Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
File: ih8K1VcrribjnIdAxoqPu0buSGQ.mft (raw, json)
Hash identifier: iyvLOUVbbp8VlyOkCnVlWFOqMNsZt8MzTs4SCpzSguk=
Subject key identifier: C3:8B:A8:A3:6D:6A:A4:32:B3:F2:66:C7:C1:45:C2:32:C7:E6:BE:D1
Authority key identifier: 8A:1F:0A:D5:57:2B:AE:26:E3:9C:87:40:C6:8A:8F:BB:46:EE:48:64
Certificate issuer: /CN=8a1f0ad5572bae26e39c8740c68a8fbb46ee4864
Certificate serial: 019A4E86426C778CD76FAE74B8754ED8FA19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
Manifest number: 0A9E
Signing time: Tue 04 Nov 2025 11:00:12 +0000
Manifest this update: Tue 04 Nov 2025 11:00:12 +0000
Manifest next update: Wed 05 Nov 2025 11:00:12 +0000
Files and hashes: 1: eG2Sz-NBLwpAqaii4LbUZ-cWycY.roa (hash: uPzFHNSnB/27/j7jzNn6SSjG0qijsqzpue+Zsmabwu4=)
2: ih8K1VcrribjnIdAxoqPu0buSGQ.crl (hash: eqmsvC7OF97AddAOiI2acmyAUkrL5NOTHOCJYI5QfjU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:42:6c:77:8c:d7:6f:ae:74:b8:75:4e:d8:fa:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1f0ad5572bae26e39c8740c68a8fbb46ee4864
Validity
Not Before: Nov 4 11:00:12 2025 GMT
Not After : Nov 5 11:00:12 2025 GMT
Subject: CN=c38ba8a36d6aa432b3f266c7c145c232c7e6bed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:4e:41:50:8e:02:84:28:24:82:d7:a2:5b:
96:31:08:9e:6e:f0:34:7f:05:3e:4b:ea:71:ca:26:
77:5a:74:eb:48:3f:be:85:d2:4e:a6:95:6a:7d:bf:
c1:08:c3:56:53:49:47:60:65:c9:d0:b7:8a:65:1c:
ab:bc:e5:a9:a4:2e:95:fe:db:a1:53:94:28:fd:75:
fa:c3:9d:9d:1e:bd:fb:5a:8c:9a:31:58:a5:f3:2f:
f9:03:75:16:73:86:00:ba:55:47:01:fb:76:3d:e7:
51:d4:f4:f7:50:b9:bf:d0:dc:3b:2b:c2:a5:28:8a:
69:dc:e6:01:8a:c3:55:ee:0c:a2:ed:53:17:94:90:
79:53:97:4a:4b:df:97:d4:02:3f:e5:79:a9:22:90:
b3:cf:7b:c2:53:df:12:63:87:a4:ca:ff:d6:54:cf:
7e:8d:94:f3:f5:18:5a:9d:33:fe:ca:f6:30:b9:04:
ab:31:32:2b:22:63:63:2a:12:04:3c:d2:9b:e4:12:
67:aa:50:79:db:de:68:d7:c8:77:7b:bd:cd:4c:95:
c7:34:fb:57:1c:f5:bd:af:d0:69:b9:9c:c1:2e:a5:
a7:11:5b:26:8f:38:91:3a:45:63:e9:39:a4:c3:82:
6d:73:c7:a7:4a:45:dd:28:d3:d1:2b:cd:dd:10:24:
0c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8B:A8:A3:6D:6A:A4:32:B3:F2:66:C7:C1:45:C2:32:C7:E6:BE:D1
X509v3 Authority Key Identifier:
keyid:8A:1F:0A:D5:57:2B:AE:26:E3:9C:87:40:C6:8A:8F:BB:46:EE:48:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:c4:a1:53:bc:30:87:10:cf:76:c5:74:73:4e:4c:b5:45:f0:
e8:9c:f0:34:89:49:84:a8:5c:e9:7e:18:0a:29:b8:2b:41:ee:
ff:cc:cb:be:d1:6d:f2:1a:7d:c6:a1:9e:a1:b8:01:4f:cf:50:
aa:6a:c1:aa:8a:fe:28:fa:d9:aa:a2:fd:89:65:2d:fe:ee:71:
75:bc:8c:51:7c:0a:d3:5b:66:d7:82:39:d7:41:50:ec:f2:9f:
f6:a4:79:e5:cc:9c:3e:e9:8f:9e:c9:77:48:f4:b0:c7:7a:21:
5c:18:6c:8a:db:bd:59:a7:70:d9:09:ef:ce:d2:58:46:24:5c:
23:22:49:a4:bb:89:8b:b5:7a:6c:29:46:04:ac:12:f3:2a:c9:
cc:68:da:46:1e:27:fe:86:dd:c2:72:bc:0f:8b:9d:7e:7c:32:
f8:ae:f9:59:a6:96:ec:b7:be:6f:4f:65:31:e5:b1:b0:0c:ff:
a2:ec:47:85:4c:d2:21:fc:6d:e5:de:db:d9:00:3a:35:a7:a7:
8d:44:d0:2a:ca:a9:13:60:2f:a7:b2:13:d8:2f:b1:d4:17:4c:
06:48:80:1d:0d:fa:67:30:46:f5:78:53:93:b6:97:36:e5:09:
85:e0:08:af:92:0e:50:61:52:6d:84:ee:8a:c0:0c:da:04:b0:
f4:dc:12:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhkJsd4zXb650uHVO2PoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWYwYWQ1NTcyYmFlMjZlMzljODc0MGM2OGE4ZmJiNDZl
ZTQ4NjQwHhcNMjUxMTA0MTEwMDEyWhcNMjUxMTA1MTEwMDEyWjAzMTEwLwYDVQQD
EyhjMzhiYThhMzZkNmFhNDMyYjNmMjY2YzdjMTQ1YzIzMmM3ZTZiZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAdOQVCOAoQoJILXoluWMQiebvA0
fwU+S+pxyiZ3WnTrSD++hdJOppVqfb/BCMNWU0lHYGXJ0LeKZRyrvOWppC6V/tuh
U5Qo/XX6w52dHr37WoyaMVil8y/5A3UWc4YAulVHAft2PedR1PT3ULm/0Nw7K8Kl
KIpp3OYBisNV7gyi7VMXlJB5U5dKS9+X1AI/5XmpIpCzz3vCU98SY4ekyv/WVM9+
jZTz9RhanTP+yvYwuQSrMTIrImNjKhIEPNKb5BJnqlB5295o18h3e73NTJXHNPtX
HPW9r9BpuZzBLqWnEVsmjziROkVj6Tmkw4Jtc8enSkXdKNPRK83dECQMVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOLqKNtaqQys/Jmx8FFwjLH5r7RMB8GA1UdIwQY
MBaAFIofCtVXK64m45yHQMaKj7tG7khkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yZmQyMGEtNTNhZS00YmVhLTgwYzkt
MDNmMjNhNzM5NDFkLzEvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yZmQyMGEtNTNhZS00YmVhLTgwYzktMDNmMjNhNzM5NDFk
LzEvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8ShU7ww
hxDPdsV0c05MtUXw6JzwNIlJhKhc6X4YCim4K0Hu/8zLvtFt8hp9xqGeobgBT89Q
qmrBqor+KPrZqqL9iWUt/u5xdbyMUXwK01tm14I510FQ7PKf9qR55cycPumPnsl3
SPSwx3ohXBhsitu9Wadw2QnvztJYRiRcIyJJpLuJi7V6bClGBKwS8yrJzGjaRh4n
/obdwnK8D4udfnwy+K75WaaW7Le+b09lMeWxsAz/ouxHhUzSIfxt5d7b2QA6Naen
jUTQKsqpE2Avp7IT2C+x1BdMBkiAHQ36ZzBG9XhTk7aXNuUJheAIr5IOUGFSbYTu
isAM2gSw9NwSFg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:30:11 2025 by rpki-client