Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
File: isfq5knZVHsK0KsAerTopI3tTV0.mft (raw, json)
Hash identifier: EKtixxDi/txgYO7wb9AyQd06hrcczuHI9Qve7zrZ+LA=
Subject key identifier: 10:7A:B4:5F:D7:AD:94:C4:FA:C1:39:F9:F2:10:CE:7E:A7:73:AF:6F
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial: 019A4FD033002CC1CF287E1E8D98A9780EE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
Manifest number: 1713
Signing time: Tue 04 Nov 2025 17:00:35 +0000
Manifest this update: Tue 04 Nov 2025 17:00:35 +0000
Manifest next update: Wed 05 Nov 2025 17:00:35 +0000
Files and hashes: 1: VnjAZXEV2IpEDwg3p4BnaouHiwY.roa (hash: +OjGTLOvqNCpLYSjRU9GeBSRZeFRlVpWW6Mj3HPVgqw=)
2: isfq5knZVHsK0KsAerTopI3tTV0.crl (hash: dVA/g8Y4cSqtN55bJW1u4do2NDQ12+SPQHbbUZeL+no=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:d0:33:00:2c:c1:cf:28:7e:1e:8d:98:a9:78:0e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Validity
Not Before: Nov 4 17:00:35 2025 GMT
Not After : Nov 5 17:00:35 2025 GMT
Subject: CN=107ab45fd7ad94c4fac139f9f210ce7ea773af6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ab:28:2c:74:d5:34:09:2f:be:82:59:f3:8b:
db:bd:6e:ac:62:5b:f2:98:7d:5c:78:3d:69:3e:83:
5b:01:89:bd:27:20:98:bd:4c:12:63:37:5d:1c:7b:
79:b5:f6:84:bf:b2:68:f8:ee:5b:25:00:47:79:2f:
50:09:2a:38:a3:d7:67:8e:9c:d3:f5:0e:b8:35:95:
c9:cf:9c:e3:51:8e:9f:82:75:19:8d:c2:22:6e:b7:
05:7f:a2:56:86:10:1d:78:af:a4:d1:60:e7:4b:12:
dc:fc:14:5c:02:bd:d8:a0:fc:22:23:68:bb:f9:e8:
d2:f1:01:36:a2:67:4e:d2:9d:2a:94:10:d3:c0:92:
da:5e:8e:7a:c9:3c:ab:4f:4c:a5:0d:bd:62:39:eb:
ff:dc:81:ad:38:66:6f:ca:f7:4f:bb:b3:86:06:d6:
f7:4d:b2:85:f7:fe:98:bb:2c:ac:cb:e0:72:37:49:
e2:92:30:57:40:7f:f9:01:77:38:ed:52:48:bc:6e:
5a:a2:c2:34:bb:f0:0f:c3:98:0c:92:6e:97:9f:35:
8d:01:38:f3:28:82:4d:07:4a:7a:55:9c:b9:ff:97:
0c:04:65:ec:77:3b:a2:67:1e:c3:d5:6e:be:0d:e0:
59:00:ff:3c:31:6c:d5:2c:98:ca:8b:85:cb:c9:f6:
78:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7A:B4:5F:D7:AD:94:C4:FA:C1:39:F9:F2:10:CE:7E:A7:73:AF:6F
X509v3 Authority Key Identifier:
keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:37:7f:58:a2:c5:c3:8a:2a:64:32:8c:6f:24:e0:d3:8f:42:
22:70:46:e3:d2:5c:a9:9b:84:a1:3d:d3:1b:11:13:35:e0:e7:
93:66:f4:00:72:68:d5:34:c3:74:02:c7:79:85:86:fd:b9:79:
49:2b:33:cd:a8:2e:03:90:d9:82:ed:51:50:e3:22:c9:26:2e:
8a:ea:6c:16:85:83:00:90:56:7f:09:e6:2b:28:2a:95:e7:01:
5a:81:20:7e:28:44:89:85:5d:ed:fa:92:76:33:36:f4:73:f1:
e1:ec:fd:a0:6c:fa:a8:53:72:9d:0e:3b:2d:ad:33:e5:a3:5d:
1c:d2:4b:0a:99:8d:9f:1b:46:f6:59:72:2d:c4:18:af:e7:cb:
cd:4c:28:1e:eb:03:9a:c1:e0:2d:dc:af:74:aa:c8:f8:c5:c6:
b8:35:cf:56:b8:b8:25:72:b5:95:f7:8d:6c:8d:74:a2:b8:c4:
f8:9c:78:a5:3b:93:f0:97:c8:9e:ca:55:2f:1b:00:a7:50:02:
0b:4b:89:d5:c7:e4:7b:ec:25:1f:5e:25:df:b7:d1:d3:98:4d:
71:60:ba:8d:fa:4b:74:df:59:f7:18:68:9a:0a:94:03:6d:32:
c1:6a:ee:39:21:4b:ff:fe:01:6a:f0:0a:c1:11:a3:9c:87:54:
7b:ed:57:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0DMALMHPKH4ejZipeA7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjUxMTA0MTcwMDM1WhcNMjUxMTA1MTcwMDM1WjAzMTEwLwYDVQQD
EygxMDdhYjQ1ZmQ3YWQ5NGM0ZmFjMTM5ZjlmMjEwY2U3ZWE3NzNhZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoasoLHTVNAkvvoJZ84vbvW6sYlvy
mH1ceD1pPoNbAYm9JyCYvUwSYzddHHt5tfaEv7Jo+O5bJQBHeS9QCSo4o9dnjpzT
9Q64NZXJz5zjUY6fgnUZjcIibrcFf6JWhhAdeK+k0WDnSxLc/BRcAr3YoPwiI2i7
+ejS8QE2omdO0p0qlBDTwJLaXo56yTyrT0ylDb1iOev/3IGtOGZvyvdPu7OGBtb3
TbKF9/6Yuyysy+ByN0nikjBXQH/5AXc47VJIvG5aosI0u/APw5gMkm6XnzWNATjz
KIJNB0p6VZy5/5cMBGXsdzuiZx7D1W6+DeBZAP88MWzVLJjKi4XLyfZ4SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBB6tF/XrZTE+sE5+fIQzn6nc69vMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgTd/WKLF
w4oqZDKMbyTg049CInBG49JcqZuEoT3TGxETNeDnk2b0AHJo1TTDdALHeYWG/bl5
SSszzaguA5DZgu1RUOMiySYuiupsFoWDAJBWfwnmKygqlecBWoEgfihEiYVd7fqS
djM29HPx4ez9oGz6qFNynQ47La0z5aNdHNJLCpmNnxtG9llyLcQYr+fLzUwoHusD
msHgLdyvdKrI+MXGuDXPVri4JXK1lfeNbI10orjE+Jx4pTuT8JfInspVLxsAp1AC
C0uJ1cfke+wlH14l37fR05hNcWC6jfpLdN9Z9xhomgqUA20ywWruOSFL//4BavAK
wRGjnIdUe+1XKA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:45:59 2025 by rpki-client