Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
File: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft (raw, json)
Hash identifier: 2isYAMNtwGjfuCWZTu8A9n4urkw6TVXxQJ7NrMoHoiY=
Subject key identifier: 8F:74:EA:1C:C8:50:34:94:5D:20:5A:DD:8A:53:71:9E:84:88:C1:94
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 019A4DE1B1483B525C14DC9ED6D8938B6222
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 08:00:27 +0000
Manifest this update: Tue 04 Nov 2025 08:00:27 +0000
Manifest next update: Wed 05 Nov 2025 08:00:27 +0000
Files and hashes: 1: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl (hash: cTwqWLRYihFDk9NQyzRTYPRRGx8JWZVJR/VQy6o/Qho=)
2: ZUnY6DcgMFOkn5YPuY63h16XVew.roa (hash: j75VTgwm6ax4o8jG9UYWYEtlaoF5sYfNI7iKEcRNxJM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:b1:48:3b:52:5c:14:dc:9e:d6:d8:93:8b:62:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Nov 4 08:00:27 2025 GMT
Not After : Nov 5 08:00:27 2025 GMT
Subject: CN=8f74ea1cc85034945d205add8a53719e8488c194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:ac:61:10:57:ae:5d:4b:4b:06:73:6c:c2:
70:3d:36:32:ef:34:3d:8c:f9:95:ae:1a:66:c3:f0:
25:81:f5:45:48:d1:ba:02:f0:12:f8:b9:49:29:4a:
ef:f1:60:f6:15:5f:8f:c8:b6:d2:f0:d0:fd:3c:59:
01:46:69:66:24:e7:07:cc:5c:06:60:f2:e8:77:5c:
4a:79:73:31:00:ef:49:4d:e5:07:6c:5a:b7:61:17:
7f:34:98:9b:8e:1e:cb:20:8d:a2:78:3a:68:fa:52:
a4:90:fe:c8:09:bb:7e:9c:ff:fb:35:79:2b:c9:c8:
24:8d:ab:7e:82:d8:a7:a9:68:19:e6:88:60:7b:56:
97:e1:84:70:12:8e:0b:81:51:b6:71:bc:bf:e2:e1:
68:d3:b2:53:5b:59:8d:e0:32:1d:0f:90:76:46:1b:
ce:91:bf:01:ed:da:ae:5e:f2:1a:02:2d:a1:88:1f:
91:3e:42:5f:15:b6:09:91:e1:1a:68:f7:e8:19:81:
8a:eb:ed:df:28:6a:be:91:c6:49:c3:c8:83:bd:81:
95:66:6c:74:72:c4:c6:06:66:68:81:b9:a0:24:1b:
c6:52:ab:0a:2b:3b:6c:ed:37:75:df:8e:51:1e:9d:
ba:2c:87:e3:7c:76:e0:87:37:fa:7a:0c:50:b6:92:
bf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:74:EA:1C:C8:50:34:94:5D:20:5A:DD:8A:53:71:9E:84:88:C1:94
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:2a:29:fc:56:00:e2:54:7d:8b:ef:29:48:8b:96:1d:b0:94:
4f:51:65:e3:eb:a7:d5:cd:02:6e:68:00:8c:c3:3c:44:77:f9:
ad:15:f0:ae:03:bc:50:65:c7:e6:6a:d0:e1:3b:0a:0e:71:90:
bf:a6:77:74:d0:a3:75:31:e8:36:cd:a2:b3:b1:af:a0:6a:46:
fa:b3:50:b4:8f:0e:ec:01:31:06:e6:05:6a:e1:ea:2d:65:39:
d8:46:a3:f7:50:56:e8:43:f1:40:81:20:00:bb:bd:79:91:13:
ca:b1:b8:e1:f9:d9:8d:21:83:a9:32:73:09:de:e1:f4:63:86:
20:68:09:ca:54:db:ed:02:36:26:01:31:14:df:6b:3e:92:66:
d7:21:93:4a:96:19:26:03:c7:dd:21:33:02:85:11:c3:56:c6:
39:07:71:78:65:80:79:e5:da:6c:54:67:10:e5:af:86:04:ab:
dd:73:6f:0b:9a:4f:7f:58:4c:cb:a3:9f:40:5e:71:9e:7f:38:
30:8b:d7:e6:e0:da:b9:9a:ba:34:18:1c:5f:e6:7f:52:58:61:
fb:e1:a6:38:94:83:01:4b:a4:55:be:a3:75:db:1a:ac:c6:ee:
01:b7:9e:2a:d7:fd:96:06:6e:11:44:a5:34:0f:b7:5c:ac:22:
a6:b7:a7:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4bFIO1JcFNye1tiTi2IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjUxMTA0MDgwMDI3WhcNMjUxMTA1MDgwMDI3WjAzMTEwLwYDVQQD
Eyg4Zjc0ZWExY2M4NTAzNDk0NWQyMDVhZGQ4YTUzNzE5ZTg0ODhjMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ6sYRBXrl1LSwZzbMJwPTYy7zQ9
jPmVrhpmw/AlgfVFSNG6AvAS+LlJKUrv8WD2FV+PyLbS8ND9PFkBRmlmJOcHzFwG
YPLod1xKeXMxAO9JTeUHbFq3YRd/NJibjh7LII2ieDpo+lKkkP7ICbt+nP/7NXkr
ycgkjat+gtinqWgZ5ohge1aX4YRwEo4LgVG2cby/4uFo07JTW1mN4DIdD5B2RhvO
kb8B7dquXvIaAi2hiB+RPkJfFbYJkeEaaPfoGYGK6+3fKGq+kcZJw8iDvYGVZmx0
csTGBmZogbmgJBvGUqsKKzts7Td1345RHp26LIfjfHbghzf6egxQtpK/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI906hzIUDSUXSBa3YpTcZ6EiMGUMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESop/FYA
4lR9i+8pSIuWHbCUT1Fl4+un1c0CbmgAjMM8RHf5rRXwrgO8UGXH5mrQ4TsKDnGQ
v6Z3dNCjdTHoNs2is7GvoGpG+rNQtI8O7AExBuYFauHqLWU52Eaj91BW6EPxQIEg
ALu9eZETyrG44fnZjSGDqTJzCd7h9GOGIGgJylTb7QI2JgExFN9rPpJm1yGTSpYZ
JgPH3SEzAoURw1bGOQdxeGWAeeXabFRnEOWvhgSr3XNvC5pPf1hMy6OfQF5xnn84
MIvX5uDauZq6NBgcX+Z/Ulhh++GmOJSDAUukVb6jddsarMbuAbeeKtf9lgZuEUSl
NA+3XKwipren/A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:01:38 2025 by rpki-client