Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: J/qwceyhKTBBxABbBWWsABfGPeOY6UGpaLqWXEZVSpk=
Subject key identifier: B5:15:4C:E0:DA:1D:4E:8A:5A:C4:7B:D1:08:05:C2:14:1F:D2:CF:B1
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019A52D1AAC2F96B2DE2719D14FDEE28584A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 02B2
Signing time: Wed 05 Nov 2025 07:01:03 +0000
Manifest this update: Wed 05 Nov 2025 07:01:03 +0000
Manifest next update: Thu 06 Nov 2025 07:01:03 +0000
Files and hashes: 1: 9WCM-NfBtEzVC0bLgcXxGw_dKs0.roa (hash: +AotBLTXOYZ2qqQz68W39gfX7TdnqXgGz673AR3fS9c=)
2: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: r1l3ktxey2Ubb9k+jAoBcOc1haCTK7F3HpMM8XJqPCk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:aa:c2:f9:6b:2d:e2:71:9d:14:fd:ee:28:58:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Nov 5 07:01:03 2025 GMT
Not After : Nov 6 07:01:03 2025 GMT
Subject: CN=b5154ce0da1d4e8a5ac47bd10805c2141fd2cfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:dd:32:af:73:b7:0b:94:b4:83:97:a7:f8:
69:0c:80:93:24:13:98:a2:26:7f:d3:7e:37:c8:3e:
7e:8a:4a:96:64:da:ce:a3:64:ab:e1:c6:80:34:25:
9b:60:75:79:0f:3e:53:39:28:61:40:60:42:cb:81:
1f:f8:78:9c:8f:76:46:bd:ea:0c:d4:a3:1e:11:79:
b8:ba:cb:8e:15:be:ed:4b:e0:cc:d2:f7:85:a0:7d:
0e:f3:d2:1a:48:18:34:3d:2f:9c:83:a1:b0:d7:9f:
07:bf:09:fc:28:36:e3:62:b5:1a:bb:fd:76:4b:8f:
4e:19:75:57:0a:71:97:1a:15:48:f8:4f:0a:9b:dc:
d8:5b:65:d5:21:92:f6:11:a0:90:64:de:6d:ff:4d:
89:d0:ff:d6:51:af:a3:f0:ef:5a:7e:53:aa:18:ec:
cb:7c:2b:5b:7c:2e:73:02:62:f4:f3:4b:3e:6d:66:
8f:66:91:43:f4:10:2f:36:fb:19:ed:cc:4b:3d:66:
1f:6c:f7:70:68:7c:54:f5:fe:66:2c:aa:32:2c:0b:
13:09:f3:c1:c7:c6:8a:cc:00:02:78:11:a6:88:84:
09:a8:74:d1:c7:2a:0d:54:78:66:57:50:e6:fc:60:
88:f9:0b:bc:ec:d3:b7:6e:0f:d5:dc:b5:20:62:f2:
b3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:15:4C:E0:DA:1D:4E:8A:5A:C4:7B:D1:08:05:C2:14:1F:D2:CF:B1
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:d0:d4:d3:64:2e:87:0b:62:eb:02:b3:da:97:ef:ae:6b:97:
29:06:2b:fc:d3:54:ef:6d:16:65:74:b6:08:99:84:59:8e:97:
ec:81:02:fd:87:59:ea:96:17:19:4d:6c:f8:37:0c:81:b2:e2:
e1:6c:74:1e:b2:3e:cc:3a:fc:bd:16:6f:7e:19:31:3f:2e:cf:
3a:16:c6:1e:28:3f:aa:08:74:ab:92:37:91:e6:ae:9d:1a:24:
36:2a:11:2d:8f:54:05:db:2d:06:d1:92:72:a9:f5:1e:5e:f9:
36:f9:78:8d:ad:29:ea:43:d5:f9:1f:d5:4a:47:42:db:67:01:
d8:b6:cb:54:e8:22:51:53:ef:67:39:24:c0:e5:00:36:2d:c9:
a5:a9:3d:6c:ad:79:c4:6f:44:95:7b:08:af:6b:3f:72:77:95:
14:0c:09:18:15:3c:70:9c:a9:7d:4d:91:ff:ca:9b:7a:24:6b:
97:10:92:b2:c7:bb:20:26:01:ae:ac:1b:88:e7:90:f8:57:b8:
a9:2e:41:a8:63:a8:d4:ca:ee:da:8f:a5:73:01:41:ce:a8:26:
60:e4:cf:2c:9d:30:33:52:5e:51:38:73:93:4f:e9:59:0a:ad:
7e:75:8d:c2:8c:53:30:72:94:e4:64:bd:00:81:3c:36:1e:ba:
8d:a2:84:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0arC+Wst4nGdFP3uKFhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjUxMTA1MDcwMTAzWhcNMjUxMTA2MDcwMTAzWjAzMTEwLwYDVQQD
EyhiNTE1NGNlMGRhMWQ0ZThhNWFjNDdiZDEwODA1YzIxNDFmZDJjZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+vdMq9ztwuUtIOXp/hpDICTJBOY
oiZ/0343yD5+ikqWZNrOo2Sr4caANCWbYHV5Dz5TOShhQGBCy4Ef+Hicj3ZGveoM
1KMeEXm4usuOFb7tS+DM0veFoH0O89IaSBg0PS+cg6Gw158Hvwn8KDbjYrUau/12
S49OGXVXCnGXGhVI+E8Km9zYW2XVIZL2EaCQZN5t/02J0P/WUa+j8O9aflOqGOzL
fCtbfC5zAmL080s+bWaPZpFD9BAvNvsZ7cxLPWYfbPdwaHxU9f5mLKoyLAsTCfPB
x8aKzAACeBGmiIQJqHTRxyoNVHhmV1Dm/GCI+Qu87NO3bg/V3LUgYvKzzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUVTODaHU6KWsR70QgFwhQf0s+xMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9DU02Qu
hwti6wKz2pfvrmuXKQYr/NNU720WZXS2CJmEWY6X7IEC/YdZ6pYXGU1s+DcMgbLi
4Wx0HrI+zDr8vRZvfhkxPy7POhbGHig/qgh0q5I3keaunRokNioRLY9UBdstBtGS
cqn1Hl75Nvl4ja0p6kPV+R/VSkdC22cB2LbLVOgiUVPvZzkkwOUANi3Jpak9bK15
xG9ElXsIr2s/cneVFAwJGBU8cJypfU2R/8qbeiRrlxCSsse7ICYBrqwbiOeQ+Fe4
qS5BqGOo1Mru2o+lcwFBzqgmYOTPLJ0wM1JeUThzk0/pWQqtfnWNwoxTMHKU5GS9
AIE8Nh66jaKEnA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:24:32 2025 by rpki-client