Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: 1UpdzyBsSyTLQd5u4uroqqsrTIvwMYzSS7ibixoupMs=
Subject key identifier: 16:02:F8:04:73:44:1D:1F:45:19:77:A0:FB:2C:6B:AE:83:FB:53:F4
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 0198496559A6941DBC7B0A88A9C476D1A168
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 01A4
Signing time: Sun 27 Jul 2025 01:00:35 +0000
Manifest this update: Sun 27 Jul 2025 01:00:35 +0000
Manifest next update: Mon 28 Jul 2025 01:00:35 +0000
Files and hashes: 1: 9WCM-NfBtEzVC0bLgcXxGw_dKs0.roa (hash: +AotBLTXOYZ2qqQz68W39gfX7TdnqXgGz673AR3fS9c=)
2: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: BAtdptlBuuYfnJeJBY0qroHjDe1lBq6jUMloQXwQ6jA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:65:59:a6:94:1d:bc:7b:0a:88:a9:c4:76:d1:a1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Jul 27 01:00:35 2025 GMT
Not After : Jul 28 01:00:35 2025 GMT
Subject: CN=1602f80473441d1f451977a0fb2c6bae83fb53f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5a:38:10:c3:29:96:b6:d5:fe:4d:d5:57:e6:
9a:63:9f:12:a3:35:05:4f:16:ab:25:80:04:c7:ea:
52:3c:38:c9:80:b6:02:12:04:ef:fc:5e:85:c6:81:
fa:a0:88:5b:00:17:a3:1e:b5:3d:ce:d9:28:e7:9a:
bd:10:88:3a:d2:18:f9:6b:44:5f:a7:d7:86:ed:78:
22:d5:f7:6a:a8:dd:93:f9:98:4f:1c:1f:25:df:0b:
d2:d1:88:b0:b9:96:f2:df:dc:67:58:62:02:16:85:
d9:6d:1c:f1:25:eb:73:10:42:ca:a1:ce:47:2b:d8:
05:81:1e:54:79:b4:98:15:85:07:b6:c7:30:f2:8b:
5f:d3:27:c2:8f:09:63:33:2c:4d:da:8c:3a:da:89:
d1:e8:9c:cc:e0:80:31:b4:be:c6:d2:4c:9a:3c:ad:
6d:25:a8:a0:72:d4:4d:d4:c0:f0:16:5e:c6:96:e9:
c2:1a:d1:8f:93:2f:8d:44:19:01:3f:5a:59:6c:1a:
a6:d4:36:10:57:a2:69:fd:26:03:33:87:cc:e4:4f:
98:d6:5f:fb:38:fb:1d:7e:bd:86:f8:a9:15:55:84:
d1:85:7f:d6:87:cb:71:2a:97:0b:a1:e8:93:1c:87:
08:70:3f:da:69:2d:8e:d3:0a:a8:18:1d:37:cb:cc:
0d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:02:F8:04:73:44:1D:1F:45:19:77:A0:FB:2C:6B:AE:83:FB:53:F4
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:7c:80:0b:b7:2a:8b:d4:49:a7:f2:39:3c:a9:f2:14:90:c8:
d2:a2:0c:27:84:fb:73:c9:64:eb:71:91:d3:4a:be:b5:c8:4f:
cf:d4:ea:3c:64:47:3a:77:8c:b1:0a:04:ea:b3:6e:8a:8b:0a:
94:13:3a:e3:d6:2a:00:33:d5:75:7a:eb:94:79:96:50:7e:02:
ac:37:77:1a:12:93:68:c9:7a:b1:31:7b:cf:96:b8:d9:44:df:
63:4a:cd:f6:5c:03:82:43:c7:21:77:56:21:bc:17:a2:2a:4a:
78:4a:3b:8a:b5:90:63:a4:c0:e7:a2:2a:71:4d:41:3a:11:16:
ad:bd:dc:09:b8:fc:40:2d:06:77:1f:f4:c2:cd:1a:9d:a9:92:
15:5d:4b:8c:d9:1a:2f:c3:04:2a:d0:57:64:fa:a1:7a:d5:90:
cd:ec:37:30:30:14:d1:1d:c3:e3:ba:50:dc:56:72:23:53:3d:
d7:1b:2b:8b:bf:76:27:04:7e:c3:7b:d1:bc:3f:b0:12:c3:0b:
77:a2:8f:af:5e:34:0f:77:83:4f:34:36:31:62:0a:54:37:70:
42:1c:0c:4f:2d:9e:7a:4a:9a:50:65:f2:a1:bc:da:64:11:c9:
12:b4:72:95:b9:be:25:ca:eb:eb:11:bb:d5:2c:2b:f4:f6:5a:
74:77:be:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZVmmlB28ewqIqcR20aFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjUwNzI3MDEwMDM1WhcNMjUwNzI4MDEwMDM1WjAzMTEwLwYDVQQD
EygxNjAyZjgwNDczNDQxZDFmNDUxOTc3YTBmYjJjNmJhZTgzZmI1M2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51o4EMMplrbV/k3VV+aaY58SozUF
TxarJYAEx+pSPDjJgLYCEgTv/F6FxoH6oIhbABejHrU9ztko55q9EIg60hj5a0Rf
p9eG7Xgi1fdqqN2T+ZhPHB8l3wvS0YiwuZby39xnWGICFoXZbRzxJetzEELKoc5H
K9gFgR5UebSYFYUHtscw8otf0yfCjwljMyxN2ow62onR6JzM4IAxtL7G0kyaPK1t
JaigctRN1MDwFl7GlunCGtGPky+NRBkBP1pZbBqm1DYQV6Jp/SYDM4fM5E+Y1l/7
OPsdfr2G+KkVVYTRhX/Wh8txKpcLoeiTHIcIcD/aaS2O0wqoGB03y8wNuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYC+ARzRB0fRRl3oPssa66D+1P0MB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHyAC7cq
i9RJp/I5PKnyFJDI0qIMJ4T7c8lk63GR00q+tchPz9TqPGRHOneMsQoE6rNuiosK
lBM649YqADPVdXrrlHmWUH4CrDd3GhKTaMl6sTF7z5a42UTfY0rN9lwDgkPHIXdW
IbwXoipKeEo7irWQY6TA56IqcU1BOhEWrb3cCbj8QC0Gdx/0ws0anamSFV1LjNka
L8MEKtBXZPqhetWQzew3MDAU0R3D47pQ3FZyI1M91xsri792JwR+w3vRvD+wEsML
d6KPr140D3eDTzQ2MWIKVDdwQhwMTy2eekqaUGXyobzaZBHJErRylbm+Jcrr6xG7
1Swr9PZadHe+Dg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:26:39 2025 by rpki-client