Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
File: IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft (raw, json)
Hash identifier: 0f0Ukptki5SP0eVWcX55volliRm1NrphVYau6EnPvBA=
Subject key identifier: 72:16:E6:14:10:86:A3:33:76:09:23:3D:E5:14:8E:A6:DE:94:EC:1B
Authority key identifier: 21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
Certificate issuer: /CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Certificate serial: 019A4E4FB4AD07A53D64D51848E569F89B83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
Manifest number: 0A07
Signing time: Tue 04 Nov 2025 10:00:37 +0000
Manifest this update: Tue 04 Nov 2025 10:00:37 +0000
Manifest next update: Wed 05 Nov 2025 10:00:37 +0000
Files and hashes: 1: IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl (hash: ILdEJJPtAQ3jutYQ14iJ2kxQmmFoq5F1Ku0V7Wa2UsM=)
2: NfqHOhcJXcqSfQpuNgytLU6Q0gw.roa (hash: fdvl8Vjh1i6SnoxQG77IPFWNq1tbBXhWcHGwbwfOV50=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:b4:ad:07:a5:3d:64:d5:18:48:e5:69:f8:9b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Validity
Not Before: Nov 4 10:00:37 2025 GMT
Not After : Nov 5 10:00:37 2025 GMT
Subject: CN=7216e6141086a3337609233de5148ea6de94ec1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:09:56:b0:fa:82:9a:c4:05:39:35:74:3f:8a:
3a:29:a9:9b:a0:21:e3:6d:6a:26:4d:b5:a0:13:81:
a6:dc:a4:39:43:40:b9:6b:4f:69:46:7a:bc:02:80:
91:c1:04:b8:b5:c7:44:64:f1:fe:e6:cc:0a:a1:0a:
2c:bc:29:39:7a:9a:ad:ef:1f:c7:9a:67:a7:8b:db:
ef:1c:01:36:16:56:86:ea:2e:98:62:35:2c:72:26:
53:c6:28:9c:99:03:29:e1:25:08:75:20:32:36:1d:
2d:78:01:ef:fb:b7:00:4b:90:3f:04:fc:a1:be:53:
ab:2a:95:34:92:8f:f9:2e:59:0f:4a:e2:ca:a7:72:
45:6a:59:ef:1d:94:b2:aa:6d:2f:4b:85:69:f7:01:
4c:73:91:19:db:82:43:38:ee:76:5a:30:87:71:55:
e1:8a:fc:4e:16:a6:30:5d:d6:b0:a5:e8:f5:d8:fe:
ea:30:aa:7e:0b:f2:83:44:80:9a:7a:07:ee:1c:c0:
89:4a:e9:c2:ce:15:d8:87:ca:71:07:18:34:e6:4b:
89:2c:b3:d6:9c:a8:cc:cc:53:1b:f0:88:9d:43:de:
eb:04:63:8a:80:4b:73:05:72:45:15:13:03:d7:aa:
f2:f3:3e:c2:f2:ab:bb:6f:4d:bb:ae:ca:14:0a:d2:
b4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:16:E6:14:10:86:A3:33:76:09:23:3D:E5:14:8E:A6:DE:94:EC:1B
X509v3 Authority Key Identifier:
keyid:21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:30:01:76:c3:74:14:cd:1c:04:15:d9:3f:6a:63:e8:a5:06:
ab:5b:d0:37:16:7e:14:a5:02:99:1e:a6:76:41:12:ce:15:e9:
57:b0:48:c6:b0:08:96:fd:71:f1:d1:73:56:2d:e8:65:71:69:
89:57:2e:4d:5d:c2:0a:2e:0d:29:fe:6e:ae:c4:c9:6f:e1:1b:
7a:42:8e:f7:41:83:71:e8:a1:6e:d0:90:29:f6:c4:7f:72:f8:
bb:29:91:15:46:5c:ad:f1:c3:f6:1b:ef:b6:1c:8b:62:67:62:
0c:3e:2b:4b:39:52:07:22:1a:7d:40:b7:47:12:32:c2:f7:c7:
af:b5:3e:bc:37:2c:8e:c1:60:85:50:22:43:1f:02:bb:c0:a1:
0b:41:56:ba:af:1e:c6:1b:bb:d2:03:48:14:a9:7d:fd:63:7f:
ec:1a:65:ef:c2:d5:90:2a:d0:4d:50:be:62:e0:76:5d:c0:0f:
37:b0:e3:53:75:3d:4a:6a:2a:24:91:51:3c:3d:89:99:ef:12:
61:b9:51:f0:ca:0a:e1:33:1b:a2:82:cf:8c:71:0c:ac:f3:66:
00:3d:cc:94:d8:e4:ed:f5:3d:b3:b1:1c:25:45:b5:48:d7:9d:
ed:78:e3:b1:a5:54:e2:ae:bb:7b:7f:5b:f4:19:47:6f:ca:8f:
fb:8d:67:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT7StB6U9ZNUYSOVp+JuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTMwZTlkMDllMmZmOGMzODQxMzYxNTU4OWE1ZjIwNmU3
ZjNlYTkwHhcNMjUxMTA0MTAwMDM3WhcNMjUxMTA1MTAwMDM3WjAzMTEwLwYDVQQD
Eyg3MjE2ZTYxNDEwODZhMzMzNzYwOTIzM2RlNTE0OGVhNmRlOTRlYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAlWsPqCmsQFOTV0P4o6KamboCHj
bWomTbWgE4Gm3KQ5Q0C5a09pRnq8AoCRwQS4tcdEZPH+5swKoQosvCk5epqt7x/H
mmeni9vvHAE2FlaG6i6YYjUsciZTxiicmQMp4SUIdSAyNh0teAHv+7cAS5A/BPyh
vlOrKpU0ko/5LlkPSuLKp3JFalnvHZSyqm0vS4Vp9wFMc5EZ24JDOO52WjCHcVXh
ivxOFqYwXdawpej12P7qMKp+C/KDRICaegfuHMCJSunCzhXYh8pxBxg05kuJLLPW
nKjMzFMb8IidQ97rBGOKgEtzBXJFFRMD16ry8z7C8qu7b027rsoUCtK0VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIW5hQQhqMzdgkjPeUUjqbelOwbMB8GA1UdIwQY
MBaAFCFTDp0J4v+MOEE2FViaXyBufz6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDIt
NjI0ZjRjMTQxZjJjLzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDItNjI0ZjRjMTQxZjJj
LzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWTABdsN0
FM0cBBXZP2pj6KUGq1vQNxZ+FKUCmR6mdkESzhXpV7BIxrAIlv1x8dFzVi3oZXFp
iVcuTV3CCi4NKf5ursTJb+EbekKO90GDceihbtCQKfbEf3L4uymRFUZcrfHD9hvv
thyLYmdiDD4rSzlSByIafUC3RxIywvfHr7U+vDcsjsFghVAiQx8Cu8ChC0FWuq8e
xhu70gNIFKl9/WN/7Bpl78LVkCrQTVC+YuB2XcAPN7DjU3U9SmoqJJFRPD2Jme8S
YblR8MoK4TMbooLPjHEMrPNmAD3MlNjk7fU9s7EcJUW1SNed7XjjsaVU4q67e39b
9BlHb8qP+41n1Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:31:10 2025 by rpki-client