Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
File: x02iHagDioIFQrOvr76qqmZreyc.mft (raw, json)
Hash identifier: m/6OT06V6jXfhQeDtdOhYd0DUi9d80FcR13k6xOvOCY=
Subject key identifier: E9:F1:C0:A0:AE:B0:BB:A8:C1:6F:5A:FE:E4:4A:AA:F7:7F:27:55:10
Authority key identifier: C7:4D:A2:1D:A8:03:8A:82:05:42:B3:AF:AF:BE:AA:AA:66:6B:7B:27
Certificate issuer: /CN=c74da21da8038a820542b3afafbeaaaa666b7b27
Certificate serial: 019A4DE157146B732F57119F5B84F5667458
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
Manifest number: 16A0
Signing time: Tue 04 Nov 2025 08:00:04 +0000
Manifest this update: Tue 04 Nov 2025 08:00:04 +0000
Manifest next update: Wed 05 Nov 2025 08:00:04 +0000
Files and hashes: 1: 2t0GWwoe7mmFS83bQQPX5JNcD34.roa (hash: hxRzouLeq4ys7uUoj+7mRAVC8MeKAFWBUYqAcz4n5d0=)
2: x02iHagDioIFQrOvr76qqmZreyc.crl (hash: jyuuB1HNFKDPdldK31epw64ilmZ81JIeMR8jJkf97n4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:57:14:6b:73:2f:57:11:9f:5b:84:f5:66:74:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74da21da8038a820542b3afafbeaaaa666b7b27
Validity
Not Before: Nov 4 08:00:04 2025 GMT
Not After : Nov 5 08:00:04 2025 GMT
Subject: CN=e9f1c0a0aeb0bba8c16f5afee44aaaf77f275510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:bc:4e:dd:80:53:3f:f2:ef:57:65:24:95:
66:78:1a:c9:7f:31:89:ac:85:f4:0f:63:36:99:71:
2a:4c:b6:40:3e:72:40:e7:e3:e1:6c:12:17:1f:6a:
3c:31:9f:b3:98:d3:01:7b:98:a2:ec:98:8d:ad:94:
99:1c:ae:98:7d:23:c9:bf:44:b1:b7:fa:30:a8:42:
02:37:5a:c8:38:70:4f:be:ca:b4:07:83:0f:72:9e:
55:f8:c3:b6:dd:ea:c4:dd:df:50:3a:c4:0d:b0:5b:
bf:53:8c:a9:6e:1e:46:4a:08:e8:cc:69:a3:3f:92:
9e:af:4d:3e:c2:68:e6:13:bd:16:9f:53:57:b9:6d:
f9:50:3d:25:48:b6:47:50:2c:88:9d:90:09:3c:c9:
a7:db:38:6a:32:6f:e7:f8:10:1f:3a:15:db:83:e8:
cb:8e:f7:ed:4b:7b:19:d9:97:4d:7c:47:69:c7:f9:
1f:a6:c3:51:ef:5e:c2:b7:27:24:73:b8:e6:30:65:
fa:61:5b:c8:2e:c2:fc:71:d3:9f:04:82:8d:08:3d:
0a:50:cc:d3:f9:13:f8:84:b1:4e:4a:8d:fb:69:12:
80:11:af:f1:5a:1a:99:0a:9a:eb:09:a0:4f:08:bd:
5a:27:81:1f:0e:01:89:77:85:1a:5f:34:88:a5:53:
cd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F1:C0:A0:AE:B0:BB:A8:C1:6F:5A:FE:E4:4A:AA:F7:7F:27:55:10
X509v3 Authority Key Identifier:
keyid:C7:4D:A2:1D:A8:03:8A:82:05:42:B3:AF:AF:BE:AA:AA:66:6B:7B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:7f:f9:e4:aa:3e:c0:03:34:79:e9:37:b7:ea:75:ad:16:e4:
67:39:a7:e2:d5:98:75:89:a3:af:3d:d4:db:da:92:85:02:cd:
82:8e:31:64:28:e3:00:d9:62:0c:9c:20:b1:f2:24:38:62:e9:
44:d8:b2:35:9b:41:1f:86:a6:7e:f1:4c:40:ac:a0:13:de:f6:
ca:db:af:21:c6:67:31:79:d9:53:98:89:45:8d:61:d2:89:67:
a4:95:6e:c6:6b:cf:69:ca:d7:85:8f:b0:47:6e:63:ad:c2:5d:
9d:8c:21:59:6d:1d:17:4d:12:87:74:64:a1:2f:60:63:c0:03:
be:41:93:0c:b7:db:24:2b:62:64:d8:3e:9c:c9:00:e2:43:ba:
a9:38:c4:93:4c:8e:cb:15:7e:53:4b:ca:a1:b3:34:08:52:1d:
6c:58:fb:87:3a:c9:da:9f:c7:a9:ea:73:3c:04:a4:0f:f3:00:
43:ae:73:33:26:be:69:b9:ea:10:f2:95:e2:21:f2:63:3e:3b:
39:2a:6e:16:35:85:cb:8e:0e:1b:3e:ac:0e:fa:81:c1:7a:19:
41:96:36:31:f8:98:b1:14:00:30:e9:f3:7a:a1:51:5f:ba:23:
0e:79:06:df:89:bc:13:03:5b:e4:e7:6b:a0:4d:f1:eb:86:d7:
3a:b1:10:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4VcUa3MvVxGfW4T1ZnRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGRhMjFkYTgwMzhhODIwNTQyYjNhZmFmYmVhYWFhNjY2
YjdiMjcwHhcNMjUxMTA0MDgwMDA0WhcNMjUxMTA1MDgwMDA0WjAzMTEwLwYDVQQD
EyhlOWYxYzBhMGFlYjBiYmE4YzE2ZjVhZmVlNDRhYWFmNzdmMjc1NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3C8Tt2AUz/y71dlJJVmeBrJfzGJ
rIX0D2M2mXEqTLZAPnJA5+PhbBIXH2o8MZ+zmNMBe5ii7JiNrZSZHK6YfSPJv0Sx
t/owqEICN1rIOHBPvsq0B4MPcp5V+MO23erE3d9QOsQNsFu/U4ypbh5GSgjozGmj
P5Ker00+wmjmE70Wn1NXuW35UD0lSLZHUCyInZAJPMmn2zhqMm/n+BAfOhXbg+jL
jvftS3sZ2ZdNfEdpx/kfpsNR717Ctyckc7jmMGX6YVvILsL8cdOfBIKNCD0KUMzT
+RP4hLFOSo37aRKAEa/xWhqZCprrCaBPCL1aJ4EfDgGJd4UaXzSIpVPNsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnxwKCusLuowW9a/uRKqvd/J1UQMB8GA1UdIwQY
MBaAFMdNoh2oA4qCBUKzr6++qqpma3snMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Zjg0NDQtMmMzZC00NTkyLTk0NTgt
ODAxZDg5ZDczNjZkLzEveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Zjg0NDQtMmMzZC00NTkyLTk0NTgtODAxZDg5ZDczNjZk
LzEveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARn/55Ko+
wAM0eek3t+p1rRbkZzmn4tWYdYmjrz3U29qShQLNgo4xZCjjANliDJwgsfIkOGLp
RNiyNZtBH4amfvFMQKygE972ytuvIcZnMXnZU5iJRY1h0olnpJVuxmvPacrXhY+w
R25jrcJdnYwhWW0dF00Sh3RkoS9gY8ADvkGTDLfbJCtiZNg+nMkA4kO6qTjEk0yO
yxV+U0vKobM0CFIdbFj7hzrJ2p/HqepzPASkD/MAQ65zMya+abnqEPKV4iHyYz47
OSpuFjWFy44OGz6sDvqBwXoZQZY2MfiYsRQAMOnzeqFRX7ojDnkG34m8EwNb5Odr
oE3x64bXOrEQpg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:50:39 2025 by rpki-client