Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.mft
File: i2ojov0aCVY3ijfU_OJZ3yvXlKc.mft (raw, json)
Hash identifier: kDpQ2FW7rgip1sXv1im6zu7IBKR276kZRe5C3uJjLWc=
Subject key identifier: D1:AD:C2:F1:54:12:BC:FD:18:1E:64:12:8E:40:AA:64:A7:1F:73:E2
Authority key identifier: 8B:6A:23:A2:FD:1A:09:56:37:8A:37:D4:FC:E2:59:DF:2B:D7:94:A7
Certificate issuer: /CN=8b6a23a2fd1a0956378a37d4fce259df2bd794a7
Certificate serial: 0199331290BCBBEC3FAA2ADDAE0B6242E0FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2ojov0aCVY3ijfU_OJZ3yvXlKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.mft
Manifest number: 167A
Signing time: Wed 10 Sep 2025 10:01:18 +0000
Manifest this update: Wed 10 Sep 2025 10:01:18 +0000
Manifest next update: Thu 11 Sep 2025 10:01:18 +0000
Files and hashes: 1: FE1p8xqk22ZLL8TtVpBgIJ5HCYk.roa (hash: EEjSbBj9sFsFeIYvGJ66Mb2B5f9wjNh8P6NHIHv03o4=)
2: Nj_g5XagzgChnaGJmyAjIxliPxQ.roa (hash: 2T2yAo36kvnreO/zfmG7HDMPjTZHcC33NYqG6yteeqQ=)
3: i2ojov0aCVY3ijfU_OJZ3yvXlKc.crl (hash: G5q4x7t0dvEKrBQIriomt+W1yfs1sZknLdDcHLvw4d0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2ojov0aCVY3ijfU_OJZ3yvXlKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:12:90:bc:bb:ec:3f:aa:2a:dd:ae:0b:62:42:e0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6a23a2fd1a0956378a37d4fce259df2bd794a7
Validity
Not Before: Sep 10 10:01:18 2025 GMT
Not After : Sep 11 10:01:18 2025 GMT
Subject: CN=d1adc2f15412bcfd181e64128e40aa64a71f73e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:d4:0a:c5:a3:ff:45:a7:be:5b:ed:bb:13:
fa:57:16:0a:b0:dd:c0:68:d9:a7:19:f9:43:13:1b:
43:3c:92:7e:64:6e:ed:63:9c:07:0e:8a:b6:da:f1:
ef:a0:fd:c8:09:87:6e:3d:47:94:37:67:85:42:29:
dd:6b:25:e9:b2:38:44:e2:f0:33:20:6c:c3:18:59:
8c:4f:05:26:34:27:b3:4e:09:24:29:ca:bb:08:68:
a3:86:65:2c:05:d0:0f:f6:51:30:37:7d:3e:cc:dc:
c9:dc:0a:c8:1c:4c:f9:90:7c:a2:33:c6:49:d3:9d:
2a:bc:53:47:bf:d6:6d:51:37:f3:4a:31:fa:5d:ad:
05:09:b2:ec:0c:1e:e1:97:5d:23:12:3b:dc:41:d1:
c4:37:d9:0a:92:c9:1f:2c:a1:ee:2c:b5:6e:b4:50:
99:33:86:11:da:d2:5e:0c:9e:49:6d:49:68:46:69:
be:10:61:9b:3a:35:7d:04:9d:ce:fd:0f:72:73:8f:
24:5b:b8:10:3b:7e:3d:e8:da:76:35:fb:0d:53:c0:
6c:29:1b:cb:5b:34:e4:ab:6a:da:0f:10:bd:3e:4f:
f6:70:ad:6f:63:e4:13:68:77:2b:4d:59:f3:e4:54:
c4:0e:5f:3d:3f:dc:a4:2e:a9:aa:f8:d0:25:91:96:
75:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AD:C2:F1:54:12:BC:FD:18:1E:64:12:8E:40:AA:64:A7:1F:73:E2
X509v3 Authority Key Identifier:
keyid:8B:6A:23:A2:FD:1A:09:56:37:8A:37:D4:FC:E2:59:DF:2B:D7:94:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2ojov0aCVY3ijfU_OJZ3yvXlKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f91b2c-c5fe-4625-a180-9a46ed5b42db/1/i2ojov0aCVY3ijfU_OJZ3yvXlKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:ba:51:11:13:3d:59:71:e0:3e:4c:4a:8d:b8:68:14:4f:03:
e4:8f:37:11:42:dd:13:c3:ad:d2:56:99:09:dc:7a:8f:0d:74:
9b:07:4d:c8:ed:f8:7b:28:63:e3:b1:93:51:a7:f4:56:b2:d9:
5b:38:54:92:88:5d:72:f2:2c:7a:3b:fd:c6:f6:13:a7:bf:cc:
5b:12:c6:89:31:0e:86:8a:9e:c1:94:b2:55:44:2e:37:af:29:
cf:8d:dd:af:8f:05:c5:f1:40:17:b7:90:13:60:57:ec:fa:bb:
a5:f7:8b:5c:84:bc:f8:28:34:fa:9b:91:ef:14:46:36:8e:3c:
77:26:62:2d:49:24:12:ff:fd:31:fe:18:34:d2:b8:86:28:9d:
75:01:db:46:d2:6e:fb:3b:72:9e:db:5a:e1:60:3a:34:54:7f:
e1:47:73:39:0f:ff:37:55:aa:71:35:c7:d6:74:c1:32:6c:49:
f2:60:04:f3:21:ae:28:8a:bf:18:a8:4d:d6:4e:e0:7b:3b:cf:
62:93:cb:5d:ac:8c:df:47:22:a5:ba:1d:9e:ae:fa:bb:a8:41:
46:29:4c:58:0c:ee:e7:d7:27:5c:12:03:3e:1e:3d:cf:b0:fe:
4d:79:1a:26:d2:dc:9b:10:68:57:ee:d3:2f:20:e8:96:3f:90:
82:36:c2:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzEpC8u+w/qirdrgtiQuD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNmEyM2EyZmQxYTA5NTYzNzhhMzdkNGZjZTI1OWRmMmJk
Nzk0YTcwHhcNMjUwOTEwMTAwMTE4WhcNMjUwOTExMTAwMTE4WjAzMTEwLwYDVQQD
EyhkMWFkYzJmMTU0MTJiY2ZkMTgxZTY0MTI4ZTQwYWE2NGE3MWY3M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7jUCsWj/0WnvlvtuxP6VxYKsN3A
aNmnGflDExtDPJJ+ZG7tY5wHDoq22vHvoP3ICYduPUeUN2eFQindayXpsjhE4vAz
IGzDGFmMTwUmNCezTgkkKcq7CGijhmUsBdAP9lEwN30+zNzJ3ArIHEz5kHyiM8ZJ
050qvFNHv9ZtUTfzSjH6Xa0FCbLsDB7hl10jEjvcQdHEN9kKkskfLKHuLLVutFCZ
M4YR2tJeDJ5JbUloRmm+EGGbOjV9BJ3O/Q9yc48kW7gQO3496Np2NfsNU8BsKRvL
WzTkq2raDxC9Pk/2cK1vY+QTaHcrTVnz5FTEDl89P9ykLqmq+NAlkZZ15wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGtwvFUErz9GB5kEo5AqmSnH3PiMB8GA1UdIwQY
MBaAFItqI6L9GglWN4o31PziWd8r15SnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJvam92MGFDVlkzaWpmVV9PSlozeXZYbEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mOTFiMmMtYzVmZS00NjI1LWExODAt
OWE0NmVkNWI0MmRiLzEvaTJvam92MGFDVlkzaWpmVV9PSlozeXZYbEtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mOTFiMmMtYzVmZS00NjI1LWExODAtOWE0NmVkNWI0MmRi
LzEvaTJvam92MGFDVlkzaWpmVV9PSlozeXZYbEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLpRERM9
WXHgPkxKjbhoFE8D5I83EULdE8Ot0laZCdx6jw10mwdNyO34eyhj47GTUaf0VrLZ
WzhUkohdcvIsejv9xvYTp7/MWxLGiTEOhoqewZSyVUQuN68pz43dr48FxfFAF7eQ
E2BX7Pq7pfeLXIS8+Cg0+puR7xRGNo48dyZiLUkkEv/9Mf4YNNK4hiiddQHbRtJu
+ztyntta4WA6NFR/4UdzOQ//N1WqcTXH1nTBMmxJ8mAE8yGuKIq/GKhN1k7gezvP
YpPLXayM30cipbodnq76u6hBRilMWAzu59cnXBIDPh49z7D+TXkaJtLcmxBoV+7T
LyDolj+QgjbCMQ==
-----END CERTIFICATE-----
Generated at Wed Sep 10 13:53:35 2025 by rpki-client