Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
File: Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft (raw, json)
Hash identifier: Izn8WwyjA/sqFaoPS4LCQtMF2Kyj7y0DlstrXkvvwhU=
Subject key identifier: 73:4C:D2:E0:BC:5E:49:FF:72:4F:A9:38:73:F3:D9:79:57:D4:67:3B
Authority key identifier: 22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
Certificate issuer: /CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Certificate serial: 019A4D739A5B0A4D0114F7CDAF0E46044429
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
Manifest number: 0DF6
Signing time: Tue 04 Nov 2025 06:00:13 +0000
Manifest this update: Tue 04 Nov 2025 06:00:13 +0000
Manifest next update: Wed 05 Nov 2025 06:00:13 +0000
Files and hashes: 1: 5h9N95WR6G3ZttKnfAaRL_2XfKs.roa (hash: Wu3zPxSXCsayNSHW7YvNoHAYtN3gQjTl9ho9qfJB69k=)
2: Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl (hash: TK8FKwkVAEEOJWQ4l5OmmxO8OW7JhAPVKnbnmigz520=)
3: mWDbGVVpCQ84rC7Zv5fGnlAS0IM.roa (hash: p+WC5acLc9Vp8ZBrdZrqWpaCEJthWpQv4NHUQY+p8+s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:9a:5b:0a:4d:01:14:f7:cd:af:0e:46:04:44:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Validity
Not Before: Nov 4 06:00:13 2025 GMT
Not After : Nov 5 06:00:13 2025 GMT
Subject: CN=734cd2e0bc5e49ff724fa93873f3d97957d4673b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:aa:46:ee:06:d4:e7:90:dc:09:e5:b8:2d:
de:1d:26:2a:d7:58:55:1f:f7:a9:28:1e:60:70:4e:
b1:74:1f:7f:ac:5e:a4:75:e2:86:e6:90:b4:56:de:
85:6e:06:4a:fa:47:a9:3b:e2:42:90:89:2b:1c:e7:
04:f7:f9:ae:51:8e:0d:4e:be:7a:66:dd:30:02:f3:
e8:33:30:72:ef:65:09:2e:9f:ca:d9:d3:c2:ae:4d:
1f:dd:82:de:bf:1e:72:bb:53:93:5a:bd:61:d5:68:
54:57:80:48:eb:25:5b:be:f6:3f:7b:96:cc:a8:bc:
ba:e1:b3:ce:fb:cf:25:b4:f5:cc:4f:60:86:93:13:
58:99:1f:51:ac:a0:0c:73:b5:80:f0:82:e1:08:24:
d7:8a:ca:63:5e:9b:0f:4b:03:24:a9:65:a4:2b:e9:
2e:c3:db:53:b5:7b:a9:3d:f1:2b:7a:1a:93:1c:de:
4d:dd:32:64:58:cc:03:d3:b6:31:59:9c:e4:16:cc:
81:cf:6d:61:b2:7b:fe:4e:6c:a5:af:3b:62:3e:e4:
9b:83:e0:0d:72:df:82:1f:00:23:1b:be:0b:f0:08:
e7:e2:16:18:81:f8:8d:56:54:ca:7d:7a:21:94:31:
b4:92:b3:72:91:cb:0b:0a:10:06:08:6a:eb:44:9e:
22:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4C:D2:E0:BC:5E:49:FF:72:4F:A9:38:73:F3:D9:79:57:D4:67:3B
X509v3 Authority Key Identifier:
keyid:22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:12:4a:ee:07:ca:9e:ee:73:ad:0d:c6:0e:da:a9:c4:ee:66:
59:3a:05:d5:07:64:3c:ec:c7:fb:c6:d6:1f:dd:b9:fc:d2:73:
f3:62:5a:03:04:51:8f:2a:41:84:2f:c4:55:d5:1d:09:49:49:
6a:ea:b6:66:cf:1c:d7:43:99:4a:c1:f0:23:bb:50:c1:e9:ba:
93:4b:87:78:87:32:0f:72:60:67:26:04:60:fd:1f:89:ac:6f:
82:85:53:b9:a7:58:b8:05:6c:d7:9b:5c:48:63:aa:73:32:58:
b3:df:5c:7b:37:89:c4:41:27:39:87:3b:0c:fc:e7:e3:78:fd:
6d:8b:39:c0:53:fc:82:f0:54:25:05:d7:3f:32:02:00:50:a2:
35:3a:0c:fb:97:68:24:fd:2f:f0:8d:f5:ef:5f:fe:2b:49:d0:
30:4c:6c:23:94:b9:35:f4:d2:cf:3e:a0:f5:f1:2d:86:57:2c:
6f:62:e5:a3:99:34:2e:92:6a:5e:8c:57:48:75:0d:b8:c5:7e:
05:fc:27:fc:ec:cb:07:f5:9d:a6:ca:51:77:e2:63:63:2d:8a:
0f:84:fc:23:e7:42:cd:5f:4d:fd:75:10:24:eb:09:df:f5:89:
8d:fa:98:d2:ce:8b:04:d1:09:f7:4e:ae:9d:54:6c:69:7a:82:
8d:2b:54:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc5pbCk0BFPfNrw5GBEQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmQxYjU5ZDVjYWFmNzUwNmJjMGQ1YzM0ZjMwYzIxNTli
MDQzOTgwHhcNMjUxMTA0MDYwMDEzWhcNMjUxMTA1MDYwMDEzWjAzMTEwLwYDVQQD
Eyg3MzRjZDJlMGJjNWU0OWZmNzI0ZmE5Mzg3M2YzZDk3OTU3ZDQ2NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q+qRu4G1OeQ3AnluC3eHSYq11hV
H/epKB5gcE6xdB9/rF6kdeKG5pC0Vt6FbgZK+kepO+JCkIkrHOcE9/muUY4NTr56
Zt0wAvPoMzBy72UJLp/K2dPCrk0f3YLevx5yu1OTWr1h1WhUV4BI6yVbvvY/e5bM
qLy64bPO+88ltPXMT2CGkxNYmR9RrKAMc7WA8ILhCCTXispjXpsPSwMkqWWkK+ku
w9tTtXupPfErehqTHN5N3TJkWMwD07YxWZzkFsyBz21hsnv+TmylrztiPuSbg+AN
ct+CHwAjG74L8Ajn4hYYgfiNVlTKfXohlDG0krNykcsLChAGCGrrRJ4iJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNM0uC8Xkn/ck+pOHPz2XlX1Gc7MB8GA1UdIwQY
MBaAFCL9G1nVyq91BrwNXDTzDCFZsEOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGIt
Y2Q1OGZhMjAxNGRkLzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGItY2Q1OGZhMjAxNGRk
LzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyRJK7gfK
nu5zrQ3GDtqpxO5mWToF1QdkPOzH+8bWH925/NJz82JaAwRRjypBhC/EVdUdCUlJ
auq2Zs8c10OZSsHwI7tQwem6k0uHeIcyD3JgZyYEYP0fiaxvgoVTuadYuAVs15tc
SGOqczJYs99cezeJxEEnOYc7DPzn43j9bYs5wFP8gvBUJQXXPzICAFCiNToM+5do
JP0v8I3171/+K0nQMExsI5S5NfTSzz6g9fEthlcsb2Llo5k0LpJqXoxXSHUNuMV+
Bfwn/OzLB/WdpspRd+JjYy2KD4T8I+dCzV9N/XUQJOsJ3/WJjfqY0s6LBNEJ906u
nVRsaXqCjStURA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:05:12 2025 by rpki-client