Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json)
Hash identifier: t5CVdXaXV/AV98pZV7TE944x8X+2ricrFh6o/IWR66k=
Subject key identifier: 40:3E:4B:11:69:61:F2:50:B7:D2:44:7E:84:00:9B:C5:8E:F2:46:A3
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 0199FE0FF83C1079E2400779C7B868C691BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 20:01:23 +0000
Manifest this update: Sun 19 Oct 2025 20:01:23 +0000
Manifest next update: Mon 20 Oct 2025 20:01:23 +0000
Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=)
2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: qj6tSvar7F4Qwgkmwa0wAbjHVs62rK5WPnP5p/oRxEM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:0f:f8:3c:10:79:e2:40:07:79:c7:b8:68:c6:91:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Oct 19 20:01:23 2025 GMT
Not After : Oct 20 20:01:23 2025 GMT
Subject: CN=403e4b116961f250b7d2447e84009bc58ef246a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:94:39:83:d3:45:5e:85:ed:ef:fd:5c:49:13:
43:cd:aa:4d:4d:02:15:0e:29:72:7b:93:3f:5b:9e:
77:23:9e:e9:16:5b:58:15:53:66:bb:ac:9b:d5:db:
83:21:91:71:2f:66:43:a2:99:b1:cd:bf:0a:6b:0a:
58:8f:02:e3:9c:56:27:3e:84:68:c7:6c:82:6d:6c:
ff:d1:a4:93:d4:7c:22:ef:38:22:65:6c:cd:ce:d0:
4a:2c:a0:55:05:7b:3b:61:4d:7e:89:bd:da:25:6f:
43:9b:4d:2b:ec:1f:00:c9:c2:c8:2d:31:3f:3d:4c:
b5:01:06:eb:8e:7c:77:e3:d2:d6:b6:5b:23:76:8b:
7b:a4:ef:dd:2d:81:48:91:4e:72:d3:00:ed:d7:77:
40:c9:82:84:6c:79:3d:79:0f:7d:ec:e9:32:27:5a:
36:54:57:8d:e6:3b:99:c4:ef:2d:b7:56:73:f1:91:
1d:8b:47:72:29:63:c5:fc:87:58:90:50:f1:ed:5b:
38:c0:b5:4e:b2:9b:ea:e1:4a:d2:80:c1:0f:d4:d8:
d3:a4:b0:02:ee:78:c2:40:e1:f3:cf:5a:4a:24:57:
0b:64:a3:64:cc:6f:14:43:3f:1b:76:be:2c:da:9f:
ae:2b:05:67:74:74:89:c6:c1:c2:73:3d:43:e0:ce:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3E:4B:11:69:61:F2:50:B7:D2:44:7E:84:00:9B:C5:8E:F2:46:A3
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:c0:40:f2:49:ec:03:03:36:f0:6e:ec:6f:45:1a:cd:ea:8a:
3a:61:b0:43:4f:16:71:f5:ad:ca:27:bc:f1:de:07:89:dd:93:
79:8e:f9:e0:6a:85:1d:fc:08:6c:15:d4:3a:ce:c7:ab:04:92:
72:33:f1:7f:43:da:dd:fa:12:c7:30:58:1f:e4:4d:55:be:7e:
cc:ca:31:bd:a7:c4:67:8b:c6:c1:d8:1b:ce:d8:f4:f9:9b:02:
15:88:aa:90:67:70:9c:d9:c2:1a:05:31:62:a0:e2:69:a1:a8:
77:fc:97:f9:f9:68:fb:9f:90:f3:21:16:f1:75:2d:87:b6:d0:
4e:56:c2:e4:82:12:66:75:71:f2:b7:ba:ff:21:fb:d3:28:dc:
e1:50:89:15:b0:ad:f1:0d:1a:bd:17:90:e0:99:5d:14:c8:22:
f6:25:b9:cb:47:fe:06:dc:6c:8c:71:53:cf:de:5b:dd:23:8d:
cb:86:0c:74:07:cd:c5:7d:29:a3:77:a4:da:02:34:70:da:a9:
00:13:fc:c4:d5:2b:c7:9c:d9:3c:d0:22:5e:c7:3a:fb:e0:84:
43:ba:83:46:d4:7d:b5:13:11:1a:e0:5a:35:ad:21:a6:b4:67:
e5:01:4f:6c:ce:03:91:7f:ed:a6:dc:24:c9:b7:ab:c4:a9:12:
bd:c9:96:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+D/g8EHniQAd5x7hoxpG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm
MDc5OTUwHhcNMjUxMDE5MjAwMTIzWhcNMjUxMDIwMjAwMTIzWjAzMTEwLwYDVQQD
Eyg0MDNlNGIxMTY5NjFmMjUwYjdkMjQ0N2U4NDAwOWJjNThlZjI0NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJQ5g9NFXoXt7/1cSRNDzapNTQIV
Dilye5M/W553I57pFltYFVNmu6yb1duDIZFxL2ZDopmxzb8KawpYjwLjnFYnPoRo
x2yCbWz/0aST1Hwi7zgiZWzNztBKLKBVBXs7YU1+ib3aJW9Dm00r7B8AycLILTE/
PUy1AQbrjnx349LWtlsjdot7pO/dLYFIkU5y0wDt13dAyYKEbHk9eQ997OkyJ1o2
VFeN5juZxO8tt1Zz8ZEdi0dyKWPF/IdYkFDx7Vs4wLVOspvq4UrSgMEP1NjTpLAC
7njCQOHzz1pKJFcLZKNkzG8UQz8bdr4s2p+uKwVndHSJxsHCcz1D4M4jMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEA+SxFpYfJQt9JEfoQAm8WO8kajMB8GA1UdIwQY
MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt
N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy
LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVcBA8kns
AwM28G7sb0UazeqKOmGwQ08WcfWtyie88d4Hid2TeY754GqFHfwIbBXUOs7HqwSS
cjPxf0Pa3foSxzBYH+RNVb5+zMoxvafEZ4vGwdgbztj0+ZsCFYiqkGdwnNnCGgUx
YqDiaaGod/yX+flo+5+Q8yEW8XUth7bQTlbC5IISZnVx8re6/yH70yjc4VCJFbCt
8Q0avReQ4JldFMgi9iW5y0f+BtxsjHFTz95b3SONy4YMdAfNxX0po3ek2gI0cNqp
ABP8xNUrx5zZPNAiXsc6++CEQ7qDRtR9tRMRGuBaNa0hprRn5QFPbM4DkX/tptwk
yberxKkSvcmWTg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:14:24 2025 by rpki-client