Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.mft
File: i8Wo923xVof4NEHJprVUV48831c.mft (raw, json)
Hash identifier: MPpmkqDmBvrD0GMaq9NvAH1VYCJMpSbH4XmqRQVVtB8=
Subject key identifier: 9B:BF:72:F6:14:06:B6:A3:7D:E9:B6:91:31:AB:CC:FB:DF:56:7E:9F
Authority key identifier: 8B:C5:A8:F7:6D:F1:56:87:F8:34:41:C9:A6:B5:54:57:8F:3C:DF:57
Certificate issuer: /CN=8bc5a8f76df15687f83441c9a6b554578f3cdf57
Certificate serial: 019A71EEE8A80E414B03F15340DB985BC258
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i8Wo923xVof4NEHJprVUV48831c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.mft
Manifest number: 03BD
Signing time: Tue 11 Nov 2025 08:01:13 +0000
Manifest this update: Tue 11 Nov 2025 08:01:13 +0000
Manifest next update: Wed 12 Nov 2025 08:01:13 +0000
Files and hashes: 1: i8Wo923xVof4NEHJprVUV48831c.crl (hash: pUATpuMdNBaNoJop9HHmHWGKLgwwkEUE68bS/iSRCfA=)
2: xqruQTCgxIM4PNAxf9wXVycyPyQ.roa (hash: hdKTf9nYGB8AkPxxLnuI6L7FG/INFNDmxrZRzLc1Xt0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.mft
rsync://rpki.ripe.net/repository/DEFAULT/i8Wo923xVof4NEHJprVUV48831c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:e8:a8:0e:41:4b:03:f1:53:40:db:98:5b:c2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bc5a8f76df15687f83441c9a6b554578f3cdf57
Validity
Not Before: Nov 11 08:01:13 2025 GMT
Not After : Nov 12 08:01:13 2025 GMT
Subject: CN=9bbf72f61406b6a37de9b69131abccfbdf567e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:7c:3e:e1:e4:33:bc:4c:5f:3f:91:bd:f0:
63:04:37:ae:43:35:55:a3:77:c2:1f:4d:8f:ab:c0:
78:c4:bd:eb:bc:5a:99:f2:d8:07:10:22:1f:44:16:
d1:b4:38:8f:32:7d:75:1b:5e:b1:2b:24:99:34:75:
b4:1e:c6:8f:cc:f9:b4:20:52:49:1d:e7:c6:08:d2:
1f:f1:c5:e6:23:19:03:e1:bf:c5:cb:0d:93:85:e5:
12:87:21:b0:f4:18:56:92:97:07:91:b3:08:2f:2b:
bc:36:dd:84:ce:35:13:38:84:c4:a9:9c:4b:51:3a:
4a:d3:91:4b:b5:16:78:8d:7a:e0:13:a8:f0:c4:df:
08:00:9a:64:90:7e:42:02:1e:a1:fa:4c:31:9c:85:
2b:f4:8a:fe:2e:a1:a2:e0:96:f6:5c:d0:27:ec:14:
76:ea:0d:05:cd:72:f9:9c:fc:50:26:b2:a4:2c:ce:
8d:fb:fc:89:a5:df:c3:a7:2f:f3:91:d0:8e:09:ff:
11:53:1a:71:d4:c3:21:17:39:19:26:9e:8a:1a:f4:
af:2d:c6:ec:f8:e2:71:76:30:49:25:01:e8:86:94:
ec:d9:54:b0:3c:36:8b:1f:a1:69:2a:48:35:bf:81:
1c:4b:ce:cc:18:1d:0d:28:cf:9a:39:7f:a1:ca:04:
33:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BF:72:F6:14:06:B6:A3:7D:E9:B6:91:31:AB:CC:FB:DF:56:7E:9F
X509v3 Authority Key Identifier:
keyid:8B:C5:A8:F7:6D:F1:56:87:F8:34:41:C9:A6:B5:54:57:8F:3C:DF:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i8Wo923xVof4NEHJprVUV48831c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/25e83d-2365-4126-9aa7-94b9cf2cd2ef/1/i8Wo923xVof4NEHJprVUV48831c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:af:9d:b9:ff:1c:6c:a3:a7:c2:08:c8:84:43:4d:ed:0e:db:
bf:5e:e7:3b:07:02:81:de:47:74:9c:df:ab:8f:ff:de:37:24:
27:d8:32:ec:f4:bb:43:df:0c:7a:3c:aa:92:c5:2a:c2:36:0f:
9d:c4:84:ea:3d:17:b6:00:1c:44:c9:d9:e6:70:5f:cd:24:74:
96:68:6b:ac:42:f2:a1:c9:45:c5:b9:28:d8:a2:29:bc:5f:a4:
c6:d2:a4:d4:4e:08:cb:29:88:64:27:56:96:44:41:c9:fe:a2:
38:77:3d:fa:61:61:8a:27:4b:db:21:72:d1:fe:3c:8c:99:cd:
48:6d:6c:6b:85:99:9f:d0:8b:f6:22:8e:42:0c:c1:50:84:ee:
3a:dd:d8:0b:14:bf:16:7c:e4:63:22:b7:e6:2e:04:84:ec:69:
9b:03:5f:5d:ae:4f:18:26:fd:f6:9d:0b:54:f5:2f:9e:02:8a:
1d:b4:b6:93:f0:92:2b:99:a8:28:aa:dc:87:a1:1d:32:45:ca:
8a:dd:f1:37:dd:d3:e6:c2:12:1b:63:2b:2f:6a:a5:89:4d:31:
35:71:c5:01:41:91:6d:2f:8f:ac:17:11:d0:32:43:b0:81:98:
ee:a2:50:ee:80:d3:88:fe:d9:57:c9:9c:89:ed:72:eb:ff:78:
f3:8f:a5:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uioDkFLA/FTQNuYW8JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYzVhOGY3NmRmMTU2ODdmODM0NDFjOWE2YjU1NDU3OGYz
Y2RmNTcwHhcNMjUxMTExMDgwMTEzWhcNMjUxMTEyMDgwMTEzWjAzMTEwLwYDVQQD
Eyg5YmJmNzJmNjE0MDZiNmEzN2RlOWI2OTEzMWFiY2NmYmRmNTY3ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhd8PuHkM7xMXz+RvfBjBDeuQzVV
o3fCH02Pq8B4xL3rvFqZ8tgHECIfRBbRtDiPMn11G16xKySZNHW0HsaPzPm0IFJJ
HefGCNIf8cXmIxkD4b/Fyw2TheUShyGw9BhWkpcHkbMILyu8Nt2EzjUTOITEqZxL
UTpK05FLtRZ4jXrgE6jwxN8IAJpkkH5CAh6h+kwxnIUr9Ir+LqGi4Jb2XNAn7BR2
6g0FzXL5nPxQJrKkLM6N+/yJpd/Dpy/zkdCOCf8RUxpx1MMhFzkZJp6KGvSvLcbs
+OJxdjBJJQHohpTs2VSwPDaLH6FpKkg1v4EcS87MGB0NKM+aOX+hygQzOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJu/cvYUBrajfem2kTGrzPvfVn6fMB8GA1UdIwQY
MBaAFIvFqPdt8VaH+DRByaa1VFePPN9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaThXbzkyM3hWb2Y0TkVISnByVlVWNDg4MzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yNWU4M2QtMjM2NS00MTI2LTlhYTct
OTRiOWNmMmNkMmVmLzEvaThXbzkyM3hWb2Y0TkVISnByVlVWNDg4MzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yNWU4M2QtMjM2NS00MTI2LTlhYTctOTRiOWNmMmNkMmVm
LzEvaThXbzkyM3hWb2Y0TkVISnByVlVWNDg4MzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeK+duf8c
bKOnwgjIhENN7Q7bv17nOwcCgd5HdJzfq4//3jckJ9gy7PS7Q98MejyqksUqwjYP
ncSE6j0XtgAcRMnZ5nBfzSR0lmhrrELyoclFxbko2KIpvF+kxtKk1E4IyymIZCdW
lkRByf6iOHc9+mFhiidL2yFy0f48jJnNSG1sa4WZn9CL9iKOQgzBUITuOt3YCxS/
FnzkYyK35i4EhOxpmwNfXa5PGCb99p0LVPUvngKKHbS2k/CSK5moKKrch6EdMkXK
it3xN93T5sISG2MrL2qliU0xNXHFAUGRbS+PrBcR0DJDsIGY7qJQ7oDTiP7ZV8mc
ie1y6/9484+l9g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:17 2025 by rpki-client