Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
File: A-pQioW8c6mqogOop7r5wWLm82w.mft (raw, json)
Hash identifier: na7IW96kcE4VUwjJcphreOt5R5lEKGe5Y+nYd+UcQ5w=
Subject key identifier: 25:F8:E6:E2:A0:51:D8:52:A0:05:1B:59:23:87:C0:91:3E:C6:81:7D
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Certificate issuer: /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial: 019A02C79F42CB80587F6233B037B3DBCA0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
Manifest number: 0857
Signing time: Mon 20 Oct 2025 18:00:28 +0000
Manifest this update: Mon 20 Oct 2025 18:00:28 +0000
Manifest next update: Tue 21 Oct 2025 18:00:28 +0000
Files and hashes: 1: 2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa (hash: 0/wxjfgZFvKq0jXNMFirhtTQajhUkEHAhxXEqfHBgNk=)
2: A-pQioW8c6mqogOop7r5wWLm82w.crl (hash: VXtXmv/aE5qjiG/PlYs+USaKVGNyBb0h3WidyhFwcmg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:c7:9f:42:cb:80:58:7f:62:33:b0:37:b3:db:ca:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Validity
Not Before: Oct 20 18:00:28 2025 GMT
Not After : Oct 21 18:00:28 2025 GMT
Subject: CN=25f8e6e2a051d852a0051b592387c0913ec6817d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:99:74:f7:8d:eb:88:9d:95:5d:36:17:4d:
80:e6:28:b2:fb:d8:9c:cb:f1:b8:d6:73:3b:bb:b9:
63:af:85:9d:04:d1:78:be:5f:ea:df:53:3b:2e:25:
87:2c:f4:40:b0:06:ad:fc:73:ce:77:b7:04:a0:a4:
e6:15:22:88:d5:2e:73:f4:09:fd:1d:da:ef:76:f1:
3f:32:18:d3:83:e1:3d:da:f0:ae:41:9d:a6:cc:b4:
29:3a:a3:26:bc:9d:92:b1:dc:de:49:e0:29:c1:93:
43:d2:02:70:d0:1d:46:cf:f2:64:6f:20:66:c9:4c:
82:1d:f6:b4:ce:57:7a:43:71:0c:70:fb:69:c4:87:
86:63:30:de:64:67:5f:92:f4:52:a8:69:13:18:8a:
a0:fa:7c:2e:e1:30:be:c6:c7:56:d8:3d:aa:23:4f:
52:d7:db:0e:da:c0:da:db:1d:61:f0:76:cc:fa:5d:
10:7e:65:1d:2f:08:9c:cf:da:47:c5:10:d0:df:c5:
6d:de:00:47:d6:ae:c8:88:4a:6b:22:50:18:63:db:
84:ad:27:2f:76:aa:87:e3:d1:a4:1e:84:0a:96:e9:
24:40:fd:61:e6:e7:c1:39:cd:a0:f9:2d:a1:b5:ef:
97:49:45:9b:23:e9:05:03:a9:86:ee:3c:dc:12:1d:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F8:E6:E2:A0:51:D8:52:A0:05:1B:59:23:87:C0:91:3E:C6:81:7D
X509v3 Authority Key Identifier:
keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:d9:c8:dc:e0:ce:2b:65:d9:cb:3d:28:34:f8:2b:de:6d:d6:
4b:8a:bd:02:55:d5:d3:33:10:6d:44:53:99:2e:0b:e5:b3:65:
81:74:cb:6c:9b:1d:d0:f7:32:24:70:9f:5e:87:47:69:d0:79:
d7:bd:c7:7d:9e:97:51:e4:6e:ee:3f:c0:6c:55:a8:7c:7c:52:
22:3d:70:0f:6f:4c:0a:22:16:1b:2c:c4:61:a8:17:2c:6d:18:
d7:01:98:4a:80:13:27:2f:d7:6d:1a:03:a1:ae:50:b6:1f:f3:
3d:63:08:5b:a3:7b:cc:bc:e3:a8:83:33:f3:eb:d4:61:b0:84:
09:e7:b4:08:6f:32:89:3a:4b:38:b9:ff:ad:e3:46:86:cd:d6:
5e:e9:f6:f5:e7:65:72:60:5e:96:50:f1:f2:d6:f3:8c:a3:05:
5f:48:f7:be:5a:ee:c0:ce:ab:7e:60:e5:05:65:85:9c:98:77:
8b:cb:ec:34:1b:94:6e:bd:8d:21:96:f4:ea:10:a4:39:50:33:
37:49:fa:39:65:e3:59:43:43:39:ab:68:d4:6f:f5:5a:9d:bf:
1e:28:18:49:78:ba:b3:cb:1c:2d:27:73:d2:80:fd:15:67:f1:
22:2a:a7:84:e1:7c:0f:17:96:42:b5:4c:d1:90:7c:76:1f:07:
e1:47:b0:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCx59Cy4BYf2IzsDez28oNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjUxMDIwMTgwMDI4WhcNMjUxMDIxMTgwMDI4WjAzMTEwLwYDVQQD
EygyNWY4ZTZlMmEwNTFkODUyYTAwNTFiNTkyMzg3YzA5MTNlYzY4MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxGZdPeN64idlV02F02A5iiy+9ic
y/G41nM7u7ljr4WdBNF4vl/q31M7LiWHLPRAsAat/HPOd7cEoKTmFSKI1S5z9An9
HdrvdvE/MhjTg+E92vCuQZ2mzLQpOqMmvJ2SsdzeSeApwZND0gJw0B1Gz/JkbyBm
yUyCHfa0zld6Q3EMcPtpxIeGYzDeZGdfkvRSqGkTGIqg+nwu4TC+xsdW2D2qI09S
19sO2sDa2x1h8HbM+l0QfmUdLwicz9pHxRDQ38Vt3gBH1q7IiEprIlAYY9uErScv
dqqH49GkHoQKlukkQP1h5ufBOc2g+S2hte+XSUWbI+kFA6mG7jzcEh3TuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCX45uKgUdhSoAUbWSOHwJE+xoF9MB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdnI3ODO
K2XZyz0oNPgr3m3WS4q9AlXV0zMQbURTmS4L5bNlgXTLbJsd0PcyJHCfXodHadB5
173HfZ6XUeRu7j/AbFWofHxSIj1wD29MCiIWGyzEYagXLG0Y1wGYSoATJy/XbRoD
oa5Qth/zPWMIW6N7zLzjqIMz8+vUYbCECee0CG8yiTpLOLn/reNGhs3WXun29edl
cmBellDx8tbzjKMFX0j3vlruwM6rfmDlBWWFnJh3i8vsNBuUbr2NIZb06hCkOVAz
N0n6OWXjWUNDOato1G/1Wp2/HigYSXi6s8scLSdz0oD9FWfxIiqnhOF8DxeWQrVM
0ZB8dh8H4UewYA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:12:13 2025 by rpki-client