Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: 58lIG2x7VF0ODw8uwpQ8W0tKcbwhCZWsjr+3CLIrC9w=
Subject key identifier: 2B:0A:F1:25:34:C6:42:EE:49:AA:36:C1:38:B5:EC:21:6B:51:B6:2C
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 019A50072BA5039C78E5352C1FF75C8B1F7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 1453
Signing time: Tue 04 Nov 2025 18:00:38 +0000
Manifest this update: Tue 04 Nov 2025 18:00:38 +0000
Manifest next update: Wed 05 Nov 2025 18:00:38 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: RVmEhfVG0dPTaOfxBy3vw/5l/5ZlajLKIFL+RKA6MAw=)
2: MWwIJyVW-xGM8HHmiPSGu90ysVM.roa (hash: 9euJkhmoCQb1LOfkGIPpqowd4pomSIjB0l7bFL7u4Yg=)
3: PiMCmpetvGyOad9hAP8fiU1Qa8U.roa (hash: W2k0p2aLpcmF1pGu+mKgyVPY0tAWg3LNT6+Z7BuBqqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:2b:a5:03:9c:78:e5:35:2c:1f:f7:5c:8b:1f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Nov 4 18:00:38 2025 GMT
Not After : Nov 5 18:00:38 2025 GMT
Subject: CN=2b0af12534c642ee49aa36c138b5ec216b51b62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:85:77:b1:13:c0:ae:04:10:37:88:d9:7d:
ff:d2:50:57:49:b7:80:a3:18:ee:50:d3:c6:6e:5d:
fd:70:e8:a3:cc:fe:bc:1e:eb:b6:88:26:31:f6:43:
b8:3a:9d:a4:80:06:79:cc:54:b4:46:f4:6b:39:4d:
6b:97:a7:5e:d0:8e:4b:00:e0:76:ec:93:cf:0b:a4:
31:21:e3:a8:af:db:e9:55:e7:4a:3d:04:a9:7d:a5:
15:8a:48:59:64:93:a3:7a:39:33:a5:e5:7f:1b:03:
22:22:17:02:0a:95:2e:76:c3:85:8c:74:a5:c7:02:
c2:68:35:1e:b4:50:46:ea:c6:1d:e8:33:31:a6:2a:
a9:27:2b:21:a2:7d:4e:3c:b5:a6:9a:64:e6:d2:bb:
fd:7d:08:ab:f4:78:d2:df:61:c7:2b:ba:15:68:b8:
a8:d1:80:d5:d8:6c:5a:50:40:c7:15:2b:98:6a:36:
23:81:3c:6a:87:82:a2:61:66:3d:36:17:0a:4a:18:
aa:19:fe:48:b2:1f:9d:e2:91:81:4b:bd:04:0f:9a:
17:19:77:29:f4:e9:83:d1:94:1e:1f:cd:0a:ab:ce:
ab:73:c0:42:2d:bb:e9:70:95:a4:31:ea:9f:5d:64:
d7:c8:5d:9f:58:2d:47:f9:76:a9:c3:46:d3:a7:78:
e0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0A:F1:25:34:C6:42:EE:49:AA:36:C1:38:B5:EC:21:6B:51:B6:2C
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:21:97:d6:f3:3a:9e:7c:4e:e0:2e:c3:da:02:93:57:d5:a0:
d1:fd:d6:a7:eb:76:5b:80:da:d9:e8:1d:f0:98:ef:72:9e:40:
21:63:5c:bb:c2:ea:ee:eb:4d:14:1f:54:bf:6d:73:6a:00:32:
9f:5c:f5:b6:74:23:fc:8d:7d:80:96:b3:b0:1e:a9:78:5b:b0:
01:76:2b:6a:fa:08:a9:51:74:c3:7c:26:17:c7:06:19:3b:31:
fb:de:aa:cb:65:5f:49:bf:b4:f9:d3:0e:3e:53:a2:5b:55:b9:
33:eb:56:84:96:4f:8a:2f:64:f7:8b:f2:40:2c:51:91:4f:3f:
03:ea:b7:42:a0:f9:d6:d1:df:8e:1b:2a:1c:06:1a:3a:52:88:
94:b5:7f:6f:f5:97:da:a6:59:15:86:5d:a0:30:a5:be:63:9b:
5c:a1:b7:ea:5c:26:53:8a:ee:1c:90:04:ef:bd:4d:67:2c:80:
4e:ff:a3:8d:d0:e7:e1:10:bf:b1:73:14:a6:32:ff:d2:d0:18:
58:5e:ce:33:c3:ee:77:a8:59:7a:dd:de:39:05:48:b6:4b:78:
82:3d:db:fd:26:d7:cc:f3:25:17:31:78:15:7e:b6:44:48:3a:
fd:95:ad:eb:1d:0f:53:ff:52:29:e4:a5:81:e6:2a:8e:53:c4:
61:85:1b:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQByulA5x45TUsH/dcix96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjUxMTA0MTgwMDM4WhcNMjUxMTA1MTgwMDM4WjAzMTEwLwYDVQQD
EygyYjBhZjEyNTM0YzY0MmVlNDlhYTM2YzEzOGI1ZWMyMTZiNTFiNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vuFd7ETwK4EEDeI2X3/0lBXSbeA
oxjuUNPGbl39cOijzP68Huu2iCYx9kO4Op2kgAZ5zFS0RvRrOU1rl6de0I5LAOB2
7JPPC6QxIeOor9vpVedKPQSpfaUVikhZZJOjejkzpeV/GwMiIhcCCpUudsOFjHSl
xwLCaDUetFBG6sYd6DMxpiqpJyshon1OPLWmmmTm0rv9fQir9HjS32HHK7oVaLio
0YDV2GxaUEDHFSuYajYjgTxqh4KiYWY9NhcKShiqGf5Ish+d4pGBS70ED5oXGXcp
9OmD0ZQeH80Kq86rc8BCLbvpcJWkMeqfXWTXyF2fWC1H+Xapw0bTp3jggQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsK8SU0xkLuSao2wTi17CFrUbYsMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgSGX1vM6
nnxO4C7D2gKTV9Wg0f3Wp+t2W4Da2egd8Jjvcp5AIWNcu8Lq7utNFB9Uv21zagAy
n1z1tnQj/I19gJazsB6peFuwAXYravoIqVF0w3wmF8cGGTsx+96qy2VfSb+0+dMO
PlOiW1W5M+tWhJZPii9k94vyQCxRkU8/A+q3QqD51tHfjhsqHAYaOlKIlLV/b/WX
2qZZFYZdoDClvmObXKG36lwmU4ruHJAE771NZyyATv+jjdDn4RC/sXMUpjL/0tAY
WF7OM8Pud6hZet3eOQVItkt4gj3b/SbXzPMlFzF4FX62REg6/ZWt6x0PU/9SKeSl
geYqjlPEYYUbOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:20:12 2025 by rpki-client