
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: +FQ+xJT1+F7dddQS13kTOiJDXr2OIAqlo8yQAUJX6sI=
Subject key identifier: ED:04:55:CE:72:EB:CF:AE:48:6D:72:63:80:4C:1E:CB:00:9D:E5:B3
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0199FDD97CE5345F241790809180B6D334C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 16E6
Signing time: Sun 19 Oct 2025 19:01:52 +0000
Manifest this update: Sun 19 Oct 2025 19:01:52 +0000
Manifest next update: Mon 20 Oct 2025 19:01:52 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: CHUNhgN16K3xS7zHO9auMlEgTvBvZQ3NfRJyb4IoMz8=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:7c:e5:34:5f:24:17:90:80:91:80:b6:d3:34:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Oct 19 19:01:52 2025 GMT
Not After : Oct 20 19:01:52 2025 GMT
Subject: CN=ed0455ce72ebcfae486d7263804c1ecb009de5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:57:d4:8e:41:20:da:b5:a7:c2:2f:af:28:
45:e2:e1:bb:7c:2e:2f:79:38:82:4a:38:d7:e3:cd:
7f:87:77:33:7c:ea:c0:7c:80:3b:97:ba:51:ca:6d:
0d:0c:f0:4a:ae:f5:5b:37:9e:c5:4b:55:5d:a7:14:
bb:2f:01:21:38:56:98:57:6c:b6:0d:56:a8:23:f7:
63:4e:ec:82:6f:77:5b:1c:ee:54:dd:c2:05:bf:7e:
0a:0b:93:49:d1:25:d0:36:8e:c7:30:98:41:93:32:
f4:72:72:5d:00:fa:53:2f:c8:06:08:6a:0f:51:94:
0b:22:fb:55:ee:85:72:6f:1d:8e:3a:d9:2f:77:ed:
21:23:5b:bc:f4:dd:f9:19:78:15:64:db:6b:82:9f:
89:90:bf:44:f4:06:32:e6:25:88:71:57:e5:c5:83:
b2:8c:a8:b7:1e:f6:cd:2c:7c:81:9f:d7:ae:b1:0c:
a2:23:dd:b2:24:76:37:3e:69:f9:03:35:73:65:43:
e4:e7:f1:37:17:a6:60:82:29:b7:bc:a1:cf:88:99:
f2:6c:54:a3:07:f7:97:17:0e:4c:dd:b6:00:6f:42:
ac:64:b9:8f:72:4f:cc:e6:55:70:6e:24:f2:87:8f:
04:82:ed:54:d0:53:12:22:52:67:90:bd:ea:be:9a:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:04:55:CE:72:EB:CF:AE:48:6D:72:63:80:4C:1E:CB:00:9D:E5:B3
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:6d:d4:b0:9e:60:d3:6b:0f:27:89:bd:0e:d4:08:44:9c:a7:
36:ba:13:20:63:01:9d:05:6e:01:b0:68:0f:14:6b:e0:25:70:
e9:0a:91:de:13:2b:52:a7:b1:1f:8b:2a:c8:b8:9e:4f:a7:d6:
40:7a:7f:4f:7f:17:57:96:c0:df:53:e1:70:d3:c0:d7:72:4f:
eb:f2:fe:93:9a:6b:0f:96:b9:25:81:16:d8:95:62:1a:a5:6f:
d1:c3:bf:72:0c:97:dd:a6:dc:3f:ca:70:43:03:c1:76:11:31:
af:5f:5c:c1:d5:9f:23:76:5f:cf:1d:9f:8f:a8:92:3f:2e:75:
ec:10:de:b3:28:13:e9:6a:93:10:dd:ea:ba:46:83:2b:78:4a:
d6:3e:9e:7a:83:86:1c:f6:9c:6c:db:19:ca:5c:65:4b:f1:fb:
30:d1:11:f6:4b:f2:b8:f2:62:e8:b3:d7:04:19:00:3c:a8:cb:
17:fa:9a:e8:c7:e2:ba:88:fe:4f:8a:13:90:4f:d6:c6:ca:7d:
20:2d:a7:e2:9a:76:6b:c3:62:b2:c4:d9:cc:af:33:cb:22:ab:
84:e9:76:f0:55:ef:e2:3a:e5:7a:0a:32:78:e6:0e:66:80:cb:
54:8d:35:01:94:ee:59:56:98:d7:43:1c:38:21:1b:d5:85:9a:
93:ef:50:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92XzlNF8kF5CAkYC20zTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUxMDE5MTkwMTUyWhcNMjUxMDIwMTkwMTUyWjAzMTEwLwYDVQQD
EyhlZDA0NTVjZTcyZWJjZmFlNDg2ZDcyNjM4MDRjMWVjYjAwOWRlNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC1X1I5BINq1p8IvryhF4uG7fC4v
eTiCSjjX481/h3czfOrAfIA7l7pRym0NDPBKrvVbN57FS1VdpxS7LwEhOFaYV2y2
DVaoI/djTuyCb3dbHO5U3cIFv34KC5NJ0SXQNo7HMJhBkzL0cnJdAPpTL8gGCGoP
UZQLIvtV7oVybx2OOtkvd+0hI1u89N35GXgVZNtrgp+JkL9E9AYy5iWIcVflxYOy
jKi3HvbNLHyBn9eusQyiI92yJHY3Pmn5AzVzZUPk5/E3F6Zggim3vKHPiJnybFSj
B/eXFw5M3bYAb0KsZLmPck/M5lVwbiTyh48Egu1U0FMSIlJnkL3qvpoHEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0EVc5y68+uSG1yY4BMHssAneWzMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMG3UsJ5g
02sPJ4m9DtQIRJynNroTIGMBnQVuAbBoDxRr4CVw6QqR3hMrUqexH4sqyLieT6fW
QHp/T38XV5bA31PhcNPA13JP6/L+k5prD5a5JYEW2JViGqVv0cO/cgyX3abcP8pw
QwPBdhExr19cwdWfI3Zfzx2fj6iSPy517BDesygT6WqTEN3qukaDK3hK1j6eeoOG
HPacbNsZylxlS/H7MNER9kvyuPJi6LPXBBkAPKjLF/qa6Mfiuoj+T4oTkE/Wxsp9
IC2n4pp2a8NissTZzK8zyyKrhOl28FXv4jrlegoyeOYOZoDLVI01AZTuWVaY10Mc
OCEb1YWak+9QaA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:16:25 2025 by rpki-client