Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
File: IAxw024BOwfk5tjsPqTuQTtKqpg.mft (raw, json)
Hash identifier: HYLfR9m9cpUyzu0XnuWjWsJXQ3IQn0dMwJF7gQ+ILvs=
Subject key identifier: C5:A2:42:53:3C:AE:E3:35:36:B6:90:B2:C5:95:D8:18:00:33:26:21
Authority key identifier: 20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
Certificate issuer: /CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Certificate serial: 019A4F98FAB478B1C844188504AC0FC8BEB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 16:00:16 +0000
Manifest this update: Tue 04 Nov 2025 16:00:16 +0000
Manifest next update: Wed 05 Nov 2025 16:00:16 +0000
Files and hashes: 1: IAxw024BOwfk5tjsPqTuQTtKqpg.crl (hash: OXaGEl6BU/+TlMWtbn80XMlNX9W3s36N7YNp7mPV+HU=)
2: xInhnEQ1Wnjyaeg0NstEg1xaXmc.roa (hash: v0sQzu+7Kta5k4gVJi492esLH7WHwA4RWeUkfyAHe34=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:98:fa:b4:78:b1:c8:44:18:85:04:ac:0f:c8:be:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Validity
Not Before: Nov 4 16:00:16 2025 GMT
Not After : Nov 5 16:00:16 2025 GMT
Subject: CN=c5a242533caee33536b690b2c595d81800332621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8f:bf:96:77:5f:a5:c7:c9:07:63:9e:c7:f2:
e8:50:24:e0:ba:e9:ca:4f:22:26:8b:28:ea:58:35:
d3:61:31:b7:c0:04:78:e7:29:0d:25:b4:b3:57:77:
46:d5:4b:aa:4d:21:c9:71:84:0d:41:56:c2:a3:5c:
13:51:95:d1:3c:0b:ea:26:6f:0f:50:a4:c7:b8:71:
e0:ca:57:16:b7:98:db:96:70:95:29:b7:99:13:41:
22:cf:4c:7d:ff:cd:f6:86:6c:2b:94:d1:13:05:d9:
2a:16:9c:5e:5e:b5:0e:88:84:0f:22:c8:96:ce:df:
8a:59:2f:e3:2b:07:26:10:23:88:6d:ea:8e:4d:48:
fb:6f:64:03:64:fb:5a:05:68:95:7d:bf:03:22:d6:
39:65:18:ac:8e:80:76:d0:8d:f0:05:0a:78:e2:7e:
31:17:e5:92:d2:33:4e:4c:f9:e5:9c:6c:7b:a7:d3:
d5:0b:1a:03:55:b1:03:fd:12:38:87:67:71:e8:31:
40:04:c4:28:fb:0e:5c:93:e7:61:07:52:84:ba:01:
62:35:3f:98:f6:c7:73:99:6a:8b:0f:ae:95:47:a3:
c7:b5:86:a7:31:33:63:bd:ac:16:f6:3c:58:f8:d3:
fa:36:03:8b:9b:ac:ee:1f:f0:25:d2:f6:eb:e6:d8:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A2:42:53:3C:AE:E3:35:36:B6:90:B2:C5:95:D8:18:00:33:26:21
X509v3 Authority Key Identifier:
keyid:20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:5d:21:7f:a1:51:44:59:63:f9:22:6e:b9:aa:c1:71:89:5f:
09:63:13:90:9c:72:f0:d0:7e:53:02:1f:a0:38:3a:44:a2:03:
a8:9a:2c:88:0e:c7:c0:d7:e6:da:79:42:56:39:17:80:c7:5c:
c7:2f:1d:e2:7e:03:fc:c6:1f:52:3c:c3:13:1b:87:0a:74:2c:
4b:79:93:d0:ad:b0:38:9a:6a:30:fa:17:25:07:01:ee:4d:32:
8e:94:b3:7f:49:dc:a5:06:71:aa:c0:84:58:bd:8b:cc:40:af:
d0:20:de:d1:cc:17:76:bf:07:4d:44:7e:fc:92:8b:fc:05:9d:
1e:b4:aa:cc:84:bc:87:96:0c:80:14:4e:6b:63:ba:db:9e:1c:
e6:fa:74:74:1e:c3:93:dd:9b:d0:90:9a:0d:3f:18:94:c6:41:
ac:f0:09:6d:db:96:0b:08:44:46:f4:a3:9f:71:5f:74:f7:70:
95:09:9d:38:54:f7:82:24:af:91:37:ac:1e:6d:79:9a:91:f6:
e5:3f:01:ec:a6:2a:f6:86:3d:dc:d7:d8:40:1e:0f:5f:0b:3b:
11:5e:57:3f:b6:0f:80:6c:43:ba:86:52:84:7e:22:17:a5:4e:
57:bd:ab:36:9b:b1:86:45:4e:bd:5a:70:82:88:21:41:50:7d:
b2:b8:50:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmPq0eLHIRBiFBKwPyL6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGM3MGQzNmUwMTNiMDdlNGU2ZDhlYzNlYTRlZTQxM2I0
YWFhOTgwHhcNMjUxMTA0MTYwMDE2WhcNMjUxMTA1MTYwMDE2WjAzMTEwLwYDVQQD
EyhjNWEyNDI1MzNjYWVlMzM1MzZiNjkwYjJjNTk1ZDgxODAwMzMyNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo+/lndfpcfJB2Oex/LoUCTguunK
TyImiyjqWDXTYTG3wAR45ykNJbSzV3dG1UuqTSHJcYQNQVbCo1wTUZXRPAvqJm8P
UKTHuHHgylcWt5jblnCVKbeZE0Eiz0x9/832hmwrlNETBdkqFpxeXrUOiIQPIsiW
zt+KWS/jKwcmECOIbeqOTUj7b2QDZPtaBWiVfb8DItY5ZRisjoB20I3wBQp44n4x
F+WS0jNOTPnlnGx7p9PVCxoDVbED/RI4h2dx6DFABMQo+w5ck+dhB1KEugFiNT+Y
9sdzmWqLD66VR6PHtYanMTNjvawW9jxY+NP6NgOLm6zuH/Al0vbr5thYJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWiQlM8ruM1NraQssWV2BgAMyYhMB8GA1UdIwQY
MBaAFCAMcNNuATsH5ObY7D6k7kE7SqqYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUt
MTU4MDNmZmIxNzQ2LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUtMTU4MDNmZmIxNzQ2
LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfV0hf6FR
RFlj+SJuuarBcYlfCWMTkJxy8NB+UwIfoDg6RKIDqJosiA7HwNfm2nlCVjkXgMdc
xy8d4n4D/MYfUjzDExuHCnQsS3mT0K2wOJpqMPoXJQcB7k0yjpSzf0ncpQZxqsCE
WL2LzECv0CDe0cwXdr8HTUR+/JKL/AWdHrSqzIS8h5YMgBROa2O6254c5vp0dB7D
k92b0JCaDT8YlMZBrPAJbduWCwhERvSjn3FfdPdwlQmdOFT3giSvkTesHm15mpH2
5T8B7KYq9oY93NfYQB4PXws7EV5XP7YPgGxDuoZShH4iF6VOV72rNpuxhkVOvVpw
goghQVB9srhQZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:35:59 2025 by rpki-client