Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier: rEEF/Jzsp+RAZXg54I76in+a9mXa1ydE4sjYDYtaH/0=
Subject key identifier: 2F:A3:7F:E3:90:35:04:A6:9A:11:32:E1:95:E8:0F:2C:DA:B7:24:57
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 019A0110F749C75E7BED20A92C3229E08008
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number: 0C67
Signing time: Mon 20 Oct 2025 10:01:20 +0000
Manifest this update: Mon 20 Oct 2025 10:01:20 +0000
Manifest next update: Tue 21 Oct 2025 10:01:20 +0000
Files and hashes: 1: E8EItKN2__9iKd7VUUHBehRVQCo.roa (hash: mIn23TrAWNsxopm3nGDSwuz19rtPaaB79Dzo0Qrhuqk=)
2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: U2pdxKfMshwGWOmGVkFfm9On/Wdt51bidz5zqBiwZQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:10:f7:49:c7:5e:7b:ed:20:a9:2c:32:29:e0:80:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Oct 20 10:01:20 2025 GMT
Not After : Oct 21 10:01:20 2025 GMT
Subject: CN=2fa37fe3903504a69a1132e195e80f2cdab72457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:05:10:d8:9a:5a:fd:97:4f:c7:bb:19:30:ea:
75:b1:64:99:4d:22:56:58:6b:cd:fe:45:02:15:af:
3b:39:cd:34:e2:d9:b5:5d:cd:e8:f8:d0:07:3e:87:
00:83:09:72:eb:8c:a1:31:2c:5f:3b:20:0a:fd:9f:
09:51:09:93:94:5b:fb:84:70:e6:01:87:be:37:89:
dd:f6:70:cb:fd:28:3e:68:43:0b:88:76:2c:0e:b8:
61:06:89:21:3a:1e:d7:74:a2:ea:a9:79:98:12:51:
aa:ba:df:4f:5f:76:6a:c1:42:d7:a4:98:cf:de:c3:
f8:bf:62:2e:4d:49:a3:5b:d8:6e:ec:d1:fd:bf:d9:
fe:ff:11:d9:26:db:eb:a1:25:cf:32:dc:50:8f:b8:
35:37:8b:19:a5:49:a4:eb:3a:54:2d:5d:eb:c7:87:
fe:58:24:f9:15:47:96:78:67:7d:d3:89:4a:61:92:
de:78:94:7c:86:3f:a7:ce:4b:ac:79:c1:ac:e5:3c:
1b:87:cb:79:55:33:49:18:57:fd:55:3e:14:e0:e9:
bc:9c:8a:cf:de:2f:6b:50:64:d2:ae:3f:98:48:69:
e3:91:05:1a:34:6b:f8:b3:ac:ab:e5:72:5c:87:f8:
55:31:86:68:ee:2e:57:16:c4:d9:41:ea:39:28:49:
42:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A3:7F:E3:90:35:04:A6:9A:11:32:E1:95:E8:0F:2C:DA:B7:24:57
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:fd:53:74:ee:29:c7:61:63:0c:75:44:93:dc:bf:9c:5e:93:
e3:38:d9:4b:57:89:2a:6f:48:70:9d:a7:dc:c1:1a:41:61:c5:
8e:04:78:94:d5:d7:bb:c7:ea:a3:fe:84:ca:58:80:f6:a9:f6:
4b:c9:e9:59:b3:c8:62:cf:d4:44:53:05:b0:3b:7a:ef:09:e1:
08:f4:dc:da:ad:56:8f:95:ce:c6:32:6d:fc:81:af:b1:8a:70:
ec:6c:e8:56:94:cf:06:f4:c3:ce:ea:e2:ec:9f:68:4e:de:ca:
97:9b:13:0a:d3:03:79:19:42:de:00:a9:44:05:f2:6f:db:f3:
5b:b0:bb:65:60:23:6c:5f:c2:65:cb:62:95:a7:a0:cc:1d:51:
96:c1:a9:d4:42:6a:76:30:01:f8:3f:db:a5:ee:96:fd:d4:8d:
f7:40:ca:ba:73:48:ba:7c:76:94:4f:fe:e6:f4:59:f0:30:dd:
a9:10:c3:69:81:1d:be:e2:ee:70:c8:0c:1c:19:45:2e:d3:fb:
ed:5f:c4:f7:20:66:18:ab:5a:ab:fd:ab:68:9b:71:63:1b:73:
e0:a0:73:98:22:80:6b:79:fb:fd:37:b1:d1:6d:b6:2d:2b:84:
33:12:8a:18:f8:e0:87:e2:fd:3a:46:6b:d7:7e:be:96:6f:43:
6c:44:e6:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEPdJx1577SCpLDIp4IAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjUxMDIwMTAwMTIwWhcNMjUxMDIxMTAwMTIwWjAzMTEwLwYDVQQD
EygyZmEzN2ZlMzkwMzUwNGE2OWExMTMyZTE5NWU4MGYyY2RhYjcyNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQUQ2Jpa/ZdPx7sZMOp1sWSZTSJW
WGvN/kUCFa87Oc004tm1Xc3o+NAHPocAgwly64yhMSxfOyAK/Z8JUQmTlFv7hHDm
AYe+N4nd9nDL/Sg+aEMLiHYsDrhhBokhOh7XdKLqqXmYElGqut9PX3ZqwULXpJjP
3sP4v2IuTUmjW9hu7NH9v9n+/xHZJtvroSXPMtxQj7g1N4sZpUmk6zpULV3rx4f+
WCT5FUeWeGd904lKYZLeeJR8hj+nzkusecGs5Twbh8t5VTNJGFf9VT4U4Om8nIrP
3i9rUGTSrj+YSGnjkQUaNGv4s6yr5XJch/hVMYZo7i5XFsTZQeo5KElCQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+jf+OQNQSmmhEy4ZXoDyzatyRXMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0P1TdO4p
x2FjDHVEk9y/nF6T4zjZS1eJKm9IcJ2n3MEaQWHFjgR4lNXXu8fqo/6EyliA9qn2
S8npWbPIYs/URFMFsDt67wnhCPTc2q1Wj5XOxjJt/IGvsYpw7GzoVpTPBvTDzuri
7J9oTt7Kl5sTCtMDeRlC3gCpRAXyb9vzW7C7ZWAjbF/CZctilaegzB1RlsGp1EJq
djAB+D/bpe6W/dSN90DKunNIunx2lE/+5vRZ8DDdqRDDaYEdvuLucMgMHBlFLtP7
7V/E9yBmGKtaq/2raJtxYxtz4KBzmCKAa3n7/Tex0W22LSuEMxKKGPjgh+L9OkZr
136+lm9DbETmug==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:32:05 2025 by rpki-client