Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
File: rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft (raw, json)
Hash identifier: DKEDf7IRE0VqQFuZJMF0XS/GaFNpRedZJIVYt4x/j9c=
Subject key identifier: 7D:1B:0A:3F:09:DE:3B:B6:DD:6A:C7:73:10:2F:A3:FF:F8:72:1B:F1
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 019A4EF4CC39ED2CECA4D9873C3D5D2BC9AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
Manifest number: 1715
Signing time: Tue 04 Nov 2025 13:00:57 +0000
Manifest this update: Tue 04 Nov 2025 13:00:57 +0000
Manifest next update: Wed 05 Nov 2025 13:00:57 +0000
Files and hashes: 1: 7OSbUsexneQ0Q14f6d4gS3FqwKA.roa (hash: bTywqIASCFGsuBv+6N7v2D8L1Q+x4uOFKiuvSJi+2o4=)
2: BAFnA8E_-fRHFvJR66V5dNg4Xzc.roa (hash: zli04q+UUFDZ6LvNlKF4wEZntdZy+cQL9il9Oh4rSZo=)
3: rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl (hash: ztCCqyl0fTx2GWBHd2JC/g9h5xMvDrVUF9/E7L25wIo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:cc:39:ed:2c:ec:a4:d9:87:3c:3d:5d:2b:c9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Nov 4 13:00:57 2025 GMT
Not After : Nov 5 13:00:57 2025 GMT
Subject: CN=7d1b0a3f09de3bb6dd6ac773102fa3fff8721bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:94:21:c4:c8:52:8f:95:1b:c5:49:38:0d:68:
7f:87:71:72:71:e9:6c:f0:42:94:0d:d7:42:10:17:
d3:2e:fa:b8:71:2e:9c:a1:50:c1:d1:e7:d1:cf:73:
62:9d:48:12:80:37:71:70:ee:25:7b:07:0a:d6:1e:
6c:94:fc:1b:c7:87:36:5f:44:d7:c4:3f:32:e5:d7:
38:7b:ca:54:3c:23:e8:83:96:19:c0:1a:c7:3b:a6:
9c:8e:f3:ce:9c:a9:34:b9:6d:da:cb:b5:da:84:35:
66:55:8b:99:07:08:62:0a:24:29:7f:df:8e:c7:29:
f2:ee:6d:a6:ce:40:bc:5e:0d:42:b6:24:b4:0e:aa:
94:09:3a:d1:68:72:e5:3d:15:17:39:5f:e6:2b:78:
8e:18:81:94:79:19:6b:4e:c6:6e:a8:91:c2:0a:ef:
19:23:d3:d5:8d:d1:29:81:5c:b9:6b:b3:4c:80:25:
a9:76:07:5e:f0:f6:fe:06:86:20:6e:db:4a:4e:38:
34:09:74:56:8b:de:00:c9:c6:ea:5f:85:ef:6d:7d:
e4:df:e4:9c:1b:8c:e8:90:24:12:dc:e6:b4:b6:63:
54:2c:06:8b:a5:1d:33:c4:70:d2:f1:79:5a:43:71:
25:2f:40:42:75:d6:e3:26:8b:80:4e:6a:db:c5:bc:
73:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1B:0A:3F:09:DE:3B:B6:DD:6A:C7:73:10:2F:A3:FF:F8:72:1B:F1
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:25:08:22:cd:d1:31:ce:9b:34:a0:7c:98:34:72:0b:77:79:
c3:ce:54:9d:f2:f1:bb:62:4e:be:2c:7d:61:a9:30:ff:c4:40:
04:f1:07:56:b7:0d:e3:04:da:83:4f:d0:4e:d3:eb:dc:1d:3d:
96:d0:bc:8b:f7:85:b4:41:ad:ec:4c:b0:0a:d1:17:b0:6b:b6:
a0:60:57:e0:28:ac:00:26:1f:00:03:e1:bd:d0:bd:0c:2e:bf:
97:79:b3:6c:57:27:35:05:3c:5f:6d:6a:88:a2:f5:c4:10:2f:
54:b4:58:fb:e8:c8:92:fe:06:e0:ee:a0:e0:c7:1a:69:90:68:
43:18:40:6f:48:3f:fe:da:ec:d7:cb:2f:43:b3:27:f1:0c:eb:
d2:ef:b3:83:d4:8b:02:75:e3:4e:81:50:c2:b8:5e:44:fd:5f:
26:06:7d:09:72:b7:b2:5c:fd:e4:bd:31:89:44:2d:d6:e0:05:
ff:33:99:f5:99:51:9a:af:d6:ea:0c:3c:23:ec:d7:83:c3:c4:
7b:1e:21:03:3d:61:3d:af:cc:50:3c:2e:34:d1:0e:a7:fc:16:
f4:19:2a:72:90:85:86:bc:77:6e:e8:d4:ec:ff:04:b6:ee:be:
1a:82:bd:61:e1:9c:f1:88:ef:40:b7:19:c3:f8:13:46:6b:cf:
4f:fb:92:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Mw57SzspNmHPD1dK8mqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjUxMTA0MTMwMDU3WhcNMjUxMTA1MTMwMDU3WjAzMTEwLwYDVQQD
Eyg3ZDFiMGEzZjA5ZGUzYmI2ZGQ2YWM3NzMxMDJmYTNmZmY4NzIxYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JQhxMhSj5UbxUk4DWh/h3Fycels
8EKUDddCEBfTLvq4cS6coVDB0efRz3NinUgSgDdxcO4lewcK1h5slPwbx4c2X0TX
xD8y5dc4e8pUPCPog5YZwBrHO6acjvPOnKk0uW3ay7XahDVmVYuZBwhiCiQpf9+O
xyny7m2mzkC8Xg1CtiS0DqqUCTrRaHLlPRUXOV/mK3iOGIGUeRlrTsZuqJHCCu8Z
I9PVjdEpgVy5a7NMgCWpdgde8Pb+BoYgbttKTjg0CXRWi94AycbqX4XvbX3k3+Sc
G4zokCQS3Oa0tmNULAaLpR0zxHDS8XlaQ3ElL0BCddbjJouATmrbxbxzRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0bCj8J3ju23WrHcxAvo//4chvxMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZCUIIs3R
Mc6bNKB8mDRyC3d5w85UnfLxu2JOvix9Yakw/8RABPEHVrcN4wTag0/QTtPr3B09
ltC8i/eFtEGt7EywCtEXsGu2oGBX4CisACYfAAPhvdC9DC6/l3mzbFcnNQU8X21q
iKL1xBAvVLRY++jIkv4G4O6g4McaaZBoQxhAb0g//trs18svQ7Mn8Qzr0u+zg9SL
AnXjToFQwrheRP1fJgZ9CXK3slz95L0xiUQt1uAF/zOZ9ZlRmq/W6gw8I+zXg8PE
ex4hAz1hPa/MUDwuNNEOp/wW9BkqcpCFhrx3bujU7P8Etu6+GoK9YeGc8YjvQLcZ
w/gTRmvPT/uSgw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:16:07 2025 by rpki-client