Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
File: IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft (raw, json)
Hash identifier: 9zqUF9Cq47mXQ8Efl1QLgpq9CNusryJwkBd8Omly2Wk=
Subject key identifier: 9E:36:FE:98:24:95:AA:C6:E0:0B:AA:D9:9A:B8:2C:6E:B7:F1:61:CA
Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Certificate serial: 019A4EF564059EF4843146B8D41335700952
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 13:01:35 +0000
Manifest this update: Tue 04 Nov 2025 13:01:35 +0000
Manifest next update: Wed 05 Nov 2025 13:01:35 +0000
Files and hashes: 1: BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa (hash: 7T5AV/yHdfgZicPaqkaiWb9Osz7vZVkyB1rTGAClRcg=)
2: IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl (hash: D4jaELcIUqmiSAWO+2JwAljpYJd5+gp97c5yOULGLTA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:64:05:9e:f4:84:31:46:b8:d4:13:35:70:09:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Validity
Not Before: Nov 4 13:01:35 2025 GMT
Not After : Nov 5 13:01:35 2025 GMT
Subject: CN=9e36fe982495aac6e00baad99ab82c6eb7f161ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:af:79:5a:b2:b1:fd:c1:65:62:bc:70:b1:
b3:2c:42:84:24:ec:17:ea:60:25:cc:30:7b:b6:b7:
d9:fe:8b:4f:b2:aa:3a:5d:1c:ab:5e:a3:84:db:f7:
f9:0a:79:09:fe:58:90:a7:a2:aa:e3:f1:a9:a7:2c:
7e:29:fc:fd:6e:36:4b:c4:31:7e:b0:33:d2:c4:9b:
72:a3:bb:eb:5c:cf:36:ff:c6:86:09:32:c7:ed:91:
e8:cf:9a:fb:17:d1:f1:3b:52:e1:4e:09:ad:cb:cb:
d6:2b:10:8d:cf:d0:7e:ab:2b:38:e5:6d:78:d4:e1:
09:18:67:2b:c4:1f:7c:bf:56:2d:b4:a2:f0:d9:ad:
c5:6e:02:0c:fd:fd:b9:f6:e7:37:02:16:8d:53:52:
0a:7b:fb:8e:a8:84:10:49:54:6e:30:50:b7:13:d1:
61:c0:e7:4d:bd:b7:d5:7a:12:48:d6:0a:fc:33:39:
67:8c:7c:e7:65:07:21:74:bb:b6:71:bc:54:02:57:
87:56:b7:17:f8:53:e2:0a:ea:0d:a8:5f:a2:2b:ca:
60:e7:fa:0c:23:32:d2:b7:ab:f2:3d:d2:99:70:28:
66:7b:ec:b2:23:bf:a4:bd:db:a2:68:b4:f0:47:80:
e0:39:ae:92:28:99:f3:3b:ed:38:30:4c:bf:8b:30:
23:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:36:FE:98:24:95:AA:C6:E0:0B:AA:D9:9A:B8:2C:6E:B7:F1:61:CA
X509v3 Authority Key Identifier:
keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:bf:da:14:39:f6:9e:6b:22:a5:41:f8:f3:90:46:12:9c:47:
ea:f8:2a:9e:9d:2a:00:26:74:82:86:6d:09:2e:da:4d:06:aa:
c9:30:2c:35:19:fc:39:a7:78:2b:72:44:16:0d:a2:97:20:f9:
08:33:3d:13:63:d6:92:ce:0c:34:2c:60:1e:30:87:e3:88:d7:
6a:68:35:f1:2c:4f:2c:5e:ea:cc:c5:31:83:a0:1d:54:53:59:
15:40:a9:14:3d:5c:43:66:25:93:bd:be:49:f1:19:0e:34:7d:
e2:98:41:e5:06:a1:5b:ce:45:17:c2:ac:40:8f:71:db:5d:ab:
ed:c7:c5:80:e8:52:40:c3:3b:b2:8e:80:46:20:81:ac:2e:ec:
39:b0:3a:62:de:39:aa:7b:2d:15:f8:01:83:d7:00:95:6a:6d:
61:7e:75:aa:d0:99:86:89:60:cb:8f:61:4a:61:b9:6a:93:14:
2d:a1:63:72:f7:ed:d2:44:7d:c1:12:b7:9e:a2:d5:eb:3f:05:
31:dd:ae:88:b2:49:34:00:30:8a:25:c3:18:30:f4:ce:d2:64:
c0:f0:b3:01:be:3c:cb:28:cb:17:74:90:dc:58:6e:1e:6b:b6:
a8:9e:1f:ab:83:9b:dd:4a:a1:42:d9:ff:c0:bb:49:96:76:92:
5b:67:af:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WQFnvSEMUa41BM1cAlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm
ZGNiMzUwHhcNMjUxMTA0MTMwMTM1WhcNMjUxMTA1MTMwMTM1WjAzMTEwLwYDVQQD
Eyg5ZTM2ZmU5ODI0OTVhYWM2ZTAwYmFhZDk5YWI4MmM2ZWI3ZjE2MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxSveVqysf3BZWK8cLGzLEKEJOwX
6mAlzDB7trfZ/otPsqo6XRyrXqOE2/f5CnkJ/liQp6Kq4/Gppyx+Kfz9bjZLxDF+
sDPSxJtyo7vrXM82/8aGCTLH7ZHoz5r7F9HxO1LhTgmty8vWKxCNz9B+qys45W14
1OEJGGcrxB98v1YttKLw2a3FbgIM/f259uc3AhaNU1IKe/uOqIQQSVRuMFC3E9Fh
wOdNvbfVehJI1gr8MzlnjHznZQchdLu2cbxUAleHVrcX+FPiCuoNqF+iK8pg5/oM
IzLSt6vyPdKZcChme+yyI7+kvduiaLTwR4DgOa6SKJnzO+04MEy/izAjBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ42/pgklarG4Auq2Zq4LG638WHKMB8GA1UdIwQY
MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt
YjY2NTZjYzFiZDU5LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5
LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcr/aFDn2
nmsipUH485BGEpxH6vgqnp0qACZ0goZtCS7aTQaqyTAsNRn8Oad4K3JEFg2ilyD5
CDM9E2PWks4MNCxgHjCH44jXamg18SxPLF7qzMUxg6AdVFNZFUCpFD1cQ2Ylk72+
SfEZDjR94phB5QahW85FF8KsQI9x212r7cfFgOhSQMM7so6ARiCBrC7sObA6Yt45
qnstFfgBg9cAlWptYX51qtCZholgy49hSmG5apMULaFjcvft0kR9wRK3nqLV6z8F
Md2uiLJJNAAwiiXDGDD0ztJkwPCzAb48yyjLF3SQ3FhuHmu2qJ4fq4Ob3UqhQtn/
wLtJlnaSW2ev4w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:06:16 2025 by rpki-client