Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
File: 1Iml3dMALoAJmbXBhn94Z4G68T0.mft (raw, json)
Hash identifier: ukFphl3rBtgNeEJoOLfpnUg7XY90TX3Z0qatZM8qGFQ=
Subject key identifier: 52:6C:C2:9D:51:4E:3C:5E:7B:23:04:7E:ED:FB:F2:0F:68:BC:CF:CD
Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d
Certificate serial: 019A4DE1D201D84A54B165C4135D2F1EAC8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 08:00:36 +0000
Manifest this update: Tue 04 Nov 2025 08:00:36 +0000
Manifest next update: Wed 05 Nov 2025 08:00:36 +0000
Files and hashes: 1: 1Iml3dMALoAJmbXBhn94Z4G68T0.crl (hash: Hzl7j9Of0FCxPxZidDpYcmpJpSclX+FHNxV/A3NeaiM=)
2: Oic624JnJmz9lkyUCkfkxynrzXU.roa (hash: reuQNdNLE9OYq59c7HheLuUPxQ+GdUmZR0j+FA5WU8M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:d2:01:d8:4a:54:b1:65:c4:13:5d:2f:1e:ac:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d
Validity
Not Before: Nov 4 08:00:36 2025 GMT
Not After : Nov 5 08:00:36 2025 GMT
Subject: CN=526cc29d514e3c5e7b23047eedfbf20f68bccfcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2a:ec:62:5d:84:9a:81:95:7f:19:25:b8:e9:
94:19:5c:76:77:a8:fc:1d:47:7b:4e:59:e1:61:2b:
d7:b7:a9:f3:35:06:1b:51:bb:f2:15:e4:ad:ab:ee:
30:84:3b:79:b3:01:06:b0:37:7e:79:fb:f2:c5:a5:
82:92:11:b4:72:9a:48:f9:68:74:a1:82:be:1c:9d:
79:a2:79:29:13:ae:79:a6:52:f2:25:5e:d3:72:86:
83:4f:6c:52:c8:95:8f:21:89:89:60:47:a1:dd:ce:
a1:07:67:7c:f8:74:fd:5b:de:02:47:fc:a8:e2:96:
41:4c:3f:a2:cf:c9:1b:f2:a0:f2:61:d1:ac:6f:5f:
1f:76:52:2c:d2:5b:bb:a2:d8:8a:ce:5e:79:40:5d:
ee:d4:2b:83:c3:eb:d9:83:98:ee:e1:0a:68:a7:22:
2b:10:34:5b:5c:c4:ab:a9:9c:9d:0d:69:a0:21:69:
d4:cd:f8:2a:c3:1a:06:ed:91:80:91:d0:c1:cb:6b:
10:73:a3:f2:c3:5b:46:16:4c:56:b6:ee:59:7a:eb:
87:0b:16:3a:2a:6f:f6:29:b4:e0:d0:76:ee:9a:a7:
0e:04:fd:ec:29:ea:4b:8b:ba:97:5f:43:14:51:e2:
4d:34:ab:92:2e:09:be:5d:e6:5b:4e:4f:bb:06:57:
7e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6C:C2:9D:51:4E:3C:5E:7B:23:04:7E:ED:FB:F2:0F:68:BC:CF:CD
X509v3 Authority Key Identifier:
keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:0f:a3:16:7a:84:fd:4d:ed:21:42:2f:a7:d5:10:ea:f2:0b:
b8:2c:ae:ae:7b:f8:ce:a7:cf:b7:4a:91:a6:3e:08:f3:d7:3e:
dc:c7:05:aa:30:6d:4f:bd:71:ba:fe:c1:e9:a1:fa:92:14:3c:
79:25:19:6d:04:23:36:80:16:c8:e5:b4:fc:9e:2e:7a:af:fd:
20:bc:f3:b5:ed:a9:ba:07:0d:44:ad:1d:ee:ac:b1:91:6f:ef:
c0:5c:09:6f:ff:1e:3d:50:de:ca:9a:b0:97:c8:02:d3:82:b1:
c9:fd:78:18:e9:bd:b0:ca:8f:2b:79:4b:77:53:ad:dd:31:c2:
65:6c:e5:61:1a:51:7d:1c:9b:0a:8c:bb:cc:a9:03:94:4c:29:
17:c7:67:b5:3d:3d:18:17:b4:10:89:79:c5:10:eb:ae:64:d8:
48:e7:1b:79:d1:9e:4b:32:9f:9a:1d:dc:70:34:2d:00:28:14:
67:8e:a3:a2:7e:3c:f5:a2:e5:d3:e0:46:13:34:c9:56:e5:fc:
09:d2:f8:6e:72:ad:5d:40:9a:cb:49:cb:cc:a9:5c:a8:44:ec:
68:20:2f:fa:66:39:1e:0b:1c:8f:3a:ca:2e:d0:3b:23:98:67:
b6:cb:e9:8e:c7:5c:0f:0d:9d:ee:14:f2:da:2d:e2:9c:9b:c6:
23:c9:23:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4dIB2EpUsWXEE10vHqyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi
YWYxM2QwHhcNMjUxMTA0MDgwMDM2WhcNMjUxMTA1MDgwMDM2WjAzMTEwLwYDVQQD
Eyg1MjZjYzI5ZDUxNGUzYzVlN2IyMzA0N2VlZGZiZjIwZjY4YmNjZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSrsYl2EmoGVfxkluOmUGVx2d6j8
HUd7TlnhYSvXt6nzNQYbUbvyFeStq+4whDt5swEGsDd+efvyxaWCkhG0cppI+Wh0
oYK+HJ15onkpE655plLyJV7TcoaDT2xSyJWPIYmJYEeh3c6hB2d8+HT9W94CR/yo
4pZBTD+iz8kb8qDyYdGsb18fdlIs0lu7otiKzl55QF3u1CuDw+vZg5ju4QpopyIr
EDRbXMSrqZydDWmgIWnUzfgqwxoG7ZGAkdDBy2sQc6Pyw1tGFkxWtu5ZeuuHCxY6
Km/2KbTg0HbumqcOBP3sKepLi7qXX0MUUeJNNKuSLgm+XeZbTk+7Bld+mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJswp1RTjxeeyMEfu378g9ovM/NMB8GA1UdIwQY
MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt
NTI1OWVlZGNhMDdjLzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj
LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUg+jFnqE
/U3tIUIvp9UQ6vILuCyurnv4zqfPt0qRpj4I89c+3McFqjBtT71xuv7B6aH6khQ8
eSUZbQQjNoAWyOW0/J4ueq/9ILzzte2pugcNRK0d7qyxkW/vwFwJb/8ePVDeypqw
l8gC04Kxyf14GOm9sMqPK3lLd1Ot3THCZWzlYRpRfRybCoy7zKkDlEwpF8dntT09
GBe0EIl5xRDrrmTYSOcbedGeSzKfmh3ccDQtACgUZ46jon489aLl0+BGEzTJVuX8
CdL4bnKtXUCay0nLzKlcqETsaCAv+mY5HgscjzrKLtA7I5hntsvpjsdcDw2d7hTy
2i3inJvGI8kjzA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:37 2025 by rpki-client