Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json)
Hash identifier: C+TKH0nn22x4fihQuNX8M7SWPeE8D882+mbkDqKLPAI=
Subject key identifier: F7:3F:BD:EF:2D:B5:21:33:34:9F:90:32:24:AA:19:59:1C:AB:09:EF
Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Certificate serial: 019A4EF488AF79C2C03C360F680C4C176C88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
Manifest number: 0749
Signing time: Tue 04 Nov 2025 13:00:39 +0000
Manifest this update: Tue 04 Nov 2025 13:00:39 +0000
Manifest next update: Wed 05 Nov 2025 13:00:39 +0000
Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: h0kuNSrn0rFE+iR2kWckPwoqzm99AsNHvW0LVyeQ4Gk=)
2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:88:af:79:c2:c0:3c:36:0f:68:0c:4c:17:6c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Validity
Not Before: Nov 4 13:00:39 2025 GMT
Not After : Nov 5 13:00:39 2025 GMT
Subject: CN=f73fbdef2db52133349f903224aa19591cab09ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:b5:78:53:46:1f:3a:31:98:1b:6e:83:45:
c6:a7:5b:bc:1b:16:26:3d:3b:11:b6:a0:91:8d:3f:
24:f3:34:be:87:42:4c:ce:1a:99:68:74:60:7a:f9:
87:d5:08:6f:32:c9:a1:4d:41:d6:4d:ba:22:47:fa:
86:2d:72:8c:cf:3e:6f:03:57:98:b4:6d:6a:d5:bd:
b0:78:a4:e3:d5:69:72:a8:72:7a:af:64:05:5d:20:
02:e2:17:ed:06:09:75:87:9f:f5:f2:54:ad:c6:1d:
33:67:8f:82:27:84:a8:72:e3:94:5e:53:a3:43:52:
24:26:1a:df:25:5c:10:10:27:76:07:79:68:a1:65:
df:c5:82:d5:0a:71:d2:ff:79:ce:f2:8a:05:47:d2:
85:dd:01:c8:6a:6f:4c:a7:4f:d5:05:21:f5:8f:09:
a5:11:cc:1e:e4:0c:dd:9e:5e:45:f6:76:65:69:75:
09:36:0d:87:36:3a:2c:5c:2d:25:31:8c:a7:a6:72:
b4:25:d5:e8:ba:6e:be:c7:53:0a:dc:1e:fc:5d:2d:
9d:14:8e:ed:61:bc:ad:3e:11:b8:66:87:ea:d3:5a:
16:af:4d:e2:59:35:45:76:52:73:92:70:3f:2e:3d:
69:20:54:ea:75:a4:7f:14:5d:ae:c4:35:40:ae:0a:
5d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3F:BD:EF:2D:B5:21:33:34:9F:90:32:24:AA:19:59:1C:AB:09:EF
X509v3 Authority Key Identifier:
keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:c3:68:fa:29:56:9a:d4:f7:de:d1:8b:20:81:1f:e7:1e:74:
49:13:20:23:ec:78:2d:c7:a1:43:d1:68:d1:31:eb:cd:6c:53:
85:09:64:bd:89:ac:c9:44:dd:c1:66:67:38:93:ad:32:22:ee:
88:bc:72:93:74:9f:42:20:41:09:72:da:1e:2e:62:20:a7:b8:
90:34:54:71:95:97:56:90:f2:7e:90:de:96:3d:50:26:35:fb:
11:84:ca:07:8e:5c:e4:c8:7d:94:15:06:d9:32:2a:9f:fb:a4:
3b:ad:e7:10:bc:65:db:97:35:2c:a8:f7:19:af:9e:09:54:f3:
bf:78:c5:4e:4f:e9:90:a6:38:82:7f:25:d6:cd:8c:ff:8f:61:
dd:aa:39:32:0f:a4:b7:54:c2:51:e6:23:40:99:a3:39:26:00:
dd:50:b2:d9:6b:01:26:93:ea:8a:80:68:23:ab:c2:4e:7e:1f:
f8:ae:99:14:c2:10:fd:12:ee:34:b5:17:a6:2e:a2:70:59:09:
1a:0c:60:40:c0:59:37:f7:a8:0c:9f:d9:97:29:d4:35:d0:20:
81:15:8a:d8:08:92:01:60:8d:1c:ae:58:e1:41:87:4a:c9:0e:
92:2c:d6:31:35:eb:41:4a:f9:97:bf:ce:8a:4f:07:83:bd:c2:
42:d4:0f:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9IivecLAPDYPaAxMF2yIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4
YTc5MzgwHhcNMjUxMTA0MTMwMDM5WhcNMjUxMTA1MTMwMDM5WjAzMTEwLwYDVQQD
EyhmNzNmYmRlZjJkYjUyMTMzMzQ5ZjkwMzIyNGFhMTk1OTFjYWIwOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpu1eFNGHzoxmBtug0XGp1u8GxYm
PTsRtqCRjT8k8zS+h0JMzhqZaHRgevmH1QhvMsmhTUHWTboiR/qGLXKMzz5vA1eY
tG1q1b2weKTj1WlyqHJ6r2QFXSAC4hftBgl1h5/18lStxh0zZ4+CJ4SocuOUXlOj
Q1IkJhrfJVwQECd2B3looWXfxYLVCnHS/3nO8ooFR9KF3QHIam9Mp0/VBSH1jwml
Ecwe5Azdnl5F9nZlaXUJNg2HNjosXC0lMYynpnK0JdXoum6+x1MK3B78XS2dFI7t
YbytPhG4Zofq01oWr03iWTVFdlJzknA/Lj1pIFTqdaR/FF2uxDVArgpdLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPc/ve8ttSEzNJ+QMiSqGVkcqwnvMB8GA1UdIwQY
MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt
ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi
LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAisNo+ilW
mtT33tGLIIEf5x50SRMgI+x4LcehQ9Fo0THrzWxThQlkvYmsyUTdwWZnOJOtMiLu
iLxyk3SfQiBBCXLaHi5iIKe4kDRUcZWXVpDyfpDelj1QJjX7EYTKB45c5Mh9lBUG
2TIqn/ukO63nELxl25c1LKj3Ga+eCVTzv3jFTk/pkKY4gn8l1s2M/49h3ao5Mg+k
t1TCUeYjQJmjOSYA3VCy2WsBJpPqioBoI6vCTn4f+K6ZFMIQ/RLuNLUXpi6icFkJ
GgxgQMBZN/eoDJ/ZlynUNdAggRWK2AiSAWCNHK5Y4UGHSskOkizWMTXrQUr5l7/O
ik8Hg73CQtQPag==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:52:53 2025 by rpki-client