Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
File: iCGjmu2dpO46tmOdJEUI-h6NIPY.mft (raw, json)
Hash identifier: kgS/hIdQQFcxKCdaDGQUvnKe8slGlsl+uGqIGxt9780=
Subject key identifier: 32:72:DB:CF:28:B9:7D:32:33:BC:CB:82:DD:2C:20:CE:AE:2C:7B:05
Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
Certificate issuer: /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Certificate serial: 019A5262FE492E4D679C13D9A7B6A9589845
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
Manifest number: 1430
Signing time: Wed 05 Nov 2025 05:00:10 +0000
Manifest this update: Wed 05 Nov 2025 05:00:10 +0000
Manifest next update: Thu 06 Nov 2025 05:00:10 +0000
Files and hashes: 1: OIDmEPbDXYESb6L8W110fitW4aA.roa (hash: AIH3VvHzWUC8AtgPyCBt/ld6YdiGtY4TDL+tLd/3C+w=)
2: WYkwsfl1LrYxcZc4hOn_dwqrnKU.roa (hash: OFI3Jc8HI7chg6jym9Pd2h5sq7FHfkNT1WJbvujMSAY=)
3: iCGjmu2dpO46tmOdJEUI-h6NIPY.crl (hash: 8zDNELQPXidq0XbOHw6qRg2jreLPZg+PdnsvHSaXkkI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:62:fe:49:2e:4d:67:9c:13:d9:a7:b6:a9:58:98:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Validity
Not Before: Nov 5 05:00:10 2025 GMT
Not After : Nov 6 05:00:10 2025 GMT
Subject: CN=3272dbcf28b97d3233bccb82dd2c20ceae2c7b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:a9:1e:4f:5d:35:e6:36:b9:5a:f5:9a:0f:
50:8b:32:f4:48:4d:4c:14:18:d8:77:5e:fc:bb:24:
7a:96:65:6d:52:9a:bb:16:bc:4e:fd:4c:12:a2:7d:
51:84:f0:e7:50:37:15:57:b9:05:8a:e2:2f:b8:9a:
ac:88:81:27:12:c1:3a:46:5c:9c:00:5b:e7:4f:fb:
98:19:cb:a7:4f:81:a6:d9:e1:ba:e7:44:c3:8c:86:
83:49:a7:26:f4:7c:59:1e:b2:c5:51:de:20:04:9d:
5e:f8:98:d7:89:86:44:dd:18:fd:b4:b0:f7:2f:15:
a1:37:af:bf:92:fd:67:1a:2c:03:b0:00:92:cf:3c:
88:9c:f7:f8:5f:c0:44:77:f4:a6:50:57:36:d5:dc:
37:78:46:07:27:2a:d1:83:19:e2:9d:83:26:db:59:
d3:c2:7c:85:6f:45:37:64:89:04:ba:28:7a:b7:fa:
55:f9:83:87:cb:36:ca:4b:8b:99:19:97:0d:73:17:
2d:43:a2:d1:c2:7f:07:c2:3c:52:f2:bf:29:41:ff:
43:60:f9:91:7f:af:bd:36:0f:3f:3f:46:5f:c5:27:
8d:36:8a:5b:28:9c:3d:eb:c0:d6:13:a0:b9:12:f3:
9f:9c:d2:22:15:ad:72:73:bc:7f:e5:3c:24:b9:82:
8b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:72:DB:CF:28:B9:7D:32:33:BC:CB:82:DD:2C:20:CE:AE:2C:7B:05
X509v3 Authority Key Identifier:
keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:d4:64:e3:2e:b8:08:70:ea:c5:d8:8c:8e:46:9e:85:08:54:
ef:3d:be:fb:a5:5e:65:c7:7d:cc:ae:79:73:91:10:e9:5c:ae:
4d:27:10:a1:66:85:d4:9d:9c:39:16:14:c4:0e:9d:a7:82:da:
7f:d6:a4:5e:b1:cb:a0:61:de:5e:ef:0c:6a:00:9c:e2:99:5a:
43:2e:14:ae:92:e3:29:d3:81:75:d1:8b:11:9c:17:2e:59:5e:
9d:a6:f8:88:6c:0f:48:96:5e:40:26:88:90:64:a4:99:ed:1b:
4f:a0:c7:0c:69:89:98:e2:ff:9e:33:7c:41:05:e4:96:90:b8:
18:ec:a2:d6:41:d4:3f:22:82:5b:86:72:9a:91:45:ba:f8:4a:
52:52:ba:11:69:89:04:56:fa:93:c3:36:58:1d:f4:bb:13:dd:
18:c5:8d:63:de:7e:bd:c0:77:86:74:72:39:df:a0:e6:93:a1:
f8:e6:34:b5:6a:29:84:b7:15:d8:e0:2e:6c:b2:8a:0d:e4:90:
44:ff:47:84:a8:60:10:5f:49:f5:1b:ba:8e:77:16:86:b9:db:
7a:86:02:a4:03:a5:fd:a3:57:2c:e9:60:0d:03:0d:0e:3e:56:
01:67:06:a2:33:d6:16:7c:15:9a:ab:8c:d1:14:15:30:7f:2a:
43:7b:05:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYv5JLk1nnBPZp7apWJhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4
ZDIwZjYwHhcNMjUxMTA1MDUwMDEwWhcNMjUxMTA2MDUwMDEwWjAzMTEwLwYDVQQD
EygzMjcyZGJjZjI4Yjk3ZDMyMzNiY2NiODJkZDJjMjBjZWFlMmM3YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJCpHk9dNeY2uVr1mg9QizL0SE1M
FBjYd178uyR6lmVtUpq7FrxO/UwSon1RhPDnUDcVV7kFiuIvuJqsiIEnEsE6Rlyc
AFvnT/uYGcunT4Gm2eG650TDjIaDSacm9HxZHrLFUd4gBJ1e+JjXiYZE3Rj9tLD3
LxWhN6+/kv1nGiwDsACSzzyInPf4X8BEd/SmUFc21dw3eEYHJyrRgxninYMm21nT
wnyFb0U3ZIkEuih6t/pV+YOHyzbKS4uZGZcNcxctQ6LRwn8HwjxS8r8pQf9DYPmR
f6+9Ng8/P0ZfxSeNNopbKJw968DWE6C5EvOfnNIiFa1yc7x/5TwkuYKLYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJy288ouX0yM7zLgt0sIM6uLHsFMB8GA1UdIwQY
MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt
ZjYwZDZmNzE4MmExLzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx
LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf9Rk4y64
CHDqxdiMjkaehQhU7z2++6VeZcd9zK55c5EQ6VyuTScQoWaF1J2cORYUxA6dp4La
f9akXrHLoGHeXu8MagCc4plaQy4UrpLjKdOBddGLEZwXLllenab4iGwPSJZeQCaI
kGSkme0bT6DHDGmJmOL/njN8QQXklpC4GOyi1kHUPyKCW4ZympFFuvhKUlK6EWmJ
BFb6k8M2WB30uxPdGMWNY95+vcB3hnRyOd+g5pOh+OY0tWophLcV2OAubLKKDeSQ
RP9HhKhgEF9J9Ru6jncWhrnbeoYCpAOl/aNXLOlgDQMNDj5WAWcGojPWFnwVmquM
0RQVMH8qQ3sFGg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:47:44 2025 by rpki-client