Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
File: iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft (raw, json)
Hash identifier: R+5dON7PZL7CaeSlxyNFXQ6W2DmS5bRWQ5nJLP3NLqI=
Subject key identifier: 12:C7:31:3B:A1:6B:8F:7F:F3:99:1B:DC:02:56:A8:F3:92:24:B6:A1
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 019A52D10CC7E2E76C2512F6A55CA21E9547
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
Manifest number: 1591
Signing time: Wed 05 Nov 2025 07:00:23 +0000
Manifest this update: Wed 05 Nov 2025 07:00:23 +0000
Manifest next update: Thu 06 Nov 2025 07:00:23 +0000
Files and hashes: 1: iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl (hash: +y6MJq5vYoP9gp7CWJYG3mR9Y2Kes7Y+rhS7c+K2auk=)
2: zbnBRUeVPnEEwLI2vvj0r39FPtE.roa (hash: 4AvpkRySedv9+g3/SFfJUIRAayJwpWmaa1FdREtJu9E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:0c:c7:e2:e7:6c:25:12:f6:a5:5c:a2:1e:95:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Nov 5 07:00:23 2025 GMT
Not After : Nov 6 07:00:23 2025 GMT
Subject: CN=12c7313ba16b8f7ff3991bdc0256a8f39224b6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:1b:db:25:9c:ac:ed:7d:87:d8:95:ae:6d:
ac:b0:aa:30:05:7b:59:3e:a4:8e:1a:a9:d3:06:0a:
7b:a6:30:9f:2c:70:27:e2:fe:a8:d1:fe:82:ad:22:
96:a0:4c:8f:cc:79:d1:c0:12:e5:64:a0:64:4a:d1:
17:49:93:ed:f0:5d:54:d9:23:6e:a3:59:ad:81:54:
20:84:8e:f0:71:b1:9a:16:24:d0:8b:b2:57:24:69:
d6:08:23:99:fb:e5:cf:04:ac:7f:6e:80:a8:18:f7:
2a:3d:bf:eb:37:ba:01:dc:72:d9:69:2f:f2:20:e0:
a1:eb:c4:62:b2:e1:77:87:d3:49:a1:06:c2:51:5b:
37:dc:d8:84:37:c1:e0:97:a0:8a:9e:68:76:75:ad:
9b:50:05:8a:de:34:e3:80:cb:75:83:04:de:fe:c1:
01:53:5d:b1:a1:15:bd:44:76:e8:f3:f3:05:54:ee:
f1:c7:01:76:09:aa:fb:32:8b:92:c3:0b:75:4a:b8:
19:d1:ce:0e:89:4e:32:87:ea:87:96:91:b8:cb:9b:
f5:f1:f7:20:6b:07:43:e6:f1:03:f1:ce:d3:5c:45:
04:9a:bd:e3:2b:6f:a9:d7:5f:ce:5b:4d:10:6d:7a:
0d:62:98:44:17:b3:d9:2d:fb:68:2d:59:f6:ae:45:
81:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C7:31:3B:A1:6B:8F:7F:F3:99:1B:DC:02:56:A8:F3:92:24:B6:A1
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:ff:f9:54:b8:16:90:84:12:24:35:39:a7:6e:71:94:32:52:
89:91:89:a4:ad:72:5e:3f:4e:03:db:d1:65:1d:8f:a1:88:e3:
6d:86:92:96:ec:36:e1:fa:3d:53:11:01:e3:e8:4b:15:86:55:
3c:78:1b:25:d7:ff:30:8c:2a:e3:be:9d:d3:84:28:72:a3:63:
ea:1d:8c:4c:2e:ad:1d:7d:b6:09:89:72:5e:dd:7e:8c:c2:df:
a7:38:1f:16:e9:c8:5b:26:ed:26:a8:9e:a3:d7:25:a0:70:b1:
b7:d4:eb:8c:8e:33:6f:5f:c3:a9:9b:0e:86:fe:0e:33:79:b1:
c8:d1:7a:0b:ce:82:dc:3d:20:4a:eb:57:f3:91:56:3f:c1:2f:
3b:d4:3d:31:57:17:e5:f8:55:d6:e9:66:dc:e6:c2:c9:76:3c:
94:c5:48:c4:40:91:07:c3:71:22:df:2a:f8:a8:ec:b1:83:15:
9a:bb:d8:a5:a3:de:e8:30:1f:ac:49:d4:1b:7d:76:3a:d4:4e:
1e:8b:6a:11:a5:e8:a0:9d:8c:7f:a8:f9:eb:96:9f:3d:f6:a4:
dd:e5:f4:69:93:49:8a:e9:44:d3:d4:20:65:50:a2:a4:29:88:
f8:8d:f9:52:29:e0:13:d3:82:85:79:bd:80:3f:66:f4:f5:2b:
67:48:36:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0QzH4udsJRL2pVyiHpVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjUxMTA1MDcwMDIzWhcNMjUxMTA2MDcwMDIzWjAzMTEwLwYDVQQD
EygxMmM3MzEzYmExNmI4ZjdmZjM5OTFiZGMwMjU2YThmMzkyMjRiNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/wb2yWcrO19h9iVrm2ssKowBXtZ
PqSOGqnTBgp7pjCfLHAn4v6o0f6CrSKWoEyPzHnRwBLlZKBkStEXSZPt8F1U2SNu
o1mtgVQghI7wcbGaFiTQi7JXJGnWCCOZ++XPBKx/boCoGPcqPb/rN7oB3HLZaS/y
IOCh68RisuF3h9NJoQbCUVs33NiEN8Hgl6CKnmh2da2bUAWK3jTjgMt1gwTe/sEB
U12xoRW9RHbo8/MFVO7xxwF2Car7MouSwwt1SrgZ0c4OiU4yh+qHlpG4y5v18fcg
awdD5vED8c7TXEUEmr3jK2+p11/OW00QbXoNYphEF7PZLftoLVn2rkWBwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLHMTuha49/85kb3AJWqPOSJLahMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUv/5VLgW
kIQSJDU5p25xlDJSiZGJpK1yXj9OA9vRZR2PoYjjbYaSluw24fo9UxEB4+hLFYZV
PHgbJdf/MIwq476d04QocqNj6h2MTC6tHX22CYlyXt1+jMLfpzgfFunIWybtJqie
o9cloHCxt9TrjI4zb1/DqZsOhv4OM3mxyNF6C86C3D0gSutX85FWP8EvO9Q9MVcX
5fhV1ulm3ObCyXY8lMVIxECRB8NxIt8q+KjssYMVmrvYpaPe6DAfrEnUG312OtRO
HotqEaXooJ2Mf6j565afPfak3eX0aZNJiulE09QgZVCipCmI+I35UingE9OChXm9
gD9m9PUrZ0g2tA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:22:33 2025 by rpki-client