Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft
File: iIFmRjoaMByltuuYvd0H45cJGYY.mft (raw, json)
Hash identifier: NBmnCpu3n1H/S2TwdbPWH3R6x0594S6jJJZU962Zuyo=
Subject key identifier: 42:89:C4:85:78:C5:A6:F0:A7:B7:22:27:F3:34:A9:16:25:FE:12:3B
Authority key identifier: 88:81:66:46:3A:1A:30:1C:A5:B6:EB:98:BD:DD:07:E3:97:09:19:86
Certificate issuer: /CN=888166463a1a301ca5b6eb98bddd07e397091986
Certificate serial: 019A5263A06BE50B70FD19517860AC5D2D38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft
Manifest number: 11E8
Signing time: Wed 05 Nov 2025 05:00:52 +0000
Manifest this update: Wed 05 Nov 2025 05:00:52 +0000
Manifest next update: Thu 06 Nov 2025 05:00:52 +0000
Files and hashes: 1: iIFmRjoaMByltuuYvd0H45cJGYY.crl (hash: gwC6GPTsawwshx4ww9B7cbjKshUslqvqyJ4ufQJbYIs=)
2: rw7mvGsBN1ywLg0aU0WOnuWPa30.roa (hash: Kkop8VBeWFXHnSavZNOMJQZHo1FfDtxgbSsG84Nc5jo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:63:a0:6b:e5:0b:70:fd:19:51:78:60:ac:5d:2d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=888166463a1a301ca5b6eb98bddd07e397091986
Validity
Not Before: Nov 5 05:00:52 2025 GMT
Not After : Nov 6 05:00:52 2025 GMT
Subject: CN=4289c48578c5a6f0a7b72227f334a91625fe123b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ba:84:ae:25:f5:65:b6:e9:04:96:c6:0a:f3:
ad:a1:e3:df:d7:92:5b:30:d9:59:0d:c8:ab:04:7c:
1b:86:e9:d5:66:96:13:b3:e9:fe:6b:6e:dc:4d:5f:
a9:22:2b:f6:6c:4a:cf:41:76:af:c1:c2:c2:2d:33:
c4:f8:36:77:d7:3a:99:1d:32:4c:ae:b6:a4:a7:f1:
f5:97:9e:d2:01:a0:00:be:c3:3d:9a:82:68:11:1a:
d2:c3:e0:3c:54:06:87:59:f4:b6:92:df:dd:61:87:
ac:19:0f:f5:b0:8e:b0:ec:3d:aa:0d:59:e3:cb:60:
76:5b:4d:80:b1:fc:f4:a8:7f:00:f4:cf:5c:19:f2:
05:11:1a:c2:e5:d8:f9:68:80:94:99:cb:d8:5b:ee:
e9:44:9a:ea:e3:71:7f:4f:29:22:11:bf:98:6d:c0:
87:eb:1f:7b:6b:ed:f4:86:43:14:3a:ed:09:1e:dd:
b1:45:d0:fc:37:a6:34:31:f9:db:f7:c3:6c:82:21:
fe:11:8f:a9:d6:42:0c:37:c3:c4:2f:23:91:da:95:
41:df:32:b1:bd:09:e2:9d:35:8b:b7:12:ba:15:9b:
21:96:44:61:9e:77:99:0a:f4:f3:30:59:d1:68:be:
63:d9:df:07:39:55:6f:8c:94:3a:ac:6b:ea:75:50:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:89:C4:85:78:C5:A6:F0:A7:B7:22:27:F3:34:A9:16:25:FE:12:3B
X509v3 Authority Key Identifier:
keyid:88:81:66:46:3A:1A:30:1C:A5:B6:EB:98:BD:DD:07:E3:97:09:19:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:d2:3f:2c:7b:dc:17:8a:d5:f3:86:7d:8b:2b:6c:eb:d4:1c:
49:70:dd:61:d6:65:45:3e:17:82:95:2b:06:e2:c4:ce:39:a7:
e3:e4:bb:20:8b:e8:e3:d6:47:a7:77:0b:ad:d5:0b:b7:69:20:
f3:e1:ce:ca:5a:fd:ca:4a:57:ef:96:62:06:04:e4:6b:c9:82:
33:c6:fc:0c:4c:b5:13:8f:96:a4:d3:75:6d:c3:70:d8:1c:27:
ec:f1:8e:dc:2b:f8:6d:fa:03:97:6d:f0:c2:57:a1:ed:3c:68:
63:bd:51:35:ce:68:b8:5e:93:57:bb:94:71:c9:3d:1e:3c:51:
b5:49:5f:92:95:dc:be:c8:9d:06:db:31:29:54:53:61:65:4d:
55:4d:ab:cd:70:07:93:ac:ed:79:e5:f5:9c:74:10:3f:69:52:
b3:9c:80:04:fb:0b:64:df:47:a3:e6:f4:04:6d:8c:7f:0e:2c:
9a:0d:6a:de:0d:c4:89:4f:ac:df:97:46:d3:18:4e:bb:20:36:
34:0d:16:01:08:1d:61:dc:a7:fb:28:7f:e9:c2:9b:81:b6:f6:
c0:28:a2:b7:f7:dd:b1:ad:e6:39:8b:84:65:35:2c:aa:ae:46:
95:60:db:8d:f7:58:be:67:c4:9f:73:05:75:e4:c8:bf:58:3e:
f0:3b:9c:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSY6Br5Qtw/RlReGCsXS04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ODE2NjQ2M2ExYTMwMWNhNWI2ZWI5OGJkZGQwN2UzOTcw
OTE5ODYwHhcNMjUxMTA1MDUwMDUyWhcNMjUxMTA2MDUwMDUyWjAzMTEwLwYDVQQD
Eyg0Mjg5YzQ4NTc4YzVhNmYwYTdiNzIyMjdmMzM0YTkxNjI1ZmUxMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LqEriX1ZbbpBJbGCvOtoePf15Jb
MNlZDcirBHwbhunVZpYTs+n+a27cTV+pIiv2bErPQXavwcLCLTPE+DZ31zqZHTJM
rrakp/H1l57SAaAAvsM9moJoERrSw+A8VAaHWfS2kt/dYYesGQ/1sI6w7D2qDVnj
y2B2W02Asfz0qH8A9M9cGfIFERrC5dj5aICUmcvYW+7pRJrq43F/TykiEb+YbcCH
6x97a+30hkMUOu0JHt2xRdD8N6Y0Mfnb98NsgiH+EY+p1kIMN8PELyOR2pVB3zKx
vQninTWLtxK6FZshlkRhnneZCvTzMFnRaL5j2d8HOVVvjJQ6rGvqdVDNIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKJxIV4xabwp7ciJ/M0qRYl/hI7MB8GA1UdIwQY
MBaAFIiBZkY6GjAcpbbrmL3dB+OXCRmGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80NzZmZDAtYjhhNi00NjFmLWI0YzUt
MzhjMmMyYTc5YzM1LzEvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80NzZmZDAtYjhhNi00NjFmLWI0YzUtMzhjMmMyYTc5YzM1
LzEvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuNI/LHvc
F4rV84Z9iyts69QcSXDdYdZlRT4XgpUrBuLEzjmn4+S7IIvo49ZHp3cLrdULt2kg
8+HOylr9ykpX75ZiBgTka8mCM8b8DEy1E4+WpNN1bcNw2Bwn7PGO3Cv4bfoDl23w
wleh7TxoY71RNc5ouF6TV7uUcck9HjxRtUlfkpXcvsidBtsxKVRTYWVNVU2rzXAH
k6zteeX1nHQQP2lSs5yABPsLZN9Ho+b0BG2Mfw4smg1q3g3EiU+s35dG0xhOuyA2
NA0WAQgdYdyn+yh/6cKbgbb2wCiit/fdsa3mOYuEZTUsqq5GlWDbjfdYvmfEn3MF
deTIv1g+8Ducew==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:20:03 2025 by rpki-client