
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
File: IkCgcYD88zY191fMFEng1dvU_bg.mft (raw, json)
Hash identifier: sxXQXGVUVT53pEN4FskDoPHQelbwRqJpa87ARSZi8Qc=
Subject key identifier: CE:37:77:1C:8F:9B:89:0C:2B:3A:59:2C:BF:2E:C3:E0:CC:46:44:0B
Authority key identifier: 22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
Certificate issuer: /CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Certificate serial: 019A53E4494DBC1ECA55503A30D3280C082C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
Manifest number: 02F7
Signing time: Wed 05 Nov 2025 12:01:00 +0000
Manifest this update: Wed 05 Nov 2025 12:01:00 +0000
Manifest next update: Thu 06 Nov 2025 12:01:00 +0000
Files and hashes: 1: IkCgcYD88zY191fMFEng1dvU_bg.crl (hash: YrGWaXeMhed8yCvqG1iFs75BQ6YD44ENmUQYDN9dOc8=)
2: nvx0QRZQO1QzuvMN00Bva6hTGZw.roa (hash: Gw59i4bicuVuHEY8V6dHsuW9MPHvsYhnw1rq0LLdv8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:49:4d:bc:1e:ca:55:50:3a:30:d3:28:0c:08:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Validity
Not Before: Nov 5 12:01:00 2025 GMT
Not After : Nov 6 12:01:00 2025 GMT
Subject: CN=ce37771c8f9b890c2b3a592cbf2ec3e0cc46440b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:75:bc:22:65:b1:79:69:96:98:5f:63:51:54:
b2:41:61:80:d2:66:d4:fb:d0:e4:03:19:6a:25:ac:
6f:66:77:cf:ff:de:ad:80:0c:f6:1e:25:78:7a:b7:
12:3b:cb:cd:56:7c:d2:0b:a0:50:27:fc:c9:b3:11:
ce:b6:1a:d8:33:97:60:e2:01:59:18:d2:fb:10:a0:
13:b0:5d:63:0d:bf:03:7d:df:0b:db:cf:06:01:19:
18:19:23:b5:0c:b8:3b:51:ce:36:32:c4:19:d5:dc:
79:8d:08:50:d2:22:36:93:3e:11:2a:1e:d5:6c:20:
3c:5c:7e:d0:0d:63:26:e2:5f:48:7b:03:d4:7c:c7:
af:e0:6c:b0:fc:49:c6:6f:b7:5d:51:a1:d6:df:57:
37:c3:f3:ca:70:44:56:e0:0f:7f:35:08:4a:99:2a:
50:6e:87:05:84:38:16:c1:94:4e:9f:59:5c:9f:fb:
d2:78:72:e1:14:5a:50:27:89:b7:96:01:06:b7:39:
12:4a:ec:20:85:97:62:ba:38:67:96:9b:df:a0:98:
e4:d2:42:d9:85:48:99:b2:c0:63:ba:b3:c5:d5:0c:
d6:d1:64:0e:dd:ab:b8:5a:e1:66:5b:13:e8:96:67:
7c:dc:05:bb:de:21:db:dc:7b:06:88:af:1e:2d:f0:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:37:77:1C:8F:9B:89:0C:2B:3A:59:2C:BF:2E:C3:E0:CC:46:44:0B
X509v3 Authority Key Identifier:
keyid:22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:45:9e:a2:06:0f:8e:19:02:27:49:f2:32:93:88:11:f5:1b:
93:2c:bf:73:f2:90:e3:32:a2:37:b1:35:cc:87:78:42:f6:a8:
69:d7:26:46:b0:00:0a:2d:7d:c8:ae:72:26:e6:94:29:81:79:
03:f7:08:3e:60:91:c3:e4:ba:3c:88:fb:1a:30:4b:e7:d3:55:
99:e6:34:79:81:81:74:14:b7:77:d7:80:d2:94:99:14:3c:7a:
15:84:0b:90:32:88:c1:da:24:7f:f0:18:b1:1a:f7:4b:df:b5:
ae:53:33:8e:96:f9:69:2c:94:ff:90:ba:01:a2:76:08:b8:9e:
80:ba:7a:56:db:7d:0b:03:97:4c:6e:c4:7f:1d:b5:8a:0e:67:
c3:bc:e3:e8:1d:c0:fe:68:cc:78:92:eb:81:59:f7:44:ef:bf:
13:b5:0e:7b:2a:a1:a8:6b:3f:13:bc:55:bc:23:96:ea:24:11:
0b:bd:52:2d:18:1e:b7:26:03:6c:07:47:41:00:b4:85:fe:88:
99:10:2c:f7:ce:d7:60:51:84:a0:7e:52:38:c9:f5:e4:7a:91:
cc:06:47:7c:81:13:f9:24:21:55:58:21:ba:f3:d9:be:c0:1a:
80:91:60:39:ba:79:cc:69:1b:7b:2f:e3:d8:fa:f6:e6:2b:90:
32:86:61:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5ElNvB7KVVA6MNMoDAgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNDBhMDcxODBmY2YzMzYzNWY3NTdjYzE0NDllMGQ1ZGJk
NGZkYjgwHhcNMjUxMTA1MTIwMTAwWhcNMjUxMTA2MTIwMTAwWjAzMTEwLwYDVQQD
EyhjZTM3NzcxYzhmOWI4OTBjMmIzYTU5MmNiZjJlYzNlMGNjNDY0NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HW8ImWxeWmWmF9jUVSyQWGA0mbU
+9DkAxlqJaxvZnfP/96tgAz2HiV4ercSO8vNVnzSC6BQJ/zJsxHOthrYM5dg4gFZ
GNL7EKATsF1jDb8Dfd8L288GARkYGSO1DLg7Uc42MsQZ1dx5jQhQ0iI2kz4RKh7V
bCA8XH7QDWMm4l9IewPUfMev4Gyw/EnGb7ddUaHW31c3w/PKcERW4A9/NQhKmSpQ
bocFhDgWwZROn1lcn/vSeHLhFFpQJ4m3lgEGtzkSSuwghZdiujhnlpvfoJjk0kLZ
hUiZssBjurPF1QzW0WQO3au4WuFmWxPolmd83AW73iHb3HsGiK8eLfAdZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM43dxyPm4kMKzpZLL8uw+DMRkQLMB8GA1UdIwQY
MBaAFCJAoHGA/PM2NfdXzBRJ4NXb1P24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEt
ZDBiZDBlODAzZmQxLzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEtZDBiZDBlODAzZmQx
LzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEWeogYP
jhkCJ0nyMpOIEfUbkyy/c/KQ4zKiN7E1zId4QvaoadcmRrAACi19yK5yJuaUKYF5
A/cIPmCRw+S6PIj7GjBL59NVmeY0eYGBdBS3d9eA0pSZFDx6FYQLkDKIwdokf/AY
sRr3S9+1rlMzjpb5aSyU/5C6AaJ2CLiegLp6Vtt9CwOXTG7Efx21ig5nw7zj6B3A
/mjMeJLrgVn3RO+/E7UOeyqhqGs/E7xVvCOW6iQRC71SLRgetyYDbAdHQQC0hf6I
mRAs987XYFGEoH5SOMn15HqRzAZHfIET+SQhVVghuvPZvsAagJFgObp5zGkbey/j
2Pr25iuQMoZh4A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:07:39 2025 by rpki-client