Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
File: AlO5GdddwgTZyjjbeyihdINLOz0.mft (raw, json)
Hash identifier: 89+1eHaSstEGpmnjS0l/NwGqnUeIUKKCWzhVMFxcG6o=
Subject key identifier: C6:6C:4D:69:AF:56:CE:C3:E5:C6:68:15:86:9F:B1:5D:A5:4E:5F:D5
Authority key identifier: 02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
Certificate issuer: /CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Certificate serial: 0199FB7C7259BE93E59CA1318A3469CBD429
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
Manifest number: 0703
Signing time: Sun 19 Oct 2025 08:01:00 +0000
Manifest this update: Sun 19 Oct 2025 08:01:00 +0000
Manifest next update: Mon 20 Oct 2025 08:01:00 +0000
Files and hashes: 1: AlO5GdddwgTZyjjbeyihdINLOz0.crl (hash: KtZVknGZctWqGJHTm7YowS/8mOjIO5VDJehjsdfg5vQ=)
2: nHJdEaQAZSSucNQfqLdmnzvaEhg.roa (hash: PyiLEuElU0BAtn89yNXkLzFcjN6+3nnt5xk1DxkgTgc=)
3: uTJHpPw8MiXzvmoOasbIM18rO48.roa (hash: 417uE377R+rkUzMmjx7quT0IM4A+QC6t0Oyj6z4KxVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:72:59:be:93:e5:9c:a1:31:8a:34:69:cb:d4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0253b919d75dc204d9ca38db7b28a174834b3b3d
Validity
Not Before: Oct 19 08:01:00 2025 GMT
Not After : Oct 20 08:01:00 2025 GMT
Subject: CN=c66c4d69af56cec3e5c66815869fb15da54e5fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cc:45:78:5e:8a:c6:09:70:a0:e4:d1:56:b8:
3f:30:fe:34:cb:d4:64:e8:b9:2f:90:77:9e:cc:00:
ab:ce:6c:2f:28:ce:02:5f:de:1a:79:5c:c8:a6:25:
d6:5e:1f:f5:27:27:a0:d0:27:d0:ac:5b:40:43:89:
bb:51:7f:04:07:d0:e2:35:17:4f:29:b8:d3:cb:f9:
69:df:1a:24:4e:d7:54:3b:9d:23:36:3b:5b:d6:be:
37:3c:a2:e0:00:56:d2:3a:de:ff:60:94:4a:64:54:
65:63:69:24:18:8e:06:a0:0f:a4:86:55:b8:87:1e:
f2:0c:0b:8a:86:2d:20:fb:a6:c7:ea:19:e1:44:a3:
f4:0b:d7:82:82:8d:2d:8a:cd:de:1f:ed:59:8d:21:
9e:97:8d:56:97:dd:16:e0:eb:ca:78:10:42:d5:0a:
9c:b6:5a:10:6f:70:e5:bc:aa:b6:15:b6:8e:11:d3:
8d:e0:fa:68:2f:0d:cf:b8:89:2f:43:c1:99:fe:0c:
15:ab:cd:80:57:32:67:af:50:ab:cf:25:53:e1:9b:
14:c3:5f:7b:de:bf:b0:c3:69:e9:ba:5f:df:02:d8:
f8:a3:a9:f4:c6:32:8d:c7:0a:27:3c:11:ec:5a:a9:
f7:43:10:08:2b:bd:0a:bf:71:a3:59:fb:cf:88:3e:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6C:4D:69:AF:56:CE:C3:E5:C6:68:15:86:9F:B1:5D:A5:4E:5F:D5
X509v3 Authority Key Identifier:
keyid:02:53:B9:19:D7:5D:C2:04:D9:CA:38:DB:7B:28:A1:74:83:4B:3B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlO5GdddwgTZyjjbeyihdINLOz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/3bafd8-c34e-4890-b4cf-73db0f2841c9/1/AlO5GdddwgTZyjjbeyihdINLOz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:ec:43:f0:53:62:8b:c9:0d:9c:6e:b6:45:39:64:cb:83:c0:
be:75:90:08:6e:92:bb:57:a1:ee:4f:41:44:d7:1b:41:88:f3:
c5:dc:66:78:4c:e3:f1:f0:1c:c5:cf:1e:f5:19:af:e5:68:74:
a8:94:9d:69:df:92:c5:f5:b8:eb:4f:b2:51:46:60:8b:fd:3e:
46:44:42:c0:8d:86:fa:54:21:4a:f9:d6:52:dd:46:bc:89:cf:
2c:cd:4e:7d:66:a6:35:c6:52:00:e0:2c:38:00:ac:07:f5:a0:
90:c0:d3:3b:ed:08:8c:65:83:00:c6:96:ef:ee:fd:5f:c6:3c:
44:62:0c:46:41:70:9b:25:1f:2c:50:02:99:bb:49:59:b5:33:
cc:d7:94:8c:ac:62:a9:95:fc:ee:7b:3a:6b:36:81:57:52:c0:
72:05:87:bf:a8:a2:94:25:ac:31:b5:84:c4:a2:b8:d0:a8:37:
b3:cc:86:06:c1:d5:fa:3a:1f:da:cb:44:51:98:27:90:15:78:
87:02:96:63:1d:88:da:64:f4:49:aa:02:21:0d:67:7a:52:ac:
82:f6:4b:32:69:2c:ef:64:57:6c:a6:cf:b9:a3:97:80:d8:8c:
46:70:76:0e:26:93:eb:0c:3f:e4:81:d2:97:bf:d4:71:01:e2:
2d:73:a7:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fHJZvpPlnKExijRpy9QpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTNiOTE5ZDc1ZGMyMDRkOWNhMzhkYjdiMjhhMTc0ODM0
YjNiM2QwHhcNMjUxMDE5MDgwMTAwWhcNMjUxMDIwMDgwMTAwWjAzMTEwLwYDVQQD
EyhjNjZjNGQ2OWFmNTZjZWMzZTVjNjY4MTU4NjlmYjE1ZGE1NGU1ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcxFeF6KxglwoOTRVrg/MP40y9Rk
6LkvkHeezACrzmwvKM4CX94aeVzIpiXWXh/1Jyeg0CfQrFtAQ4m7UX8EB9DiNRdP
KbjTy/lp3xokTtdUO50jNjtb1r43PKLgAFbSOt7/YJRKZFRlY2kkGI4GoA+khlW4
hx7yDAuKhi0g+6bH6hnhRKP0C9eCgo0tis3eH+1ZjSGel41Wl90W4OvKeBBC1Qqc
tloQb3DlvKq2FbaOEdON4PpoLw3PuIkvQ8GZ/gwVq82AVzJnr1CrzyVT4ZsUw197
3r+ww2npul/fAtj4o6n0xjKNxwonPBHsWqn3QxAIK70Kv3GjWfvPiD5bSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZsTWmvVs7D5cZoFYafsV2lTl/VMB8GA1UdIwQY
MBaAFAJTuRnXXcIE2co423sooXSDSzs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2Yt
NzNkYjBmMjg0MWM5LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8zYmFmZDgtYzM0ZS00ODkwLWI0Y2YtNzNkYjBmMjg0MWM5
LzEvQWxPNUdkZGR3Z1RaeWpqYmV5aWhkSU5MT3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOxD8FNi
i8kNnG62RTlky4PAvnWQCG6Su1eh7k9BRNcbQYjzxdxmeEzj8fAcxc8e9Rmv5Wh0
qJSdad+SxfW460+yUUZgi/0+RkRCwI2G+lQhSvnWUt1GvInPLM1OfWamNcZSAOAs
OACsB/WgkMDTO+0IjGWDAMaW7+79X8Y8RGIMRkFwmyUfLFACmbtJWbUzzNeUjKxi
qZX87ns6azaBV1LAcgWHv6iilCWsMbWExKK40Kg3s8yGBsHV+jof2stEUZgnkBV4
hwKWYx2I2mT0SaoCIQ1nelKsgvZLMmks72RXbKbPuaOXgNiMRnB2DiaT6ww/5IHS
l7/UcQHiLXOnDQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:14 2025 by rpki-client