Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: eyIrd+ycAk3d6qhPPnaV7Z4oB+1pd/s37B43OAwMpfg=
Subject key identifier: 14:5B:0C:EB:FF:14:60:47:4A:9C:D7:64:66:96:14:40:B8:D3:51:2F
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 019A4D73788287DD9F7DFC9C39A5F7B25659
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 169F
Signing time: Tue 04 Nov 2025 06:00:04 +0000
Manifest this update: Tue 04 Nov 2025 06:00:04 +0000
Manifest next update: Wed 05 Nov 2025 06:00:04 +0000
Files and hashes: 1: FXy87TSnS3zZKpD3cubdEzL9JTI.roa (hash: ev8YOzfcP94Okj6loLdeokLYKFfF9CSd4o8ZPprNj7U=)
2: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: JHPbbYTjNhZ1eW47dlZh4kQMlDiCGLZ7ocywmSv6c9k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:78:82:87:dd:9f:7d:fc:9c:39:a5:f7:b2:56:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Nov 4 06:00:04 2025 GMT
Not After : Nov 5 06:00:04 2025 GMT
Subject: CN=145b0cebff1460474a9cd76466961440b8d3512f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4c:6b:0f:09:81:81:36:d6:b6:2e:75:f0:8c:
0d:4f:c7:db:76:7c:e5:40:8c:fc:5d:eb:ca:9f:a7:
3c:3a:35:80:e5:ea:94:aa:71:f5:33:00:a4:03:d7:
37:2b:dd:0c:a5:64:f2:8a:b9:c1:d1:66:02:4c:b8:
83:a0:27:45:24:cf:e2:91:10:e8:19:28:fc:9d:6d:
85:f7:39:e0:3f:e4:78:64:b1:f2:28:c3:cd:3f:2f:
76:08:72:12:1f:96:2a:7e:e4:bc:b6:af:98:61:09:
6b:3e:9d:b5:6d:f6:00:57:ce:0e:4c:08:85:bf:d4:
6b:2e:52:90:a4:56:b3:60:b4:77:91:26:7a:49:4b:
2d:d6:36:c4:d8:be:e7:2e:c7:26:15:23:f1:b0:e2:
e0:78:a5:f2:3e:f7:84:64:f8:c3:1a:0f:e2:4d:56:
d6:da:5b:58:f9:99:81:7f:5f:de:d0:3f:f1:b6:6c:
22:28:78:d2:c2:ae:7e:ec:3e:22:5c:1f:74:cc:9a:
92:60:43:57:11:71:9a:38:1a:02:ad:75:7b:c0:70:
23:f1:5c:6c:77:2d:98:8a:0b:c5:d2:54:75:54:21:
5b:b2:46:3a:f9:3f:a5:2f:60:cc:3f:b8:f6:aa:f4:
ed:9a:ab:ae:bb:6b:ff:72:cb:08:a5:90:c9:c8:a9:
24:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5B:0C:EB:FF:14:60:47:4A:9C:D7:64:66:96:14:40:B8:D3:51:2F
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:d8:cc:69:5c:3f:4f:6e:53:98:21:4a:a1:39:e1:53:03:3c:
0e:91:28:05:d9:27:2e:f0:b6:b1:13:de:57:d6:2f:2d:fe:c6:
df:a1:53:85:af:01:6f:af:73:7b:d2:b0:29:6f:7c:4c:bb:2f:
49:2d:03:6a:a6:26:85:bd:b2:e7:4b:27:de:e2:cc:18:fe:18:
a2:19:16:e5:5d:6f:f2:0a:0b:f8:d8:5a:a0:0e:2a:88:5f:e5:
a0:35:12:e3:f7:18:84:9e:e7:d0:e1:e7:f0:dc:6b:cb:5c:09:
4d:2c:f8:40:8b:b8:f1:36:df:f2:7c:ba:93:3b:3d:f2:a0:79:
0c:4f:cd:06:8a:f7:de:8c:28:c3:1f:79:ce:c2:4a:cf:7a:60:
49:6d:d8:84:5d:3e:03:b6:fe:33:a2:4e:55:76:b6:ba:fc:02:
ba:e8:b4:71:66:e7:e2:72:80:af:4d:03:cd:cb:7c:ef:1a:b6:
fe:46:d3:46:54:00:19:63:60:74:7f:0f:2f:fc:b7:66:b3:16:
9d:f7:7d:72:65:bd:1b:a6:1d:74:91:df:7a:09:da:8d:de:6f:
16:ed:37:a7:1e:70:f3:4d:71:d0:95:4c:02:dd:56:d0:7a:86:
35:c7:d9:59:c2:cd:ef:15:35:ad:46:90:c7:5d:b6:ad:19:16:
f6:c0:91:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc3iCh92fffycOaX3slZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjUxMTA0MDYwMDA0WhcNMjUxMTA1MDYwMDA0WjAzMTEwLwYDVQQD
EygxNDViMGNlYmZmMTQ2MDQ3NGE5Y2Q3NjQ2Njk2MTQ0MGI4ZDM1MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60xrDwmBgTbWti518IwNT8fbdnzl
QIz8XevKn6c8OjWA5eqUqnH1MwCkA9c3K90MpWTyirnB0WYCTLiDoCdFJM/ikRDo
GSj8nW2F9zngP+R4ZLHyKMPNPy92CHISH5YqfuS8tq+YYQlrPp21bfYAV84OTAiF
v9RrLlKQpFazYLR3kSZ6SUst1jbE2L7nLscmFSPxsOLgeKXyPveEZPjDGg/iTVbW
2ltY+ZmBf1/e0D/xtmwiKHjSwq5+7D4iXB90zJqSYENXEXGaOBoCrXV7wHAj8Vxs
dy2YigvF0lR1VCFbskY6+T+lL2DMP7j2qvTtmquuu2v/cssIpZDJyKkkMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRbDOv/FGBHSpzXZGaWFEC401EvMB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf9jMaVw/
T25TmCFKoTnhUwM8DpEoBdknLvC2sRPeV9YvLf7G36FTha8Bb69ze9KwKW98TLsv
SS0DaqYmhb2y50sn3uLMGP4YohkW5V1v8goL+NhaoA4qiF/loDUS4/cYhJ7n0OHn
8Nxry1wJTSz4QIu48Tbf8ny6kzs98qB5DE/NBor33owowx95zsJKz3pgSW3YhF0+
A7b+M6JOVXa2uvwCuui0cWbn4nKAr00Dzct87xq2/kbTRlQAGWNgdH8PL/y3ZrMW
nfd9cmW9G6YddJHfegnajd5vFu03px5w801x0JVMAt1W0HqGNcfZWcLN7xU1rUaQ
x122rRkW9sCRmw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:09:08 2025 by rpki-client