Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
File: I9FK_odQITwoDltovvsYhm95SX8.mft (raw, json)
Hash identifier: VN9/Ex0ruj5dwypnEbgXv16gp8uqdBpWlnRSoRGYumE=
Subject key identifier: 51:0E:F5:B5:F6:A1:6C:45:97:DB:F4:DA:F0:09:B6:81:BE:27:A2:4B
Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
Certificate issuer: /CN=23d14afe8750213c280e5b68befb18866f79497f
Certificate serial: 019A4EF5B880157C467369932C64F49364CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
Manifest number: 038E
Signing time: Tue 04 Nov 2025 13:01:57 +0000
Manifest this update: Tue 04 Nov 2025 13:01:57 +0000
Manifest next update: Wed 05 Nov 2025 13:01:57 +0000
Files and hashes: 1: I9FK_odQITwoDltovvsYhm95SX8.crl (hash: xqqGMExzTkhFSe2yU455CSXqabk/PPnBGHZqkE12MKM=)
2: bfd_WpvacXpVJP__dq6vej5IyyY.roa (hash: /B+pNt8vIwVV5x8COrKPeKukz7hh0c0T1g3kvtIg6Z0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:b8:80:15:7c:46:73:69:93:2c:64:f4:93:64:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f
Validity
Not Before: Nov 4 13:01:57 2025 GMT
Not After : Nov 5 13:01:57 2025 GMT
Subject: CN=510ef5b5f6a16c4597dbf4daf009b681be27a24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:d6:db:bd:a0:00:73:a1:fa:d9:c0:2d:90:
0c:81:c4:35:f2:4c:63:72:4a:69:48:05:53:72:08:
20:6e:42:42:94:be:57:d0:ab:32:51:94:9b:5d:38:
be:3f:a6:fc:67:5b:cf:55:73:b6:f3:67:ef:86:f4:
44:0d:fd:6a:5e:b8:df:95:98:24:11:7c:59:28:a6:
df:e2:88:3a:ba:05:5c:17:7b:d8:94:fb:6a:de:e6:
78:25:a2:f2:49:0a:df:f0:6e:1b:9d:9d:ee:49:97:
7e:1d:b9:ae:55:a3:8d:4b:0b:b0:3b:12:ef:69:fa:
af:81:0a:5d:ac:3c:ee:75:6c:86:37:4d:03:d8:e9:
9e:f1:ba:9c:11:47:eb:86:30:7a:5b:9d:4e:c9:e6:
e8:26:b5:16:8d:93:00:58:e2:b9:57:b2:36:ad:f0:
72:4e:a8:a2:f5:55:94:4f:46:4b:2c:f2:f4:35:fb:
a6:ef:8c:d3:65:6a:f3:60:7c:55:cb:df:07:9f:85:
83:cb:49:32:44:9e:ee:06:42:a4:f4:bc:24:d3:60:
f2:bd:44:99:38:af:17:d4:cc:99:45:85:68:a8:20:
ff:a5:3b:ff:a3:0e:f6:81:d7:19:68:c5:91:46:a4:
3c:4c:d4:07:19:b7:09:69:64:d0:29:51:d2:8f:d4:
f7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0E:F5:B5:F6:A1:6C:45:97:DB:F4:DA:F0:09:B6:81:BE:27:A2:4B
X509v3 Authority Key Identifier:
keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:fa:8c:49:94:7e:cc:c3:b7:b1:44:37:63:da:18:7e:3f:d4:
48:90:44:ac:17:5a:20:7d:36:e8:5e:1f:31:e8:8c:50:20:2a:
19:d6:44:81:e8:b5:e1:35:60:4d:a8:7f:43:ea:cc:1c:0b:a2:
3f:88:1c:a9:9a:31:d0:52:7e:8e:fe:71:a4:5a:55:f6:97:be:
0a:60:d8:94:92:ba:7c:65:4c:12:d1:0a:3d:dd:d6:d1:a8:37:
a4:aa:b5:a8:15:5e:b7:d3:08:05:5d:3c:c8:82:e1:58:f9:96:
65:fe:a2:f2:54:f5:0e:4c:34:55:fc:36:dd:34:78:66:11:be:
72:74:93:42:60:c0:99:6f:85:31:26:c4:64:55:31:94:8f:32:
57:11:d3:e3:d6:f8:41:8b:6c:54:a4:42:a7:40:9a:61:55:36:
3b:67:18:46:ac:45:d6:19:de:13:a8:b6:c9:0f:d0:a2:f6:ca:
79:38:93:9f:c7:92:fc:4f:38:8c:cc:af:e0:9e:87:9a:de:a8:
52:df:60:54:4e:a7:85:c1:fa:e4:33:db:c6:9c:c4:c3:84:ab:
de:a7:0a:df:c0:1a:7e:f9:69:cf:ee:02:dc:67:7b:9e:72:41:
7c:2d:22:ce:72:7e:39:1f:8a:5e:31:df:c7:22:4d:8d:56:e0:
08:0a:c5:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9biAFXxGc2mTLGT0k2TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3
OTQ5N2YwHhcNMjUxMTA0MTMwMTU3WhcNMjUxMTA1MTMwMTU3WjAzMTEwLwYDVQQD
Eyg1MTBlZjViNWY2YTE2YzQ1OTdkYmY0ZGFmMDA5YjY4MWJlMjdhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSrW272gAHOh+tnALZAMgcQ18kxj
ckppSAVTcgggbkJClL5X0KsyUZSbXTi+P6b8Z1vPVXO282fvhvREDf1qXrjflZgk
EXxZKKbf4og6ugVcF3vYlPtq3uZ4JaLySQrf8G4bnZ3uSZd+HbmuVaONSwuwOxLv
afqvgQpdrDzudWyGN00D2Ome8bqcEUfrhjB6W51OyeboJrUWjZMAWOK5V7I2rfBy
Tqii9VWUT0ZLLPL0Nfum74zTZWrzYHxVy98Hn4WDy0kyRJ7uBkKk9Lwk02DyvUSZ
OK8X1MyZRYVoqCD/pTv/ow72gdcZaMWRRqQ8TNQHGbcJaWTQKVHSj9T3RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEO9bX2oWxFl9v02vAJtoG+J6JLMB8GA1UdIwQY
MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt
ODQ3MmNhNDBmN2E3LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3
LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfqMSZR+
zMO3sUQ3Y9oYfj/USJBErBdaIH026F4fMeiMUCAqGdZEgei14TVgTah/Q+rMHAui
P4gcqZox0FJ+jv5xpFpV9pe+CmDYlJK6fGVMEtEKPd3W0ag3pKq1qBVet9MIBV08
yILhWPmWZf6i8lT1Dkw0Vfw23TR4ZhG+cnSTQmDAmW+FMSbEZFUxlI8yVxHT49b4
QYtsVKRCp0CaYVU2O2cYRqxF1hneE6i2yQ/QovbKeTiTn8eS/E84jMyv4J6Hmt6o
Ut9gVE6nhcH65DPbxpzEw4Sr3qcK38Aafvlpz+4C3Gd7nnJBfC0iznJ+OR+KXjHf
xyJNjVbgCArFUQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:48:40 2025 by rpki-client