Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
File: 0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json)
Hash identifier: p4sgFGTPZrx6xCQ64GWxmz7aLy2sgOspGqiMVd20yRc=
Subject key identifier: A5:3B:26:B0:81:25:75:44:7A:67:96:C4:FA:9B:3E:69:1E:3E:92:49
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Certificate issuer: /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial: 0199FAD7B09019AB89888C4601D3FD9DCC06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
Manifest number: 1018
Signing time: Sun 19 Oct 2025 05:01:03 +0000
Manifest this update: Sun 19 Oct 2025 05:01:03 +0000
Manifest next update: Mon 20 Oct 2025 05:01:03 +0000
Files and hashes: 1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: 8BVlKY3wFr9akFakS3Xo2llz8DNeWQo5+mEReTelIok=)
2: p1fyn5poKGi3v6udklaZLK6DaPs.roa (hash: ksuBLRSUua1zFmd4JmcnhcAsP8MWyD8OR/dcK6d/pkM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:d7:b0:90:19:ab:89:88:8c:46:01:d3:fd:9d:cc:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Validity
Not Before: Oct 19 05:01:03 2025 GMT
Not After : Oct 20 05:01:03 2025 GMT
Subject: CN=a53b26b0812575447a6796c4fa9b3e691e3e9249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:5b:8b:c1:47:4f:f9:c3:e1:33:9b:97:e5:
e1:a2:b7:71:06:d6:32:61:cd:6c:a0:81:6d:81:1a:
9b:29:96:33:39:6e:e1:7e:1f:8a:a0:1b:46:f4:3d:
80:17:b7:9a:c2:0a:c5:15:ae:d6:88:58:52:46:de:
15:e0:69:10:22:91:13:dd:e3:14:36:9a:7e:a7:e1:
88:b9:c3:7b:c9:63:01:94:93:b1:d4:25:0b:ba:9f:
9f:13:e2:f0:e6:1d:ca:95:f2:1c:2e:3d:44:e7:8a:
d1:e8:11:d9:d9:e2:69:15:4c:31:dc:81:e9:73:04:
e0:30:a0:51:a0:a2:73:ba:2b:e6:e6:a7:c0:d9:17:
cc:73:8e:1c:2e:17:ac:53:f5:21:4e:b7:2d:c5:e0:
20:7c:23:55:fd:76:3c:6f:f3:0b:51:b2:f6:7a:94:
e7:9a:d0:fb:66:ef:fe:0c:df:e0:3d:7a:d4:98:53:
a0:74:5b:16:1a:9d:77:a9:f4:3e:18:a9:c0:62:5d:
0a:32:6c:88:3a:87:41:2c:71:80:93:ff:b7:e8:6f:
1c:8d:57:e1:3e:ae:11:c2:ba:10:df:c6:f9:84:12:
b4:ba:aa:4e:7e:8c:16:3b:2b:55:a6:85:75:c0:05:
ee:c9:78:6c:66:8a:4c:32:72:89:8a:8b:8b:11:d3:
1a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3B:26:B0:81:25:75:44:7A:67:96:C4:FA:9B:3E:69:1E:3E:92:49
X509v3 Authority Key Identifier:
keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:9c:b9:58:4f:3b:2b:25:75:63:fa:c2:46:6e:61:fc:c6:6d:
70:74:6a:f9:66:ea:26:8c:e0:d9:8e:63:72:a4:1f:59:f9:9b:
8e:f3:bf:ab:a7:1b:1c:1c:df:fe:cb:d5:bc:f7:1e:e4:73:8a:
01:1f:39:f9:bc:c5:8a:a0:f1:db:db:9f:7b:35:99:01:9c:a4:
78:e4:ef:25:c8:6d:33:f1:ee:ec:c2:c1:6f:8c:cd:cd:e2:55:
b5:66:d7:76:47:55:a1:1e:46:a4:dc:9d:7a:e6:c4:1c:10:d2:
7e:80:98:0a:ba:27:75:95:52:45:16:72:f6:5f:d9:09:9b:8e:
18:db:2b:7e:ba:ab:e5:d9:ee:70:5d:35:82:ba:e1:68:18:08:
33:71:b3:18:87:54:2c:8e:36:ae:a0:31:2d:a1:68:af:0c:78:
2d:c9:04:4d:0c:fa:16:19:fa:92:f5:8d:fd:d7:70:61:88:15:
11:c4:64:ed:37:a1:3f:21:fb:8d:7c:f9:9a:5b:61:5f:14:49:
12:88:d7:e3:a5:38:bc:0e:92:34:65:e7:05:3b:ee:7f:1d:fe:
7f:d6:30:1f:23:87:6a:8d:43:98:f5:2c:40:c5:53:69:05:5c:
3b:93:02:f1:fd:ba:56:b8:7c:f0:be:23:90:e4:4f:e4:94:0f:
a4:c8:f2:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn617CQGauJiIxGAdP9ncwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjUxMDE5MDUwMTAzWhcNMjUxMDIwMDUwMTAzWjAzMTEwLwYDVQQD
EyhhNTNiMjZiMDgxMjU3NTQ0N2E2Nzk2YzRmYTliM2U2OTFlM2U5MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+hbi8FHT/nD4TObl+XhordxBtYy
Yc1soIFtgRqbKZYzOW7hfh+KoBtG9D2AF7eawgrFFa7WiFhSRt4V4GkQIpET3eMU
Npp+p+GIucN7yWMBlJOx1CULup+fE+Lw5h3KlfIcLj1E54rR6BHZ2eJpFUwx3IHp
cwTgMKBRoKJzuivm5qfA2RfMc44cLhesU/UhTrctxeAgfCNV/XY8b/MLUbL2epTn
mtD7Zu/+DN/gPXrUmFOgdFsWGp13qfQ+GKnAYl0KMmyIOodBLHGAk/+36G8cjVfh
Pq4RwroQ38b5hBK0uqpOfowWOytVpoV1wAXuyXhsZopMMnKJiouLEdMawQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU7JrCBJXVEemeWxPqbPmkePpJJMB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIZy5WE87
KyV1Y/rCRm5h/MZtcHRq+WbqJozg2Y5jcqQfWfmbjvO/q6cbHBzf/svVvPce5HOK
AR85+bzFiqDx29ufezWZAZykeOTvJchtM/Hu7MLBb4zNzeJVtWbXdkdVoR5GpNyd
eubEHBDSfoCYCrondZVSRRZy9l/ZCZuOGNsrfrqr5dnucF01grrhaBgIM3GzGIdU
LI42rqAxLaForwx4LckETQz6Fhn6kvWN/ddwYYgVEcRk7TehPyH7jXz5mlthXxRJ
EojX46U4vA6SNGXnBTvufx3+f9YwHyOHao1DmPUsQMVTaQVcO5MC8f26Vrh88L4j
kORP5JQPpMjy2g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:01:13 2025 by rpki-client