Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier: fotVwR4usc7QZ2uFevdCz4fW0jMGyuWlqZVY3Hi1nbE=
Subject key identifier: DC:3B:E8:41:AD:9E:13:44:4D:2A:36:7F:1D:93:2F:75:CB:C7:2C:41
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial: 019A4EF5EC4D85DCC11CC37C2B04C43C43E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number: 0731
Signing time: Tue 04 Nov 2025 13:02:10 +0000
Manifest this update: Tue 04 Nov 2025 13:02:10 +0000
Manifest next update: Wed 05 Nov 2025 13:02:10 +0000
Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: kry8+iSDNHq8cqD8nXC0i8NipBocPUXIXCM9L3R8B5Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:ec:4d:85:dc:c1:1c:c3:7c:2b:04:c4:3c:43:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Validity
Not Before: Nov 4 13:02:10 2025 GMT
Not After : Nov 5 13:02:10 2025 GMT
Subject: CN=dc3be841ad9e13444d2a367f1d932f75cbc72c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:07:8a:a5:c7:87:88:0a:c6:75:3a:26:06:
99:e0:4c:8f:ec:9e:d7:c6:9f:ee:40:c3:da:fa:26:
92:0a:27:94:5f:e0:f5:89:82:13:55:a2:3d:8d:ec:
54:cc:8c:7d:4d:16:90:bc:b7:ff:1b:f3:04:29:0e:
c3:d2:7d:37:f1:a4:7c:3d:64:df:01:a0:5f:47:64:
07:49:6a:15:f1:12:c7:91:a5:a3:04:3a:ce:36:28:
43:78:36:d2:d1:e9:b1:d6:f7:b1:d5:32:48:39:0b:
c2:d3:d8:91:38:3f:9e:26:89:49:26:19:e8:75:7c:
67:69:39:1b:53:94:02:73:8d:4b:e9:87:0b:76:c9:
5e:19:35:46:17:b6:b1:aa:fe:6a:6d:f6:45:28:58:
15:9b:1e:d8:e7:94:c6:f6:7d:08:17:23:12:f2:45:
0d:eb:f1:cf:e3:64:1b:47:84:5c:10:da:5e:14:88:
fb:72:2f:c7:07:42:06:be:0f:3e:3c:fd:e9:c8:83:
ad:2c:61:37:79:ee:32:5b:e7:ea:ce:b5:ce:a3:f8:
68:38:03:ea:cf:59:e2:0b:05:96:c9:47:2c:c7:fb:
1b:b6:c9:17:c5:a9:62:1e:16:2d:64:4b:c6:01:6e:
a0:7c:bd:90:02:03:2e:6a:b0:3b:da:de:3f:50:66:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3B:E8:41:AD:9E:13:44:4D:2A:36:7F:1D:93:2F:75:CB:C7:2C:41
X509v3 Authority Key Identifier:
keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:9c:c7:50:39:04:27:0b:88:da:c7:de:ce:3f:19:e0:f2:09:
86:b8:12:e0:d7:3d:ce:95:7f:9a:83:92:b3:39:51:90:85:2f:
12:68:03:d7:82:43:f2:0e:dd:51:c6:d7:d0:cf:7b:79:d2:e0:
1e:c8:1f:1c:a2:3d:16:22:48:59:1a:e1:5d:2f:7d:e6:c8:28:
9e:97:15:8e:4a:44:da:01:d9:f1:08:eb:42:f2:db:1a:54:e7:
a7:86:d8:08:58:5c:49:0f:01:66:3c:43:42:db:d0:02:28:05:
50:8d:54:e6:72:7f:38:58:da:2d:34:f9:c4:4f:51:c8:7c:1e:
01:90:2a:67:00:20:c9:0e:01:d2:74:f0:73:84:0e:f2:38:40:
ac:b5:12:ee:84:ce:8a:c3:0e:a1:7c:62:dc:bf:1a:dc:5f:d9:
c2:68:0e:5c:89:47:6f:ef:3c:65:db:65:c9:fd:f5:c8:77:98:
a3:f3:d3:79:24:b2:a2:8b:cb:0d:24:cd:9c:74:ca:65:3f:0f:
22:2c:33:c2:20:94:f1:56:a7:fd:d5:d6:f9:a6:a4:6f:9d:26:
7e:7e:30:c8:76:2c:3e:f8:ac:2b:93:fe:bd:38:14:d4:3a:25:
3e:df:69:ee:cb:fc:76:c9:71:de:33:82:77:7c:de:b3:54:cc:
da:9d:d5:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9exNhdzBHMN8KwTEPEPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUxMTA0MTMwMjEwWhcNMjUxMTA1MTMwMjEwWjAzMTEwLwYDVQQD
EyhkYzNiZTg0MWFkOWUxMzQ0NGQyYTM2N2YxZDkzMmY3NWNiYzcyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKAHiqXHh4gKxnU6JgaZ4EyP7J7X
xp/uQMPa+iaSCieUX+D1iYITVaI9jexUzIx9TRaQvLf/G/MEKQ7D0n038aR8PWTf
AaBfR2QHSWoV8RLHkaWjBDrONihDeDbS0emx1vex1TJIOQvC09iROD+eJolJJhno
dXxnaTkbU5QCc41L6YcLdsleGTVGF7axqv5qbfZFKFgVmx7Y55TG9n0IFyMS8kUN
6/HP42QbR4RcENpeFIj7ci/HB0IGvg8+PP3pyIOtLGE3ee4yW+fqzrXOo/hoOAPq
z1niCwWWyUcsx/sbtskXxaliHhYtZEvGAW6gfL2QAgMuarA72t4/UGZlEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNw76EGtnhNETSo2fx2TL3XLxyxBMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIpzHUDkE
JwuI2sfezj8Z4PIJhrgS4Nc9zpV/moOSszlRkIUvEmgD14JD8g7dUcbX0M97edLg
HsgfHKI9FiJIWRrhXS995sgonpcVjkpE2gHZ8QjrQvLbGlTnp4bYCFhcSQ8BZjxD
QtvQAigFUI1U5nJ/OFjaLTT5xE9RyHweAZAqZwAgyQ4B0nTwc4QO8jhArLUS7oTO
isMOoXxi3L8a3F/ZwmgOXIlHb+88Zdtlyf31yHeYo/PTeSSyoovLDSTNnHTKZT8P
IiwzwiCU8Van/dXW+aakb50mfn4wyHYsPvisK5P+vTgU1DolPt9p7sv8dslx3jOC
d3zes1TM2p3VxA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:42:02 2025 by rpki-client