Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
File: ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft (raw, json)
Hash identifier: bIY8ll8zglXfxaoB6xRmGu7YGSnWqpQtnrKzB5tRSVA=
Subject key identifier: CD:FE:DD:E3:A5:D9:55:57:09:27:81:93:41:83:6C:50:5A:E8:48:8E
Authority key identifier: 8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
Certificate issuer: /CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Certificate serial: 019A4DAA83E25233CF5243FC03FC2EC07759
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
Manifest number: 0AF4
Signing time: Tue 04 Nov 2025 07:00:11 +0000
Manifest this update: Tue 04 Nov 2025 07:00:11 +0000
Manifest next update: Wed 05 Nov 2025 07:00:11 +0000
Files and hashes: 1: RZMmAomJrqs0yCU-Sl6pSFt5lLQ.roa (hash: mHTuz89sEZswLAvVyf4aCavMINMyLcZOi1mRW8tq0vE=)
2: ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl (hash: LefObEPyHGxb8wqIW12mObPRDF35/vhC2wfzvn6Z+4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:83:e2:52:33:cf:52:43:fc:03:fc:2e:c0:77:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Validity
Not Before: Nov 4 07:00:11 2025 GMT
Not After : Nov 5 07:00:11 2025 GMT
Subject: CN=cdfedde3a5d955570927819341836c505ae8488e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6b:fc:18:50:f6:46:2b:be:0e:1c:96:22:58:
64:72:30:f2:24:db:7c:46:4b:27:b4:7c:5c:50:25:
06:b6:18:c9:c3:3c:e2:66:a9:31:22:04:94:af:53:
4c:bd:13:66:6d:3d:e2:a8:3d:b1:92:fe:25:00:ed:
57:1b:73:1e:ce:59:28:09:df:b0:84:8d:b2:22:40:
22:f4:c6:f9:6a:7a:6f:0b:84:91:b0:db:84:1e:da:
08:02:d9:36:f2:9e:ad:bd:06:a1:57:fa:1f:36:7e:
e7:f8:cd:26:80:56:55:6f:68:7f:8f:bb:eb:94:ca:
7c:59:30:29:5a:e1:b4:0c:fc:41:3e:2a:15:30:ac:
99:ec:6a:07:fd:6a:4f:cd:a0:1e:52:b4:46:ac:eb:
d4:44:d5:3d:30:50:10:10:f8:72:d3:b0:8d:8b:8b:
64:3b:93:3c:e1:11:92:98:6a:99:1e:2d:c5:71:95:
f1:ca:77:ae:18:95:ff:95:23:3b:0f:a2:78:60:87:
66:e6:75:c7:ff:c7:fa:98:57:4b:e5:fc:57:89:15:
9f:b2:b9:7a:6a:c6:da:d1:53:54:e6:2a:e7:91:34:
95:46:35:0f:29:f2:cc:0f:57:a9:82:01:a7:a9:72:
9b:65:4d:47:91:2d:6f:33:33:a5:e3:42:6f:5f:56:
f5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FE:DD:E3:A5:D9:55:57:09:27:81:93:41:83:6C:50:5A:E8:48:8E
X509v3 Authority Key Identifier:
keyid:8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:6e:a9:71:eb:96:19:3b:94:c2:6b:14:c8:50:fe:c8:a7:75:
1f:1f:6f:69:ba:99:e2:9d:89:10:ad:6f:6f:c9:d8:eb:ad:a7:
ba:27:d6:20:7a:42:6f:c9:6c:32:f6:d2:ab:14:4b:38:f5:5b:
e3:2f:26:c3:f6:e4:11:9b:50:0f:e2:c9:96:4a:26:69:92:28:
69:fc:df:9e:49:1d:2c:c1:d7:91:30:4c:e1:0b:54:3e:17:21:
f4:33:f2:a0:7f:8f:be:f0:e6:38:f0:3b:68:20:06:f2:df:69:
15:60:ff:55:e1:2e:bf:74:f0:d5:84:58:36:db:b3:97:9b:6c:
d5:10:cf:3d:35:29:2c:1e:bc:e0:cb:86:13:8c:e4:37:8d:67:
3c:1a:f7:96:89:58:a5:c9:d9:57:3a:ee:c7:e7:f8:b0:92:60:
cb:4a:b6:51:42:e0:0e:01:7e:99:c4:82:29:22:32:e7:c6:f5:
06:18:be:ef:5e:7b:ed:a6:5b:1d:21:18:9a:56:43:c9:97:6d:
fd:58:66:8b:48:60:29:4a:7b:11:fe:d7:92:43:52:ba:58:20:
25:c7:ea:20:65:8f:4d:a0:3d:9e:36:88:eb:a4:31:d4:a0:2a:
de:14:1b:2e:d4:6a:7d:c1:04:b2:f1:59:77:19:d7:68:3b:45:
e4:0b:bf:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqoPiUjPPUkP8A/wuwHdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjdmMzJkMzNmNjY0Njc3OWE1MWZiMjMyMDFjNjQ0MmQx
NDUxY2EwHhcNMjUxMTA0MDcwMDExWhcNMjUxMTA1MDcwMDExWjAzMTEwLwYDVQQD
EyhjZGZlZGRlM2E1ZDk1NTU3MDkyNzgxOTM0MTgzNmM1MDVhZTg0ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWv8GFD2Riu+DhyWIlhkcjDyJNt8
RksntHxcUCUGthjJwzziZqkxIgSUr1NMvRNmbT3iqD2xkv4lAO1XG3MezlkoCd+w
hI2yIkAi9Mb5anpvC4SRsNuEHtoIAtk28p6tvQahV/ofNn7n+M0mgFZVb2h/j7vr
lMp8WTApWuG0DPxBPioVMKyZ7GoH/WpPzaAeUrRGrOvURNU9MFAQEPhy07CNi4tk
O5M84RGSmGqZHi3FcZXxyneuGJX/lSM7D6J4YIdm5nXH/8f6mFdL5fxXiRWfsrl6
asba0VNU5irnkTSVRjUPKfLMD1epggGnqXKbZU1HkS1vMzOl40JvX1b1RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3+3eOl2VVXCSeBk0GDbFBa6EiOMB8GA1UdIwQY
MBaAFIr38y0z9mRneaUfsjIBxkQtFFHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMt
NWI3MmZiOTI3ZDFjLzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMtNWI3MmZiOTI3ZDFj
LzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhG6pceuW
GTuUwmsUyFD+yKd1Hx9vabqZ4p2JEK1vb8nY662nuifWIHpCb8lsMvbSqxRLOPVb
4y8mw/bkEZtQD+LJlkomaZIoafzfnkkdLMHXkTBM4QtUPhch9DPyoH+PvvDmOPA7
aCAG8t9pFWD/VeEuv3Tw1YRYNtuzl5ts1RDPPTUpLB684MuGE4zkN41nPBr3lolY
pcnZVzrux+f4sJJgy0q2UULgDgF+mcSCKSIy58b1Bhi+71577aZbHSEYmlZDyZdt
/Vhmi0hgKUp7Ef7XkkNSulggJcfqIGWPTaA9njaI66Qx1KAq3hQbLtRqfcEEsvFZ
dxnXaDtF5Au/Ug==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:47:11 2025 by rpki-client