Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: jLweh05a0Ud6ziPcvsUtP6d76ox646PbCkEh4TiVXGQ=
Subject key identifier: D0:5F:BE:42:F8:63:84:A4:39:E3:7E:C5:B4:8B:5B:EA:95:6B:74:7A
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019A4F99716AC46681E68B74B1A019FB8379
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 0EEE
Signing time: Tue 04 Nov 2025 16:00:47 +0000
Manifest this update: Tue 04 Nov 2025 16:00:47 +0000
Manifest next update: Wed 05 Nov 2025 16:00:47 +0000
Files and hashes: 1: hi3FrnF-3jLI3lIxcnrMYtC-4ow.roa (hash: Hon+3addqQMzwZi2hE3IgLssZw3bA0MMDqOLsP3ZK0E=)
2: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: HpDSzUzAk/ot87H/kQTEyF3Q+fBGCBqDP9Srevs+yKk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:71:6a:c4:66:81:e6:8b:74:b1:a0:19:fb:83:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Nov 4 16:00:47 2025 GMT
Not After : Nov 5 16:00:47 2025 GMT
Subject: CN=d05fbe42f86384a439e37ec5b48b5bea956b747a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:ce:b3:ae:b5:f3:b9:be:80:b7:cb:3b:ce:
61:cc:ab:9a:ca:a1:03:39:11:bc:d9:d1:07:8d:91:
91:66:f4:f5:9b:72:da:ab:a2:d5:b2:8c:94:20:f0:
38:14:39:88:4f:e1:0c:4b:9c:df:b7:9a:c6:91:3a:
7c:fe:42:1c:87:a2:5a:5c:ad:71:28:2d:7c:13:0d:
86:e3:ac:c4:8f:0b:61:16:0c:82:b2:99:0c:20:bf:
22:f7:43:9b:37:0b:7b:5c:9a:6f:37:77:43:35:2f:
61:23:51:4d:79:59:2d:49:bf:61:08:48:26:55:18:
4d:10:86:bc:bb:ac:ad:ae:71:26:a8:40:25:bb:02:
d6:53:f5:b5:c5:6c:b6:fc:be:14:29:db:7b:e8:e3:
0f:bd:85:ba:a0:b2:57:b6:96:86:96:f6:00:22:00:
32:f6:ff:5b:64:aa:e8:dd:11:99:25:f0:cf:eb:ae:
66:cd:c0:d2:85:19:7c:e8:b2:b0:d4:87:67:12:45:
ac:8a:f4:1c:95:a4:3c:26:a8:03:79:b6:42:37:79:
51:37:d8:04:ee:c7:59:bc:6e:7f:95:ed:b2:1e:41:
d1:72:36:bf:36:8a:2f:ac:84:9e:b3:e6:98:bd:4e:
f8:26:2a:3b:85:f0:a9:66:d5:d5:e6:eb:39:36:cf:
4c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5F:BE:42:F8:63:84:A4:39:E3:7E:C5:B4:8B:5B:EA:95:6B:74:7A
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:72:52:56:4e:a3:85:cf:e9:4a:53:8a:c0:3b:b0:c1:f9:cf:
fd:f4:bd:06:7d:f1:ab:f4:33:0a:14:c0:55:01:56:ef:1f:69:
14:42:ce:b9:8c:52:5e:0c:7f:27:a7:16:f9:c7:c4:4c:52:af:
4b:5c:b7:84:9f:e0:ab:e4:1b:28:eb:31:d2:20:b5:47:88:ed:
d0:64:b5:48:e9:be:74:46:af:73:da:89:0e:5b:90:3e:f1:23:
d7:0b:b0:9e:03:b9:d8:78:66:7d:c5:76:5b:76:eb:47:f0:06:
7a:77:e6:c6:48:cd:31:46:db:68:53:7d:6c:18:b2:ec:70:39:
18:60:c5:8d:86:c2:d6:ed:62:cb:e3:3d:30:98:46:53:9c:de:
50:4d:05:41:29:3b:2b:df:ad:7b:35:c1:ba:e7:ed:28:c3:b8:
0a:31:70:e3:ef:66:c6:86:3e:ba:9b:3a:5c:c6:6f:0f:3d:34:
13:54:99:90:c8:a9:75:0f:68:a5:ad:9d:bc:6e:54:aa:d9:97:
92:a0:18:6b:0d:e2:75:f6:97:e4:fc:2c:48:a6:a4:7b:d8:5c:
eb:21:86:19:7e:6d:82:01:7c:69:5f:af:35:81:33:cc:6f:66:
ff:2b:12:cd:7e:d3:2c:fa:23:9f:9e:61:2e:82:a2:32:4f:04:
b6:50:29:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmXFqxGaB5ot0saAZ+4N5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjUxMTA0MTYwMDQ3WhcNMjUxMTA1MTYwMDQ3WjAzMTEwLwYDVQQD
EyhkMDVmYmU0MmY4NjM4NGE0MzllMzdlYzViNDhiNWJlYTk1NmI3NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtPOs66187m+gLfLO85hzKuayqED
ORG82dEHjZGRZvT1m3Laq6LVsoyUIPA4FDmIT+EMS5zft5rGkTp8/kIch6JaXK1x
KC18Ew2G46zEjwthFgyCspkMIL8i90ObNwt7XJpvN3dDNS9hI1FNeVktSb9hCEgm
VRhNEIa8u6ytrnEmqEAluwLWU/W1xWy2/L4UKdt76OMPvYW6oLJXtpaGlvYAIgAy
9v9bZKro3RGZJfDP665mzcDShRl86LKw1IdnEkWsivQclaQ8JqgDebZCN3lRN9gE
7sdZvG5/le2yHkHRcja/NoovrISes+aYvU74Jio7hfCpZtXV5us5Ns9MswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBfvkL4Y4SkOeN+xbSLW+qVa3R6MB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXJSVk6j
hc/pSlOKwDuwwfnP/fS9Bn3xq/QzChTAVQFW7x9pFELOuYxSXgx/J6cW+cfETFKv
S1y3hJ/gq+QbKOsx0iC1R4jt0GS1SOm+dEavc9qJDluQPvEj1wuwngO52HhmfcV2
W3brR/AGenfmxkjNMUbbaFN9bBiy7HA5GGDFjYbC1u1iy+M9MJhGU5zeUE0FQSk7
K9+tezXBuuftKMO4CjFw4+9mxoY+ups6XMZvDz00E1SZkMipdQ9opa2dvG5UqtmX
kqAYaw3idfaX5PwsSKake9hc6yGGGX5tggF8aV+vNYEzzG9m/ysSzX7TLPojn55h
LoKiMk8EtlApNA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:27:32 2025 by rpki-client