Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
File: Icc6XY7GO-1lijj1wm8ZH91035I.mft (raw, json)
Hash identifier: CPrGwj32xmYRaneNP0ISeivtRk9rs6uPgjv4rggQ+80=
Subject key identifier: 14:FE:A3:60:42:36:12:4A:DA:82:C3:64:D2:1F:5A:BE:49:99:89:80
Authority key identifier: 21:C7:3A:5D:8E:C6:3B:ED:65:8A:38:F5:C2:6F:19:1F:DD:74:DF:92
Certificate issuer: /CN=21c73a5d8ec63bed658a38f5c26f191fdd74df92
Certificate serial: 019A4D74223FC6A1384A7F84FCCE1F925CE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 06:00:47 +0000
Manifest this update: Tue 04 Nov 2025 06:00:47 +0000
Manifest next update: Wed 05 Nov 2025 06:00:47 +0000
Files and hashes: 1: 745x39IaKKbeM9M_OPciAoFxiI4.roa (hash: rIEFd72FIecG2+TT+EkabaQ2rf6+UODC9a0hMUMdVO0=)
2: Icc6XY7GO-1lijj1wm8ZH91035I.crl (hash: 1VmLw3yCfryXz68bqKvpIKr6kDNB0g4iPjVCoCmVAuU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:22:3f:c6:a1:38:4a:7f:84:fc:ce:1f:92:5c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21c73a5d8ec63bed658a38f5c26f191fdd74df92
Validity
Not Before: Nov 4 06:00:47 2025 GMT
Not After : Nov 5 06:00:47 2025 GMT
Subject: CN=14fea3604236124ada82c364d21f5abe49998980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c1:68:67:14:43:f2:1c:3a:31:43:0c:eb:24:
11:3a:fa:2a:14:a7:0e:5c:b2:4d:a7:ee:5b:db:85:
0c:d5:57:ca:03:ab:13:03:a2:14:a6:20:cf:29:48:
ad:f1:d7:61:94:e8:80:20:3c:c4:74:8c:dd:41:6b:
ab:6f:b3:c7:51:9e:ad:0c:0f:c4:cc:5d:2f:df:23:
71:cd:55:8f:7d:29:5d:88:22:51:98:d0:35:3d:bb:
a0:15:2c:9e:e6:5b:dd:93:3b:d8:88:62:a9:81:8a:
01:07:71:d3:94:e7:88:77:d7:c6:99:cb:80:ae:9b:
93:03:5d:bc:98:9f:e1:2c:7a:68:9c:76:45:f6:f1:
a7:90:cd:c5:99:3c:43:74:dc:30:af:10:8e:75:43:
18:a3:bf:8e:8a:b5:40:20:8d:ba:66:f3:66:04:36:
9d:4d:45:33:1f:e7:a7:be:0f:29:b7:ba:82:e0:51:
1c:22:a7:2e:48:41:ef:61:7c:a3:1a:c3:8a:af:6c:
37:93:50:4c:60:9f:ce:d3:23:51:2e:f9:50:ba:ca:
14:d7:67:20:54:bd:2b:89:b2:be:8b:7e:75:2b:52:
e7:d5:55:1a:dd:7f:db:d2:ab:04:e0:b8:2b:ec:fe:
10:9b:c9:92:a1:0a:7d:5a:3c:e1:e9:c7:40:8b:4e:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FE:A3:60:42:36:12:4A:DA:82:C3:64:D2:1F:5A:BE:49:99:89:80
X509v3 Authority Key Identifier:
keyid:21:C7:3A:5D:8E:C6:3B:ED:65:8A:38:F5:C2:6F:19:1F:DD:74:DF:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icc6XY7GO-1lijj1wm8ZH91035I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f850ec-9954-485c-aa0b-fd120c31da72/1/Icc6XY7GO-1lijj1wm8ZH91035I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:75:cc:81:ee:a9:0d:48:ee:7a:58:4c:54:22:d6:6b:c5:5c:
7c:4f:7c:8f:fa:c9:6f:94:69:56:a7:55:3b:97:61:f6:79:78:
df:58:48:c4:3c:cf:8e:16:45:68:72:c6:b8:8f:7a:7f:6e:d2:
27:d2:74:e7:7e:40:a7:9a:f1:51:a3:bf:47:2c:e7:37:c4:02:
9c:e7:9e:47:2a:ea:2d:57:83:b9:0e:1f:a1:79:c3:5b:58:a0:
be:e1:c2:b5:92:b1:f3:7c:dc:a7:ca:c8:89:26:12:d4:02:0c:
f7:a4:3b:3e:88:a6:0f:4c:25:61:3f:d0:1b:94:04:0c:20:83:
ba:66:c4:9e:59:6f:30:e3:7b:14:83:9e:f6:7a:20:6c:c5:0f:
ad:99:dd:a4:6d:34:80:46:7b:42:6c:2b:70:61:73:dd:63:be:
32:cd:98:aa:e2:df:ce:ae:bc:a2:3f:a2:32:f5:4e:7e:ad:01:
02:72:30:56:4a:4e:cd:47:55:4c:9d:4f:be:35:9d:67:7d:ce:
cd:bb:5a:02:c6:a3:58:b8:bc:d5:65:23:cc:fa:e8:10:32:8d:
ce:f1:30:58:6b:6c:23:d9:60:0f:92:42:29:4e:f1:9d:13:65:
a7:23:ac:da:fc:11:59:d9:4b:6f:0f:1a:24:35:60:4e:33:67:
f2:ca:be:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdCI/xqE4Sn+E/M4fklzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzczYTVkOGVjNjNiZWQ2NThhMzhmNWMyNmYxOTFmZGQ3
NGRmOTIwHhcNMjUxMTA0MDYwMDQ3WhcNMjUxMTA1MDYwMDQ3WjAzMTEwLwYDVQQD
EygxNGZlYTM2MDQyMzYxMjRhZGE4MmMzNjRkMjFmNWFiZTQ5OTk4OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsFoZxRD8hw6MUMM6yQROvoqFKcO
XLJNp+5b24UM1VfKA6sTA6IUpiDPKUit8ddhlOiAIDzEdIzdQWurb7PHUZ6tDA/E
zF0v3yNxzVWPfSldiCJRmNA1PbugFSye5lvdkzvYiGKpgYoBB3HTlOeId9fGmcuA
rpuTA128mJ/hLHponHZF9vGnkM3FmTxDdNwwrxCOdUMYo7+OirVAII26ZvNmBDad
TUUzH+envg8pt7qC4FEcIqcuSEHvYXyjGsOKr2w3k1BMYJ/O0yNRLvlQusoU12cg
VL0ribK+i351K1Ln1VUa3X/b0qsE4Lgr7P4Qm8mSoQp9Wjzh6cdAi07dnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBT+o2BCNhJK2oLDZNIfWr5JmYmAMB8GA1UdIwQY
MBaAFCHHOl2OxjvtZYo49cJvGR/ddN+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9mODUwZWMtOTk1NC00ODVjLWFhMGIt
ZmQxMjBjMzFkYTcyLzEvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9mODUwZWMtOTk1NC00ODVjLWFhMGItZmQxMjBjMzFkYTcy
LzEvSWNjNlhZN0dPLTFsaWpqMXdtOFpIOTEwMzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHXMge6p
DUjuelhMVCLWa8VcfE98j/rJb5RpVqdVO5dh9nl431hIxDzPjhZFaHLGuI96f27S
J9J0535Ap5rxUaO/RyznN8QCnOeeRyrqLVeDuQ4foXnDW1igvuHCtZKx83zcp8rI
iSYS1AIM96Q7PoimD0wlYT/QG5QEDCCDumbEnllvMON7FIOe9nogbMUPrZndpG00
gEZ7QmwrcGFz3WO+Ms2YquLfzq68oj+iMvVOfq0BAnIwVkpOzUdVTJ1PvjWdZ33O
zbtaAsajWLi81WUjzProEDKNzvEwWGtsI9lgD5JCKU7xnRNlpyOs2vwRWdlLbw8a
JDVgTjNn8sq+vA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:47:32 2025 by rpki-client