Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: pSQzg0NOFn32IH3jfH+oD74mKBwPyMaftbq3a9OMw8U=
Subject key identifier: 65:65:06:54:51:53:2A:31:A0:27:98:50:B6:24:BD:17:F0:15:BF:52
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019A4F61EC74A0F9710AC012CB1D8DE78BDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 15:00:08 +0000
Manifest this update: Tue 04 Nov 2025 15:00:08 +0000
Manifest next update: Wed 05 Nov 2025 15:00:08 +0000
Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: scLPhU/yxaRSQZ3ZSXXbSq0v4/5D3w+sbNUQuMYnK5o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:61:ec:74:a0:f9:71:0a:c0:12:cb:1d:8d:e7:8b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Nov 4 15:00:08 2025 GMT
Not After : Nov 5 15:00:08 2025 GMT
Subject: CN=6565065451532a31a0279850b624bd17f015bf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4c:d9:be:42:f4:37:86:9c:d9:1c:ff:7f:db:
cf:d5:7a:34:9f:94:d0:b9:cd:53:a9:6f:6a:35:8c:
8e:f4:77:2a:94:5f:64:56:35:3d:4a:55:05:18:70:
8e:c3:14:d8:3f:07:b9:6f:72:a8:04:77:eb:fe:f1:
4e:25:7a:02:d8:e0:59:ab:d8:60:80:ce:dd:c0:1f:
8b:eb:2e:51:c0:a6:34:c9:ee:be:0f:61:d0:10:f4:
f0:82:04:e1:31:0c:2c:42:76:1a:12:90:5b:69:03:
f3:c6:9b:84:da:3c:5b:a6:ad:00:9d:a9:31:35:cd:
3f:78:66:cd:0b:9c:fb:7f:a0:b1:49:67:88:80:f4:
72:01:1c:c4:c4:d5:24:39:26:0c:78:45:89:f6:7d:
ff:f2:fd:98:40:02:e4:6a:f0:42:a4:02:d8:0a:3e:
95:5f:c1:07:55:00:fa:8c:53:5d:9b:eb:7b:b5:ae:
dd:9d:e4:9f:b5:f2:c2:fe:f0:c3:8a:d4:f3:bd:78:
21:49:7d:9c:23:9d:df:31:a2:ba:e0:2d:f0:11:37:
f5:54:e7:c0:1c:08:07:67:bc:66:8e:e3:65:90:53:
f4:8a:67:2f:e1:65:2c:a0:71:8b:ae:d6:d7:98:c9:
e3:00:c6:ce:96:de:cd:89:f6:13:7d:a7:96:6b:a0:
2c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:65:06:54:51:53:2A:31:A0:27:98:50:B6:24:BD:17:F0:15:BF:52
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:4c:21:eb:f1:8c:df:e0:d6:89:5c:00:2d:85:2b:71:ff:8f:
6e:ae:92:74:c5:25:4e:bc:ba:1c:2b:d6:df:ee:62:80:87:e5:
42:87:c7:21:5e:44:fe:86:4a:dc:85:ab:b9:c6:85:c5:7a:ae:
4a:dc:d3:2e:f4:e7:a0:8a:29:e1:f2:ec:25:2a:95:cf:48:50:
45:17:1e:b6:44:91:6b:3d:cf:e5:f0:cd:4c:f7:29:55:20:59:
bd:76:d9:41:66:41:24:29:fe:7c:07:c3:97:e0:ad:56:41:f2:
8e:58:fd:93:c2:10:c4:1f:50:cb:ac:c8:ce:5f:6a:e1:e9:9a:
b5:e9:a1:83:aa:7c:21:c8:b1:80:55:cf:de:40:af:e7:21:ec:
07:96:11:af:e2:37:66:95:47:d7:3e:14:53:9a:5d:a7:89:a6:
2a:62:82:33:79:a9:1b:94:f9:54:bf:4e:e3:7f:f1:30:6b:55:
d3:ec:c0:2d:89:50:3d:ea:78:2f:0f:b6:f9:88:5d:8c:03:07:
b8:a2:de:76:a5:89:73:69:21:35:b3:fe:6d:68:ca:f1:44:b0:
c2:42:ae:a6:d8:c8:52:38:bc:f1:44:9a:b6:71:d7:4d:8d:07:
23:63:02:21:8d:41:a5:12:e9:b1:a0:a3:73:3f:c1:cd:f5:68:
54:52:e9:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYex0oPlxCsASyx2N54vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUxMTA0MTUwMDA4WhcNMjUxMTA1MTUwMDA4WjAzMTEwLwYDVQQD
Eyg2NTY1MDY1NDUxNTMyYTMxYTAyNzk4NTBiNjI0YmQxN2YwMTViZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0zZvkL0N4ac2Rz/f9vP1Xo0n5TQ
uc1TqW9qNYyO9HcqlF9kVjU9SlUFGHCOwxTYPwe5b3KoBHfr/vFOJXoC2OBZq9hg
gM7dwB+L6y5RwKY0ye6+D2HQEPTwggThMQwsQnYaEpBbaQPzxpuE2jxbpq0Anakx
Nc0/eGbNC5z7f6CxSWeIgPRyARzExNUkOSYMeEWJ9n3/8v2YQALkavBCpALYCj6V
X8EHVQD6jFNdm+t7ta7dneSftfLC/vDDitTzvXghSX2cI53fMaK64C3wETf1VOfA
HAgHZ7xmjuNlkFP0imcv4WUsoHGLrtbXmMnjAMbOlt7NifYTfaeWa6AsowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVlBlRRUyoxoCeYULYkvRfwFb9SMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIEwh6/GM
3+DWiVwALYUrcf+Pbq6SdMUlTry6HCvW3+5igIflQofHIV5E/oZK3IWrucaFxXqu
StzTLvTnoIop4fLsJSqVz0hQRRcetkSRaz3P5fDNTPcpVSBZvXbZQWZBJCn+fAfD
l+CtVkHyjlj9k8IQxB9Qy6zIzl9q4ematemhg6p8IcixgFXP3kCv5yHsB5YRr+I3
ZpVH1z4UU5pdp4mmKmKCM3mpG5T5VL9O43/xMGtV0+zALYlQPep4Lw+2+YhdjAMH
uKLedqWJc2khNbP+bWjK8USwwkKuptjIUji88USatnHXTY0HI2MCIY1BpRLpsaCj
cz/BzfVoVFLptg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:45:58 2025 by rpki-client