92:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b884c0-4d05-4401-9858-8a086ea94be5/1/aQrhdfvmOw6TBGkJfJSS1C7Xkkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e5:6b:0c:4a:03:85:4e:41:22:fc:d8:f4:c1:da:e4:c3:ec:04:
3f:36:d0:1e:24:1b:21:13:d6:c8:81:c2:7d:38:57:dd:a5:77:
b9:b4:18:c2:7b:a4:f2:e3:a7:77:2d:38:d1:e3:2e:84:a9:15:
32:45:df:23:2e:f4:65:fc:55:80:9c:9a:f6:70:44:99:f5:41:
1e:9d:7d:9c:06:47:19:05:81:30:bc:93:cc:a3:31:c5:68:4d:
32:f3:c5:ad:66:4d:83:61:2b:83:23:68:55:36:c8:6f:97:73:
a6:fa:59:27:9d:9d:a2:72:aa:54:37:00:27:7b:4f:99:78:32:
3c:7d:6d:05:5d:de:fb:43:8e:3d:6f:7d:ff:d1:ee:d7:71:f8:
0d:2e:fb:09:71:82:91:10:91:e6:ca:8b:7e:a2:16:ae:96:28:
f2:2c:ad:1c:12:ed:b9:db:1c:ec:78:2a:1c:58:2b:23:0c:61:
69:06:15:14:26:49:62:f8:8e:51:b1:99:75:3d:36:87:00:d6:
12:67:1d:f4:bc:ae:8f:eb:b8:c5:92:26:90:c1:84:dc:53:30:
9f:7d:ca:94:26:b1:fc:42:e4:38:2a:0d:2c:d2:54:9e:50:c9:
4c:43:4d:95:22:f4:59:d4:19:29:07:b8:d0:ec:df:73:29:53:
cc:21:46:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IXEdWA3mI5Iz6pRNWfggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MGFlMTc1ZmJlNjNiMGU5MzA0NjkwOTdjOTQ5MmQ0MmVk
NzkyNDkwHhcNMjUxMDE5MTEwMTEzWhcNMjUxMDIwMTEwMTEzWjAzMTEwLwYDVQQD
Eyg5MmJmYWJmNWEyZjIyZWYyMGI4NWU0ODQ3YTI1YTRkMDIyZTYxMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSoiQxJMnOC37CZTVv2/TXwYvp/j
NPVjOiMpy9U+sCwC2d3af/nbtORyPxHdnWI6HRG21xbnd1I1PXcV6OEy+klh9NVf
9Ltst5DeG/F6t0X8J1E3wPxkYpm1BgqTFbAshRw3QJthc/bmgiL2jmTMRFTY0iOS
VfU4pSeegQ1CxtmgfsHeKm1wpIPPu5LC8KF36F3orXcBrtlARU9E0bHSuOl4kdVq
j4w0bommEhpj0J7ggHwR+4I70Rk94k/DCGX99fmF1a4v90qEmtIRj6ShfmZJ2fYC
j73oUzvm2s154M9Rqajzqd9+/RNOgxKpZuRNIo2OtTn01zK908MEzmBGVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJK/q/Wi8i7yC4XkhHolpNAi5hGsMB8GA1UdIwQY
MBaAFGkK4XX75jsOkwRpCXyUktQu15JJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iODg0YzAtNGQwNS00NDAxLTk4NTgt
OGEwODZlYTk0YmU1LzEvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iODg0YzAtNGQwNS00NDAxLTk4NTgtOGEwODZlYTk0YmU1
LzEvYVFyaGRmdm1PdzZUQkdrSmZKU1MxQzdYa2trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5WsMSgOF
TkEi/Nj0wdrkw+wEPzbQHiQbIRPWyIHCfThX3aV3ubQYwnuk8uOndy040eMuhKkV
MkXfIy70ZfxVgJya9nBEmfVBHp19nAZHGQWBMLyTzKMxxWhNMvPFrWZNg2ErgyNo
VTbIb5dzpvpZJ52donKqVDcAJ3tPmXgyPH1tBV3e+0OOPW99/9Hu13H4DS77CXGC
kRCR5sqLfqIWrpYo8iytHBLtudsc7HgqHFgrIwxhaQYVFCZJYviOUbGZdT02hwDW
Emcd9Lyuj+u4xZImkMGE3FMwn33KlCax/ELkOCoNLNJUnlDJTENNlSL0WdQZKQe4
0OzfcylTzCFGhw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:11:50 2025 by rpki-client