
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier: zQ6cda517t5nyyMgJFqZf9jwkEbpgA+83flWPRbPx2E=
Subject key identifier: AD:BA:A8:C5:EB:80:D7:D6:87:5D:D3:9A:7C:95:D0:DD:34:F8:EB:5D
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial: 01988B4581B08175DF62CC6744235EB533B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number: 0432
Signing time: Fri 08 Aug 2025 20:00:44 +0000
Manifest this update: Fri 08 Aug 2025 20:00:44 +0000
Manifest next update: Sat 09 Aug 2025 20:00:44 +0000
Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: 1cex8j7LY5zkgd2wF5FN93F4rVzTbZz02hQm75a9Eqw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:45:81:b0:81:75:df:62:cc:67:44:23:5e:b5:33:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204050cc59536f2d9407692823890ccdda854508
Validity
Not Before: Aug 8 20:00:44 2025 GMT
Not After : Aug 9 20:00:44 2025 GMT
Subject: CN=adbaa8c5eb80d7d6875dd39a7c95d0dd34f8eb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ec:60:d1:8e:82:db:93:57:30:e1:18:d8:4c:
a9:c6:9c:cc:8c:83:74:38:0a:a1:72:67:5b:86:a1:
fa:0e:bc:a7:8d:8c:99:4f:f0:9b:a3:90:b8:82:d2:
e3:14:df:af:d6:e6:42:9d:ff:8e:4e:b3:57:b2:34:
47:84:aa:05:e9:f8:16:c3:e2:b2:a1:2b:e1:df:e0:
35:4a:f9:a8:70:f6:7d:0f:e7:d0:f6:85:52:4a:da:
18:cd:08:54:00:df:89:f6:16:19:3b:3f:86:d5:86:
d1:e7:d3:9f:df:45:02:ec:60:4f:fb:c3:88:9e:0c:
91:c4:39:ac:47:44:3f:15:97:a3:6e:61:0e:50:ba:
e9:b5:4b:67:59:35:d6:05:48:59:81:c3:24:c1:9a:
36:12:bf:fc:60:b5:18:05:6b:10:28:ae:d0:93:5c:
1c:be:f4:36:65:e9:d7:63:8c:04:40:14:40:b8:90:
fe:c5:60:6d:0a:01:6c:ac:5c:d8:23:1c:12:ad:28:
01:7c:25:a0:b8:19:85:54:89:83:86:3c:6b:41:70:
1c:80:b7:ba:26:30:ec:2e:c1:02:f2:ea:33:b8:4c:
fd:16:91:fd:c6:27:81:62:b0:e1:10:75:c5:c3:17:
51:f7:74:83:94:11:b4:c4:03:1c:bb:ca:68:b3:58:
b9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BA:A8:C5:EB:80:D7:D6:87:5D:D3:9A:7C:95:D0:DD:34:F8:EB:5D
X509v3 Authority Key Identifier:
keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:2f:5d:83:6b:0a:95:67:f0:db:22:35:36:e6:3a:20:9e:8d:
03:5b:8d:61:11:25:11:0e:8b:2a:54:69:f1:9f:bf:a1:f6:02:
9b:7d:d2:6e:b0:42:04:c0:df:df:a6:07:16:5c:f8:e1:d7:09:
00:72:1c:1f:2b:6d:33:bc:8f:9b:ec:e4:96:1c:86:a1:46:dd:
71:bc:20:da:0e:ea:b8:47:67:b8:87:5a:1f:21:44:33:e4:fd:
07:b8:e2:21:80:05:17:8b:b1:df:c4:19:12:b0:cc:eb:cb:b9:
24:d1:f6:fa:bf:04:9e:e3:aa:f6:2d:83:cc:51:ff:cf:a4:74:
03:62:d8:bf:2a:47:06:37:1d:a9:f1:6a:36:f1:4f:a8:93:87:
e8:59:2c:a2:c7:96:d4:50:f6:77:7d:ca:78:15:52:9f:f0:f6:
2f:83:98:70:45:68:90:14:b9:b5:0f:a3:bb:50:1a:4c:18:60:
e2:46:a5:f7:81:a8:8d:16:5f:a9:c8:0a:5c:e2:47:01:f0:b3:
0c:00:a5:d3:9b:29:a0:40:f3:0c:f1:c1:11:33:46:2a:0f:38:
bd:1a:33:59:32:f3:51:32:fc:49:34:7b:aa:7d:4c:a6:5a:e3:
85:f2:e9:5c:de:f4:08:a3:ff:f1:b4:67:37:98:72:14:98:5d:
f7:90:d2:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLRYGwgXXfYsxnRCNetTO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjUwODA4MjAwMDQ0WhcNMjUwODA5MjAwMDQ0WjAzMTEwLwYDVQQD
EyhhZGJhYThjNWViODBkN2Q2ODc1ZGQzOWE3Yzk1ZDBkZDM0ZjhlYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+xg0Y6C25NXMOEY2EypxpzMjIN0
OAqhcmdbhqH6DrynjYyZT/Cbo5C4gtLjFN+v1uZCnf+OTrNXsjRHhKoF6fgWw+Ky
oSvh3+A1SvmocPZ9D+fQ9oVSStoYzQhUAN+J9hYZOz+G1YbR59Of30UC7GBP+8OI
ngyRxDmsR0Q/FZejbmEOULrptUtnWTXWBUhZgcMkwZo2Er/8YLUYBWsQKK7Qk1wc
vvQ2ZenXY4wEQBRAuJD+xWBtCgFsrFzYIxwSrSgBfCWguBmFVImDhjxrQXAcgLe6
JjDsLsEC8uozuEz9FpH9xieBYrDhEHXFwxdR93SDlBG0xAMcu8pos1i5LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK26qMXrgNfWh13TmnyV0N00+OtdMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAny9dg2sK
lWfw2yI1NuY6IJ6NA1uNYRElEQ6LKlRp8Z+/ofYCm33SbrBCBMDf36YHFlz44dcJ
AHIcHyttM7yPm+zklhyGoUbdcbwg2g7quEdnuIdaHyFEM+T9B7jiIYAFF4ux38QZ
ErDM68u5JNH2+r8EnuOq9i2DzFH/z6R0A2LYvypHBjcdqfFqNvFPqJOH6FksoseW
1FD2d33KeBVSn/D2L4OYcEVokBS5tQ+ju1AaTBhg4kal94GojRZfqcgKXOJHAfCz
DACl05spoEDzDPHBETNGKg84vRozWTLzUTL8STR7qn1MplrjhfLpXN70CKP/8bRn
N5hyFJhd95DSYA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:53:14 2025 by rpki-client