Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: 2/ocBJBL0zUziWYGPL/hYeFfA7BQJBfJwNsFFnKZhNU=
Subject key identifier: AE:56:F5:78:D4:F8:DD:3D:F5:69:C2:8F:C0:BC:1F:ED:51:10:37:62
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0199FC58EE1FCE9FA4190F77302C2AD6327B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 12:01:50 +0000
Manifest this update: Sun 19 Oct 2025 12:01:50 +0000
Manifest next update: Mon 20 Oct 2025 12:01:50 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: sKJpTBUXtn1JgL7sC22BVEhZhZjd2AyCP+uZte8eSgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:ee:1f:ce:9f:a4:19:0f:77:30:2c:2a:d6:32:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Oct 19 12:01:50 2025 GMT
Not After : Oct 20 12:01:50 2025 GMT
Subject: CN=ae56f578d4f8dd3df569c28fc0bc1fed51103762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:71:83:58:da:60:a5:4e:4e:e8:0e:d8:8d:0b:
70:fc:00:34:0a:60:c6:4b:f4:13:8a:00:04:be:48:
59:7d:59:9f:d5:aa:1b:d8:e1:49:2b:c2:fb:e8:b6:
05:b9:6a:a1:20:13:d6:20:4b:69:e3:d4:ac:14:4d:
fa:79:47:48:7c:d6:a1:63:34:f2:0a:2d:6a:97:99:
e2:4e:34:d1:36:a9:78:a1:02:35:44:42:fa:d2:bd:
67:73:1f:37:d6:03:14:73:b7:da:37:89:4f:2f:19:
6d:96:45:25:7c:8d:ca:1d:9b:a6:4f:4e:7e:e5:ef:
4f:1f:54:76:f4:51:d6:86:8e:c3:63:ab:d3:13:1b:
90:fb:25:9b:a3:3f:56:4a:6a:73:b9:45:62:8a:57:
25:c7:8d:13:e0:20:b4:a1:d8:4d:90:bc:cc:31:cb:
24:d6:48:e1:dd:96:3f:b6:da:ae:b2:6a:fd:a1:ef:
43:4c:ad:b4:1f:8a:fb:8c:72:a0:55:d7:06:a1:ea:
d4:c8:02:ea:08:85:78:dc:1e:91:88:a1:a2:bb:a2:
f5:d2:3a:12:de:3c:e9:c7:bc:52:e6:53:29:e8:01:
e0:fc:b6:8a:0b:d8:cb:51:d1:70:1d:24:8b:8d:36:
63:57:7f:b2:e7:87:c6:7f:3e:cb:17:0f:d7:85:ac:
0e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:56:F5:78:D4:F8:DD:3D:F5:69:C2:8F:C0:BC:1F:ED:51:10:37:62
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:1a:7b:23:93:61:91:63:ad:8a:9a:d7:15:30:dd:cf:e5:5f:
15:40:8f:14:c1:62:9c:db:2e:13:16:8c:a9:67:af:3b:bf:5d:
17:7f:0a:4d:3d:34:7b:d2:53:cc:08:34:46:5b:8d:98:95:6c:
47:88:86:19:b6:d4:81:66:c5:9c:f8:0e:92:dd:9e:20:45:cc:
5d:b9:65:6f:53:31:2a:b1:b5:1f:e0:56:fc:5b:58:f2:6a:3c:
c4:58:6c:af:c7:ab:cd:fe:ff:41:39:4b:b2:ea:b0:25:7e:72:
12:d3:fc:36:08:d8:30:a7:0c:ea:52:d5:7b:63:8d:7d:4c:e5:
0c:86:d2:2d:6c:70:20:80:25:c7:d4:b3:a9:44:5f:27:72:dd:
01:2e:44:93:6e:90:b5:c8:a3:2a:8c:2b:40:b6:f3:66:23:1a:
dc:16:85:56:6d:cc:9b:37:b4:b9:cf:74:d7:66:ab:88:1c:b1:
48:d1:b8:94:ff:95:1d:ef:2e:70:47:59:f2:1a:53:a2:1d:44:
81:34:13:44:c8:3a:de:46:56:00:7f:f3:4a:86:a4:9e:d4:dc:
86:6c:f8:fe:76:7d:3e:ef:a8:b4:56:bc:a7:1b:9d:a0:a9:0a:
92:9f:b0:7f:a7:d6:f9:7f:14:17:8f:91:1c:7a:68:fe:37:84:
52:01:b0:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WO4fzp+kGQ93MCwq1jJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUxMDE5MTIwMTUwWhcNMjUxMDIwMTIwMTUwWjAzMTEwLwYDVQQD
EyhhZTU2ZjU3OGQ0ZjhkZDNkZjU2OWMyOGZjMGJjMWZlZDUxMTAzNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23GDWNpgpU5O6A7YjQtw/AA0CmDG
S/QTigAEvkhZfVmf1aob2OFJK8L76LYFuWqhIBPWIEtp49SsFE36eUdIfNahYzTy
Ci1ql5niTjTRNql4oQI1REL60r1ncx831gMUc7faN4lPLxltlkUlfI3KHZumT05+
5e9PH1R29FHWho7DY6vTExuQ+yWboz9WSmpzuUViilclx40T4CC0odhNkLzMMcsk
1kjh3ZY/ttqusmr9oe9DTK20H4r7jHKgVdcGoerUyALqCIV43B6RiKGiu6L10joS
3jzpx7xS5lMp6AHg/LaKC9jLUdFwHSSLjTZjV3+y54fGfz7LFw/XhawOGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5W9XjU+N099WnCj8C8H+1REDdiMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexp7I5Nh
kWOtiprXFTDdz+VfFUCPFMFinNsuExaMqWevO79dF38KTT00e9JTzAg0RluNmJVs
R4iGGbbUgWbFnPgOkt2eIEXMXbllb1MxKrG1H+BW/FtY8mo8xFhsr8erzf7/QTlL
suqwJX5yEtP8NgjYMKcM6lLVe2ONfUzlDIbSLWxwIIAlx9SzqURfJ3LdAS5Ek26Q
tcijKowrQLbzZiMa3BaFVm3Mmze0uc9012ariByxSNG4lP+VHe8ucEdZ8hpToh1E
gTQTRMg63kZWAH/zSoakntTchmz4/nZ9Pu+otFa8pxudoKkKkp+wf6fW+X8UF4+R
HHpo/jeEUgGw1A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:08 2025 by rpki-client