Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
File: IuKOVQMUE4-dg6KLLWZum4dEtRA.mft (raw, json)
Hash identifier: V2pZi59jaJtpgFV4JANUHuSrcFkMiUY6JMatx9pfsn4=
Subject key identifier: 35:92:D9:BA:49:6A:BE:14:D7:CA:2F:2E:FD:17:97:C4:4A:D5:54:47
Authority key identifier: 22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
Certificate issuer: /CN=22e28e550314138f9d83a28b2d666e9b8744b510
Certificate serial: 019A503E42803F7940F1361628CC731B6D0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 19:00:48 +0000
Manifest this update: Tue 04 Nov 2025 19:00:48 +0000
Manifest next update: Wed 05 Nov 2025 19:00:48 +0000
Files and hashes: 1: IuKOVQMUE4-dg6KLLWZum4dEtRA.crl (hash: gapJ1gir4OQcCbZaPYZsGNaapKwAnWbJpK82TwN+h44=)
2: cFbXH5gO6qs06Nq1Ek6wrTAvxB0.roa (hash: c0tlMuDM/vPMybXrB0sIatVwyL/aO7RZmUvD1wZIObw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:42:80:3f:79:40:f1:36:16:28:cc:73:1b:6d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22e28e550314138f9d83a28b2d666e9b8744b510
Validity
Not Before: Nov 4 19:00:48 2025 GMT
Not After : Nov 5 19:00:48 2025 GMT
Subject: CN=3592d9ba496abe14d7ca2f2efd1797c44ad55447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3f:b3:52:47:e9:e5:41:8e:b2:fd:83:b9:e6:
2d:1b:6b:09:bd:f8:a0:74:66:73:bd:92:e2:9d:ef:
07:b3:53:21:17:a1:b8:83:8d:88:7f:5b:b7:2e:69:
7b:7c:b1:e3:1c:4d:5c:3e:03:3f:81:18:68:fe:80:
c6:7e:0b:38:d2:71:a2:6d:7a:31:c3:f5:2d:f4:21:
9e:a4:cf:47:3e:4f:e5:45:a8:3d:e4:2e:0d:37:89:
7c:4c:af:fd:3f:1c:f8:a7:c2:7f:8c:54:cb:a2:92:
13:e6:67:e0:4d:aa:b4:c7:1f:07:43:1f:0b:32:9a:
07:60:92:6b:5c:fe:13:1d:c6:99:77:54:2b:4d:07:
8f:f9:eb:0b:31:05:0b:7d:fa:03:5c:9d:f3:08:f8:
57:6d:97:d3:87:f3:14:ba:29:1e:a6:f3:3e:21:12:
5a:18:d4:0a:62:e4:cb:0a:ff:09:ae:78:9f:9d:b8:
f8:6c:15:85:23:85:69:9d:50:90:79:51:db:52:64:
98:b8:80:5e:28:b7:c8:6b:21:0b:2b:25:89:d5:ec:
2f:73:e2:58:e4:3c:87:ab:14:1a:62:51:f2:6b:37:
4e:04:d9:b1:d0:49:2d:1f:93:7a:c0:a5:6f:5d:37:
e9:24:22:90:3a:e6:31:83:d9:09:75:ac:2b:67:bf:
ae:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:92:D9:BA:49:6A:BE:14:D7:CA:2F:2E:FD:17:97:C4:4A:D5:54:47
X509v3 Authority Key Identifier:
keyid:22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:b5:b8:82:4c:16:22:1d:45:88:e1:47:16:a2:0e:f8:c5:6e:
6a:f1:e6:a3:69:28:eb:2c:f5:cf:51:b7:7d:3e:00:8c:03:30:
a4:11:eb:b6:45:3e:71:fb:03:ed:75:8d:bf:50:d4:f3:a2:59:
ec:be:57:bf:85:55:b9:f0:66:57:bd:7b:8d:6c:af:e6:23:f0:
20:43:45:c1:a0:26:36:fc:9e:ef:61:96:24:aa:b4:55:4f:b6:
8c:7d:e3:90:b0:76:fa:50:91:38:be:7b:52:83:68:eb:bd:06:
e7:76:96:1a:cd:f4:89:63:64:9c:cf:e5:a7:6c:03:a7:90:6a:
36:3a:ee:12:c4:82:f8:76:f5:e8:5b:81:fa:ed:3f:a9:3d:a4:
ec:22:95:25:98:f2:8e:28:c2:25:9d:c8:e7:96:25:80:66:1a:
65:f8:62:f9:87:dc:9e:6e:86:cc:cc:e3:85:b6:39:5d:50:84:
9d:33:c8:3d:77:24:81:78:71:66:a3:9a:4f:62:75:c8:00:61:
4f:7c:87:2e:78:89:f4:35:a8:e1:d7:bd:0a:3b:e4:d4:cc:b0:
44:7b:a5:a0:8a:46:4e:ec:c4:35:b1:b5:6f:8f:18:6a:65:55:
0e:75:f5:c4:55:09:1d:c7:da:a3:e0:74:92:8a:c4:cd:20:41:
b6:59:a1:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPkKAP3lA8TYWKMxzG20LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTI4ZTU1MDMxNDEzOGY5ZDgzYTI4YjJkNjY2ZTliODc0
NGI1MTAwHhcNMjUxMTA0MTkwMDQ4WhcNMjUxMTA1MTkwMDQ4WjAzMTEwLwYDVQQD
EygzNTkyZDliYTQ5NmFiZTE0ZDdjYTJmMmVmZDE3OTdjNDRhZDU1NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz+zUkfp5UGOsv2DueYtG2sJvfig
dGZzvZLine8Hs1MhF6G4g42If1u3Lml7fLHjHE1cPgM/gRho/oDGfgs40nGibXox
w/Ut9CGepM9HPk/lRag95C4NN4l8TK/9Pxz4p8J/jFTLopIT5mfgTaq0xx8HQx8L
MpoHYJJrXP4THcaZd1QrTQeP+esLMQULffoDXJ3zCPhXbZfTh/MUuikepvM+IRJa
GNQKYuTLCv8Jrnifnbj4bBWFI4VpnVCQeVHbUmSYuIBeKLfIayELKyWJ1ewvc+JY
5DyHqxQaYlHyazdOBNmx0EktH5N6wKVvXTfpJCKQOuYxg9kJdawrZ7+umQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWS2bpJar4U18ovLv0Xl8RK1VRHMB8GA1UdIwQY
MBaAFCLijlUDFBOPnYOiiy1mbpuHRLUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYt
NGQyMDljMzI4OGFiLzEvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYtNGQyMDljMzI4OGFi
LzEvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7W4gkwW
Ih1FiOFHFqIO+MVuavHmo2ko6yz1z1G3fT4AjAMwpBHrtkU+cfsD7XWNv1DU86JZ
7L5Xv4VVufBmV717jWyv5iPwIENFwaAmNvye72GWJKq0VU+2jH3jkLB2+lCROL57
UoNo670G53aWGs30iWNknM/lp2wDp5BqNjruEsSC+Hb16FuB+u0/qT2k7CKVJZjy
jijCJZ3I55YlgGYaZfhi+Yfcnm6GzMzjhbY5XVCEnTPIPXckgXhxZqOaT2J1yABh
T3yHLniJ9DWo4de9Cjvk1MywRHuloIpGTuzENbG1b48YamVVDnX1xFUJHcfao+B0
korEzSBBtlmhyA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:26:01 2025 by rpki-client