Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
File: lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft (raw, json)
Hash identifier: WF28PrBXiIx+9/pFVn2L39sqIduj2TgqgI0Rgc8aqgU=
Subject key identifier: 62:3D:1E:C8:E5:9D:C4:34:03:A2:20:79:8E:E3:31:8F:98:AD:21:24
Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Certificate serial: 019A4EF50BA9C1F2C89CD9E3DE48FD833139
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
Manifest number: 1712
Signing time: Tue 04 Nov 2025 13:01:13 +0000
Manifest this update: Tue 04 Nov 2025 13:01:13 +0000
Manifest next update: Wed 05 Nov 2025 13:01:13 +0000
Files and hashes: 1: 5UBdfwa59JnO3TC0RbPoMbXcwMI.roa (hash: BXAoKRzIsnGpyUD97PKhyGWEISH1mZLvzMgOl4ru7To=)
2: DyQE1mAMz0-Y555bTSVvXkqEC1U.roa (hash: hwRt5mho9M1lkKLFQYJUnV8/sYmEs4QQ4EstdFb/mZk=)
3: lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl (hash: w/IosTpvfxDgDXt+bX1TMsOJiWCarxalYCGChOAYGZU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:0b:a9:c1:f2:c8:9c:d9:e3:de:48:fd:83:31:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Validity
Not Before: Nov 4 13:01:13 2025 GMT
Not After : Nov 5 13:01:13 2025 GMT
Subject: CN=623d1ec8e59dc43403a220798ee3318f98ad2124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:ca:3d:37:f7:45:22:41:a3:73:c3:c1:dd:
83:b2:4a:fc:99:26:8f:25:6f:b6:4e:47:8a:85:3a:
d5:0c:99:83:ac:de:a6:9a:20:16:57:c1:fb:25:c8:
06:d6:48:1b:4d:ee:c9:43:1a:c3:26:31:5c:01:6a:
c9:bb:7c:19:53:c3:08:e0:2b:46:ff:02:d2:90:e5:
88:0f:f2:4b:85:9a:8e:e0:df:7b:78:16:ac:5e:bf:
8b:73:c9:e3:51:dd:de:de:d4:ba:d6:6b:a1:4b:28:
82:bd:e0:f6:f0:89:be:e2:82:3e:bd:52:35:35:2f:
8d:f9:56:55:d5:81:e1:73:b9:1a:ef:ed:0c:be:35:
bc:3e:52:be:d8:07:5a:e3:d9:f8:03:17:9b:48:18:
d1:e2:df:b0:33:2d:95:d5:88:de:0f:16:14:6f:99:
ed:f1:49:ed:6c:8e:5e:9c:2c:47:58:79:dd:ec:5f:
68:74:b7:5c:92:d5:2d:2f:34:8f:61:62:49:0c:d5:
4b:53:99:91:77:04:da:13:eb:b6:29:d8:94:83:21:
63:67:ab:78:e5:ca:e2:93:77:3b:34:ae:51:2f:03:
e0:61:16:d8:9f:e4:9c:52:99:11:aa:81:1f:a6:28:
51:d5:43:17:61:91:7b:eb:65:a7:8b:6a:56:b0:4b:
f0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3D:1E:C8:E5:9D:C4:34:03:A2:20:79:8E:E3:31:8F:98:AD:21:24
X509v3 Authority Key Identifier:
keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:b7:ed:23:ac:a1:40:eb:f9:e5:ad:39:19:11:d1:05:a3:00:
24:26:e4:5c:33:5a:de:74:96:6d:ce:35:e2:7d:10:18:91:3c:
c3:09:12:a1:b8:d4:ea:02:df:e5:62:26:1f:ff:34:20:cf:a5:
53:07:05:c5:b5:08:f1:a4:d0:66:08:a9:85:ac:a1:64:27:6b:
b4:0d:95:9c:35:c7:93:70:cc:fb:21:44:78:fd:a0:f2:b8:70:
7e:1c:04:5d:a5:ff:39:9c:53:80:c1:58:61:02:06:9a:40:dd:
6d:2e:70:87:a3:52:84:d4:26:48:7d:74:db:54:e1:e0:92:a9:
dd:50:6e:e6:a1:49:96:03:bd:b3:c0:26:b0:89:c7:91:ac:7b:
33:c3:c6:94:e8:6b:b5:8d:13:45:7a:2d:a2:87:73:17:eb:24:
ea:79:72:7f:67:ee:d7:87:7d:0c:36:62:f9:37:00:f7:7d:0b:
17:52:cc:29:04:44:75:68:8a:80:d5:b9:e9:24:9e:c1:0a:b0:
67:7c:44:b6:d3:59:f3:3f:36:0c:26:45:ee:3d:84:81:7c:cf:
69:8b:2c:a1:a3:4c:49:e4:1b:57:65:6e:07:74:33:94:ce:59:
d2:49:d2:42:6c:fc:41:81:40:bc:49:57:71:ef:4b:78:24:42:
fc:e3:38:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QupwfLInNnj3kj9gzE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk
ZDRlZTYwHhcNMjUxMTA0MTMwMTEzWhcNMjUxMTA1MTMwMTEzWjAzMTEwLwYDVQQD
Eyg2MjNkMWVjOGU1OWRjNDM0MDNhMjIwNzk4ZWUzMzE4Zjk4YWQyMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2XKPTf3RSJBo3PDwd2Dskr8mSaP
JW+2TkeKhTrVDJmDrN6mmiAWV8H7JcgG1kgbTe7JQxrDJjFcAWrJu3wZU8MI4CtG
/wLSkOWID/JLhZqO4N97eBasXr+Lc8njUd3e3tS61muhSyiCveD28Im+4oI+vVI1
NS+N+VZV1YHhc7ka7+0MvjW8PlK+2Ada49n4AxebSBjR4t+wMy2V1YjeDxYUb5nt
8UntbI5enCxHWHnd7F9odLdcktUtLzSPYWJJDNVLU5mRdwTaE+u2KdiUgyFjZ6t4
5crik3c7NK5RLwPgYRbYn+ScUpkRqoEfpihR1UMXYZF762Wni2pWsEvwZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI9HsjlncQ0A6IgeY7jMY+YrSEkMB8GA1UdIwQY
MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt
NDJkYWZiNGI1MWQyLzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy
LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7ftI6yh
QOv55a05GRHRBaMAJCbkXDNa3nSWbc414n0QGJE8wwkSobjU6gLf5WImH/80IM+l
UwcFxbUI8aTQZgiphayhZCdrtA2VnDXHk3DM+yFEeP2g8rhwfhwEXaX/OZxTgMFY
YQIGmkDdbS5wh6NShNQmSH1021Th4JKp3VBu5qFJlgO9s8AmsInHkax7M8PGlOhr
tY0TRXotoodzF+sk6nlyf2fu14d9DDZi+TcA930LF1LMKQREdWiKgNW56SSewQqw
Z3xEttNZ8z82DCZF7j2EgXzPaYssoaNMSeQbV2VuB3QzlM5Z0knSQmz8QYFAvElX
ce9LeCRC/OM4og==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:38:59 2025 by rpki-client