Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
File: aEZbnPs2jGnssOP-o7VCupxzAfQ.mft (raw, json)
Hash identifier: Km0JfP20ATPCP/9p/awH43f3HtSQqi+rMspa5o8idhg=
Subject key identifier: 5B:A2:21:81:D8:CA:FC:B2:14:A5:C2:91:4E:2A:DE:CB:EE:45:62:94
Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Certificate serial: 0199FF2288DE4ECE175D0787785EBB69FF95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
Manifest number: 13FC
Signing time: Mon 20 Oct 2025 01:01:17 +0000
Manifest this update: Mon 20 Oct 2025 01:01:17 +0000
Manifest next update: Tue 21 Oct 2025 01:01:17 +0000
Files and hashes: 1: aEZbnPs2jGnssOP-o7VCupxzAfQ.crl (hash: ukGyh4fqyua4yDE1ZC0LJPFmV6tI5hz8aDvkdyJ2+hA=)
2: s3MszUL2Sssrqjezj_btDkPTmQg.roa (hash: rgkSdfEiUESbKFQA8EcHOyD2UnXv2kAlPQ3EqnLhSNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:88:de:4e:ce:17:5d:07:87:78:5e:bb:69:ff:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Validity
Not Before: Oct 20 01:01:17 2025 GMT
Not After : Oct 21 01:01:17 2025 GMT
Subject: CN=5ba22181d8cafcb214a5c2914e2adecbee456294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:de:a4:9a:98:d8:ef:c7:c4:80:8a:89:86:ca:
ef:06:05:39:3d:d4:36:c2:21:4c:0f:40:17:f3:05:
ae:a8:13:0a:f5:7a:fc:05:79:39:e6:d0:72:b9:c6:
20:fb:cf:99:0e:c6:86:94:9b:41:24:83:85:2e:e6:
16:f5:6d:23:75:17:1e:04:a9:7a:07:c4:aa:be:ab:
f4:c3:7f:b0:2f:6c:af:4f:9f:d9:a4:a3:c7:8c:16:
23:42:b7:02:58:a9:ae:58:ad:ab:a7:e4:06:34:77:
b9:cd:b4:6e:09:2b:4d:11:c0:02:83:1e:a9:4c:c2:
3b:86:95:4f:4d:77:13:6c:69:4f:73:dd:8b:78:c0:
3a:73:76:d5:0e:b8:32:4e:3a:68:c2:99:71:35:f0:
d0:cc:5c:e6:12:28:27:57:a4:1d:7e:f6:55:d9:dd:
8d:48:41:83:f0:3a:29:1d:00:53:c7:30:e9:2d:49:
ae:fc:6b:06:c9:14:36:f3:6e:92:e6:e0:10:2c:9d:
b1:c6:45:bd:4a:7f:5c:68:0f:ac:a3:bb:df:e2:37:
b0:21:83:ad:ff:db:d4:08:82:19:55:2a:ce:14:5a:
19:2c:88:33:fe:83:7b:ca:54:77:39:6f:5b:e0:b0:
6e:b7:1a:f8:d7:eb:ad:cb:be:aa:c4:93:a2:25:1d:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A2:21:81:D8:CA:FC:B2:14:A5:C2:91:4E:2A:DE:CB:EE:45:62:94
X509v3 Authority Key Identifier:
keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:3e:55:12:67:93:5d:95:af:0f:df:9d:6c:d0:53:fa:d8:31:
4b:d0:87:e1:08:c0:23:cd:ee:ef:72:38:6d:ca:a8:2a:a5:f7:
8d:06:ea:64:17:1d:dd:19:71:b7:d9:75:16:cd:11:40:95:aa:
26:6f:77:ff:e8:43:4a:13:6c:03:41:50:7d:e7:66:df:89:ad:
49:d3:47:47:89:55:b0:1b:9e:15:7e:5a:93:82:41:f6:68:62:
f9:6f:28:be:4b:6a:cd:18:64:a7:da:ae:ec:28:71:51:31:12:
00:6c:c4:b5:a4:8d:ca:6a:0a:19:51:08:39:7b:55:ef:2f:2b:
49:ec:43:28:a8:c4:c9:c7:5a:20:5f:7f:0e:dd:34:01:85:a2:
95:04:72:7d:ba:7b:2f:ef:75:16:ee:64:1e:36:30:2b:41:e3:
fa:b2:96:e9:5f:2a:c5:ee:0a:e2:76:c9:7d:b8:b9:f0:fb:4c:
ed:5c:7a:72:50:2b:ec:c5:6d:de:1b:0b:08:0e:12:ff:6b:c7:
0e:ec:68:7d:97:21:6b:ec:45:0e:e7:87:ff:05:f7:73:c8:46:
da:54:b0:57:23:95:cf:10:1e:f0:f7:e2:2e:14:d1:f7:ce:cb:
b3:5f:55:25:3a:e7:7f:13:61:cc:ca:dd:61:75:64:b6:43:b4:
fa:4e:d7:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IojeTs4XXQeHeF67af+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3
MzAxZjQwHhcNMjUxMDIwMDEwMTE3WhcNMjUxMDIxMDEwMTE3WjAzMTEwLwYDVQQD
Eyg1YmEyMjE4MWQ4Y2FmY2IyMTRhNWMyOTE0ZTJhZGVjYmVlNDU2Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d6kmpjY78fEgIqJhsrvBgU5PdQ2
wiFMD0AX8wWuqBMK9Xr8BXk55tByucYg+8+ZDsaGlJtBJIOFLuYW9W0jdRceBKl6
B8Sqvqv0w3+wL2yvT5/ZpKPHjBYjQrcCWKmuWK2rp+QGNHe5zbRuCStNEcACgx6p
TMI7hpVPTXcTbGlPc92LeMA6c3bVDrgyTjpowplxNfDQzFzmEignV6QdfvZV2d2N
SEGD8DopHQBTxzDpLUmu/GsGyRQ2826S5uAQLJ2xxkW9Sn9caA+so7vf4jewIYOt
/9vUCIIZVSrOFFoZLIgz/oN7ylR3OW9b4LButxr41+uty76qxJOiJR3jzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuiIYHYyvyyFKXCkU4q3svuRWKUMB8GA1UdIwQY
MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt
MWFlYTViZTE1MGZhLzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh
LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASj5VEmeT
XZWvD9+dbNBT+tgxS9CH4QjAI83u73I4bcqoKqX3jQbqZBcd3Rlxt9l1Fs0RQJWq
Jm93/+hDShNsA0FQfedm34mtSdNHR4lVsBueFX5ak4JB9mhi+W8ovktqzRhkp9qu
7ChxUTESAGzEtaSNymoKGVEIOXtV7y8rSexDKKjEycdaIF9/Dt00AYWilQRyfbp7
L+91Fu5kHjYwK0Hj+rKW6V8qxe4K4nbJfbi58PtM7Vx6clAr7MVt3hsLCA4S/2vH
DuxofZcha+xFDueH/wX3c8hG2lSwVyOVzxAe8PfiLhTR987Ls19VJTrnfxNhzMrd
YXVktkO0+k7Xdg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:45:53 2025 by rpki-client