Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
File: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json)
Hash identifier: UUlKR8FYa0mlSy4KabZp4FmnZyCga4EoCWJD+BLOf4M=
Subject key identifier: 15:B1:09:05:D2:59:93:81:A5:64:6B:04:2C:3D:92:34:CD:0C:78:C5
Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98
Certificate issuer: /CN=232872f431ada9b6826c5f0897ec4e5342092e98
Certificate serial: 019A706E296DDAA4EE03E66FC3DE51047E63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
Manifest number: 047E
Signing time: Tue 11 Nov 2025 01:00:59 +0000
Manifest this update: Tue 11 Nov 2025 01:00:59 +0000
Manifest next update: Wed 12 Nov 2025 01:00:59 +0000
Files and hashes: 1: 48SAL-XLUksWWK1voy4rKInz7oY.roa (hash: gFJO835mNcJuKRXk34iwBhwCN0pZ40KaHdrECvT9LmA=)
2: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: EhkmHxNDrIlGlbyEZ+Abjr4fItb46gUyBgNNnctSnh8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:29:6d:da:a4:ee:03:e6:6f:c3:de:51:04:7e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98
Validity
Not Before: Nov 11 01:00:59 2025 GMT
Not After : Nov 12 01:00:59 2025 GMT
Subject: CN=15b10905d2599381a5646b042c3d9234cd0c78c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:55:87:8a:45:1b:d1:36:3d:7b:71:12:2f:96:
a7:46:f5:84:3b:84:cb:f1:6d:fb:1f:e6:9f:44:3f:
44:ff:c6:f1:1e:8d:1c:7f:ea:48:13:5d:23:12:ac:
23:b7:61:9e:4a:1c:42:80:ca:1e:a0:e1:01:fa:d4:
d0:f0:02:90:9a:18:16:1f:b3:d1:3d:18:66:eb:f4:
1d:fd:dc:1b:fd:7d:40:c6:19:87:17:2e:80:d8:4e:
48:3a:81:0b:05:61:ff:f8:ee:c2:e2:1b:8c:93:19:
1d:e8:e5:2b:d2:9c:af:c7:46:3a:87:ba:02:f0:f1:
f5:0e:17:49:bf:e8:fd:5e:35:5a:53:e8:d0:6a:cc:
d9:7e:e5:b1:c8:77:1b:e5:33:e0:13:46:16:b1:ce:
6b:b8:05:46:b9:8c:c7:42:6d:56:ea:a7:b4:39:da:
55:c9:9a:8c:45:dc:fd:f0:1e:f8:02:3a:dc:15:0b:
04:46:6c:ab:9c:e5:6a:55:5f:ae:91:78:aa:d7:83:
da:e8:ec:7f:b8:1f:80:ce:a3:ca:1a:92:5b:56:ca:
53:a1:db:6a:c7:8b:27:ce:16:0d:1e:c8:10:65:5c:
af:88:2e:84:50:3d:cb:18:d4:df:14:0f:c7:c7:9e:
97:eb:5f:3c:19:dc:a5:4a:f5:3c:02:53:30:9c:4b:
68:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B1:09:05:D2:59:93:81:A5:64:6B:04:2C:3D:92:34:CD:0C:78:C5
X509v3 Authority Key Identifier:
keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:43:17:10:f2:30:e6:94:46:a3:7b:2d:c4:e1:b7:f9:4c:e2:
7a:d2:3b:ae:85:c3:48:c2:8b:15:a8:b9:b6:9b:46:fd:3c:99:
3a:f7:34:7c:93:fc:f6:86:54:0d:00:82:88:38:cc:c9:7b:4b:
81:cb:5a:37:54:f0:ee:17:85:07:39:fd:60:1e:7b:ff:3a:f9:
39:c8:9b:76:41:6b:db:38:a4:de:b2:bf:9c:af:64:e4:bb:48:
88:37:32:38:0c:e9:a2:5c:b5:ba:d0:4c:4a:a6:ed:78:82:f0:
5b:91:39:b8:8d:3a:b8:3a:95:f7:25:dd:b5:14:31:ab:22:5f:
41:a0:02:60:06:47:d6:6a:4e:fe:2b:8c:fd:89:de:d7:c1:da:
03:3a:f7:a8:08:15:04:65:9c:bf:b9:0b:13:97:cb:76:4b:f4:
2e:03:88:47:33:c9:fd:13:61:37:2d:a5:36:78:da:ad:df:1b:
07:d8:23:d2:7b:91:bd:ea:81:36:87:e8:ef:ac:03:6f:34:10:
35:39:4a:04:30:b4:f0:1e:ab:98:44:6d:aa:53:3c:c1:af:ba:
16:e0:bf:ae:89:c1:27:c2:ee:50:4c:8c:56:01:ab:64:49:f7:
55:40:fc:4e:32:3f:f8:c6:5e:84:04:e7:eb:5e:7d:bf:fa:17:
b2:52:2d:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbilt2qTuA+Zvw95RBH5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw
OTJlOTgwHhcNMjUxMTExMDEwMDU5WhcNMjUxMTEyMDEwMDU5WjAzMTEwLwYDVQQD
EygxNWIxMDkwNWQyNTk5MzgxYTU2NDZiMDQyYzNkOTIzNGNkMGM3OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlWHikUb0TY9e3ESL5anRvWEO4TL
8W37H+afRD9E/8bxHo0cf+pIE10jEqwjt2GeShxCgMoeoOEB+tTQ8AKQmhgWH7PR
PRhm6/Qd/dwb/X1AxhmHFy6A2E5IOoELBWH/+O7C4huMkxkd6OUr0pyvx0Y6h7oC
8PH1DhdJv+j9XjVaU+jQaszZfuWxyHcb5TPgE0YWsc5ruAVGuYzHQm1W6qe0OdpV
yZqMRdz98B74AjrcFQsERmyrnOVqVV+ukXiq14Pa6Ox/uB+AzqPKGpJbVspTodtq
x4snzhYNHsgQZVyviC6EUD3LGNTfFA/Hx56X6188GdylSvU8AlMwnEtofQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWxCQXSWZOBpWRrBCw9kjTNDHjFMB8GA1UdIwQY
MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt
NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4
LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEMXEPIw
5pRGo3stxOG3+UzietI7roXDSMKLFai5tptG/TyZOvc0fJP89oZUDQCCiDjMyXtL
gctaN1Tw7heFBzn9YB57/zr5OcibdkFr2zik3rK/nK9k5LtIiDcyOAzpoly1utBM
SqbteILwW5E5uI06uDqV9yXdtRQxqyJfQaACYAZH1mpO/iuM/Yne18HaAzr3qAgV
BGWcv7kLE5fLdkv0LgOIRzPJ/RNhNy2lNnjard8bB9gj0nuRveqBNofo76wDbzQQ
NTlKBDC08B6rmERtqlM8wa+6FuC/ronBJ8LuUEyMVgGrZEn3VUD8TjI/+MZehATn
6159v/oXslIt7g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:08 2025 by rpki-client