Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
File: iJiSZOUPOa6IiuMnYQm7qALkWAE.mft (raw, json)
Hash identifier: l8qaFWQwrb8RfzDv8sFKcawGMFAL7Q4jm+244jp/yQg=
Subject key identifier: C3:8A:F7:01:7D:44:21:60:8D:D4:E7:A2:09:48:C9:28:3C:9C:F8:09
Authority key identifier: 88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
Certificate issuer: /CN=88989264e50f39ae888ae3276109bba802e45801
Certificate serial: 019A4E4FC677825B64B4991CE2DC52406A3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
Manifest number: 03A4
Signing time: Tue 04 Nov 2025 10:00:42 +0000
Manifest this update: Tue 04 Nov 2025 10:00:42 +0000
Manifest next update: Wed 05 Nov 2025 10:00:42 +0000
Files and hashes: 1: e7H9B5-pB3ikZ5-oh15fm0ggCqI.roa (hash: We6P0vvIkU060wWseVebnunaD4trxKPA+u+6dudIhmU=)
2: iJiSZOUPOa6IiuMnYQm7qALkWAE.crl (hash: RR5FgYlqfILRsEHyTG9MHmiCP2SKRF5LgJW2k64+HmY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:c6:77:82:5b:64:b4:99:1c:e2:dc:52:40:6a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88989264e50f39ae888ae3276109bba802e45801
Validity
Not Before: Nov 4 10:00:42 2025 GMT
Not After : Nov 5 10:00:42 2025 GMT
Subject: CN=c38af7017d4421608dd4e7a20948c9283c9cf809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:55:26:89:d2:54:0b:10:17:de:aa:55:22:50:
f4:a8:7d:f9:d8:07:30:c2:2c:30:23:f6:b1:4b:ab:
ea:e9:6a:f2:cf:07:a6:29:75:fe:b4:48:e1:d8:dc:
9d:a6:68:f9:d6:de:c8:ea:da:9b:f8:ba:5a:b2:8b:
74:62:c2:13:2e:b1:36:29:aa:09:6b:37:b3:4b:a1:
bb:c2:72:fb:c0:8a:49:55:53:c1:61:ae:66:99:9d:
2f:f1:ca:b2:7c:ba:9c:e0:07:5a:ed:a4:1a:f8:85:
f7:30:da:2c:22:4b:27:aa:75:e5:78:e5:a4:1a:b8:
3a:91:61:1d:c9:75:dc:d2:06:f9:7f:f4:42:28:fd:
ba:77:b1:9d:d6:d1:54:7b:0e:6c:6f:bf:eb:58:80:
89:33:83:cf:f5:44:2a:0e:a1:0d:74:12:cd:4d:38:
17:02:ee:6a:bd:ed:a8:23:7a:cc:2c:0f:e2:b6:95:
87:7a:87:f4:11:08:f7:88:55:52:61:c3:4c:ee:26:
71:09:9f:cc:96:fa:88:80:e0:a1:84:cd:e3:6a:c0:
ce:3e:1e:97:ff:0a:9b:68:48:a3:f6:1e:a7:d9:a6:
57:05:94:f5:76:7d:c7:2e:bd:52:9d:a5:b8:fc:97:
dc:e1:a5:4e:b4:85:52:25:16:37:19:86:5a:ba:0e:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8A:F7:01:7D:44:21:60:8D:D4:E7:A2:09:48:C9:28:3C:9C:F8:09
X509v3 Authority Key Identifier:
keyid:88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:38:6e:a7:a4:d5:32:98:21:d3:6c:44:70:30:48:3b:49:0e:
0f:73:98:8c:0d:ce:2a:46:6c:e4:f5:7e:6a:09:b3:08:4c:8f:
67:be:cc:b6:5a:14:dd:f6:21:fd:09:8f:c5:6c:56:da:fd:d8:
42:92:41:84:44:e0:85:97:34:44:1a:42:61:c9:95:f4:77:03:
26:1d:31:56:2f:dd:a5:16:3e:c2:3a:6a:80:2c:6b:f1:2f:f1:
12:35:66:7f:f4:03:17:46:16:88:c3:41:7d:41:62:c5:a7:b9:
d7:b0:75:f3:7c:bd:bc:59:19:15:18:dd:b4:95:a5:1e:8f:70:
22:cf:58:86:4c:c8:00:b1:8a:e1:ae:e5:12:68:af:62:9d:05:
61:0d:a3:90:8a:44:84:2f:01:77:cc:6b:ee:70:71:bc:88:ec:
05:fb:0d:45:1a:60:e3:2a:79:52:92:c9:63:66:12:55:31:e2:
5f:ff:0a:98:ba:bd:46:42:3c:93:96:cd:99:8e:13:b8:c5:5e:
2e:b3:6a:99:4a:0f:e0:3d:e4:c6:d4:eb:06:a4:09:78:89:81:
0a:9f:fa:b3:d8:4c:dc:0e:0d:d0:2c:a5:21:37:d6:b4:5d:0b:
a7:bb:71:5f:8a:73:ce:71:5e:b0:77:4b:f2:da:d4:1c:18:29:
ba:dc:10:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT8Z3gltktJkc4txSQGo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4OTg5MjY0ZTUwZjM5YWU4ODhhZTMyNzYxMDliYmE4MDJl
NDU4MDEwHhcNMjUxMTA0MTAwMDQyWhcNMjUxMTA1MTAwMDQyWjAzMTEwLwYDVQQD
EyhjMzhhZjcwMTdkNDQyMTYwOGRkNGU3YTIwOTQ4YzkyODNjOWNmODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVUmidJUCxAX3qpVIlD0qH352Acw
wiwwI/axS6vq6WryzwemKXX+tEjh2Nydpmj51t7I6tqb+Lpasot0YsITLrE2KaoJ
azezS6G7wnL7wIpJVVPBYa5mmZ0v8cqyfLqc4Ada7aQa+IX3MNosIksnqnXleOWk
Grg6kWEdyXXc0gb5f/RCKP26d7Gd1tFUew5sb7/rWICJM4PP9UQqDqENdBLNTTgX
Au5qve2oI3rMLA/itpWHeof0EQj3iFVSYcNM7iZxCZ/MlvqIgOChhM3jasDOPh6X
/wqbaEij9h6n2aZXBZT1dn3HLr1SnaW4/Jfc4aVOtIVSJRY3GYZaug5XIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOK9wF9RCFgjdTnoglIySg8nPgJMB8GA1UdIwQY
MBaAFIiYkmTlDzmuiIrjJ2EJu6gC5FgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMt
MzcwYzgwNzY5ODMxLzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMtMzcwYzgwNzY5ODMx
LzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGjhup6TV
Mpgh02xEcDBIO0kOD3OYjA3OKkZs5PV+agmzCEyPZ77MtloU3fYh/QmPxWxW2v3Y
QpJBhETghZc0RBpCYcmV9HcDJh0xVi/dpRY+wjpqgCxr8S/xEjVmf/QDF0YWiMNB
fUFixae517B183y9vFkZFRjdtJWlHo9wIs9YhkzIALGK4a7lEmivYp0FYQ2jkIpE
hC8Bd8xr7nBxvIjsBfsNRRpg4yp5UpLJY2YSVTHiX/8KmLq9RkI8k5bNmY4TuMVe
LrNqmUoP4D3kxtTrBqQJeImBCp/6s9hM3A4N0CylITfWtF0Lp7txX4pzznFesHdL
8trUHBgputwQmQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:43 2025 by rpki-client