Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: fe3WexYOzVA8vuAfUVdA/ysbn5mifnau2+rDcNZupwU=
Subject key identifier: 43:CC:D1:86:BC:F2:A3:8B:88:49:5C:2A:0C:1E:34:88:88:92:EE:CD
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019A51F54D1C4BA0E972A1C40F1C0A6024F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 1320
Signing time: Wed 05 Nov 2025 03:00:21 +0000
Manifest this update: Wed 05 Nov 2025 03:00:21 +0000
Manifest next update: Thu 06 Nov 2025 03:00:21 +0000
Files and hashes: 1: JZQSwG4wbJPMZQTbI1xSGViuvto.roa (hash: 7nxSYve4K7+DiIBeaX8vSWVp7u4kFJYyJFHRolTK/UI=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: lz58G6YLHeYIV3n47fdlmWY2lsJ/P3BO67lvg9NYPJc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:4d:1c:4b:a0:e9:72:a1:c4:0f:1c:0a:60:24:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Nov 5 03:00:21 2025 GMT
Not After : Nov 6 03:00:21 2025 GMT
Subject: CN=43ccd186bcf2a38b88495c2a0c1e34888892eecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:0b:6e:db:c1:d3:14:f2:74:e8:db:67:8c:
a5:8d:79:5c:31:29:55:a5:a4:dc:6e:1d:8b:52:37:
ab:00:e5:32:56:99:87:27:0b:a4:6f:6f:2a:84:a5:
7e:33:70:d4:e3:6a:75:71:6d:38:da:65:99:f6:4b:
c2:cf:1a:04:56:ed:19:02:46:97:10:e0:41:9e:1e:
35:71:9c:2a:66:a6:8f:c9:6e:ff:43:ef:10:7e:c4:
b7:e7:38:be:92:3f:6e:cc:ab:30:a8:50:65:c5:81:
5c:69:c6:56:ee:68:16:30:31:ed:da:8d:17:2f:8f:
fc:e0:33:73:fe:fa:e3:df:3e:30:c2:3c:b2:36:6c:
91:5e:fb:48:33:18:38:9a:bf:5c:9d:a6:1a:2b:cb:
73:a4:bb:ad:b0:0e:b6:75:f2:b7:c2:76:89:f0:65:
3c:6a:27:64:ee:2b:9a:97:01:c7:5c:a7:78:17:33:
34:10:ee:e0:1e:f1:05:a6:b8:61:f0:1f:ee:9b:5a:
c3:49:9a:6e:01:c9:23:97:2d:f3:95:b0:5d:81:2c:
11:1a:2c:59:a9:cf:58:43:31:f3:e2:b4:7b:40:52:
93:b6:2a:a3:5a:93:23:5a:59:e1:b4:b6:f5:d2:bf:
af:e4:2a:8a:7f:7d:47:75:01:55:fc:1e:26:c4:a4:
d0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:D1:86:BC:F2:A3:8B:88:49:5C:2A:0C:1E:34:88:88:92:EE:CD
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:a9:2c:18:be:4a:75:8a:cb:05:77:8b:55:98:5b:95:44:42:
28:f5:67:2a:9b:01:a6:d2:1c:4f:e4:80:a2:c4:59:c2:f6:05:
93:86:bc:d8:a5:3a:fa:a1:70:14:c1:70:84:08:ca:65:be:b6:
06:30:d2:77:a5:83:9c:c3:37:a6:fe:e3:28:3d:31:86:c9:5f:
28:cb:79:fe:d4:de:2f:bc:64:bc:3f:5f:a3:6a:92:43:23:db:
13:5d:c8:10:4a:f8:51:40:0c:f9:aa:40:d0:cb:3d:14:2b:e3:
99:ed:52:f3:18:03:c7:66:b9:90:ed:a6:10:07:18:06:0a:69:
28:9d:92:8a:b9:cc:0d:72:71:4b:54:30:7e:dc:66:ce:78:d6:
2b:82:33:03:c1:62:31:57:70:48:77:cf:b2:fb:75:63:83:47:
1b:27:98:6d:00:06:e9:52:ac:cd:62:8e:69:11:0e:3e:c2:df:
38:98:40:52:bc:fe:dc:53:c1:b8:40:df:dd:ad:8d:bf:59:b9:
cb:d9:bd:00:23:5f:54:cc:a5:0a:02:b9:2f:6a:0b:e1:1a:a4:
4e:ce:75:5a:b5:88:1d:3b:74:e0:e9:cb:8f:67:7d:ad:16:d0:
8a:b8:70:fb:45:7f:07:a4:85:9c:aa:80:25:78:e8:13:43:e8:
69:45:5b:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9U0cS6DpcqHEDxwKYCT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjUxMTA1MDMwMDIxWhcNMjUxMTA2MDMwMDIxWjAzMTEwLwYDVQQD
Eyg0M2NjZDE4NmJjZjJhMzhiODg0OTVjMmEwYzFlMzQ4ODg4OTJlZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO8LbtvB0xTydOjbZ4yljXlcMSlV
paTcbh2LUjerAOUyVpmHJwukb28qhKV+M3DU42p1cW042mWZ9kvCzxoEVu0ZAkaX
EOBBnh41cZwqZqaPyW7/Q+8QfsS35zi+kj9uzKswqFBlxYFcacZW7mgWMDHt2o0X
L4/84DNz/vrj3z4wwjyyNmyRXvtIMxg4mr9cnaYaK8tzpLutsA62dfK3wnaJ8GU8
aidk7iualwHHXKd4FzM0EO7gHvEFprhh8B/um1rDSZpuAckjly3zlbBdgSwRGixZ
qc9YQzHz4rR7QFKTtiqjWpMjWlnhtLb10r+v5CqKf31HdQFV/B4mxKTQrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPM0Ya88qOLiElcKgweNIiIku7NMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaksGL5K
dYrLBXeLVZhblURCKPVnKpsBptIcT+SAosRZwvYFk4a82KU6+qFwFMFwhAjKZb62
BjDSd6WDnMM3pv7jKD0xhslfKMt5/tTeL7xkvD9fo2qSQyPbE13IEEr4UUAM+apA
0Ms9FCvjme1S8xgDx2a5kO2mEAcYBgppKJ2SirnMDXJxS1QwftxmznjWK4IzA8Fi
MVdwSHfPsvt1Y4NHGyeYbQAG6VKszWKOaREOPsLfOJhAUrz+3FPBuEDf3a2Nv1m5
y9m9ACNfVMylCgK5L2oL4RqkTs51WrWIHTt04OnLj2d9rRbQirhw+0V/B6SFnKqA
JXjoE0PoaUVbfQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:24:32 2025 by rpki-client