Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
File: idaknSMAf7sSRxkvu3vZgus3M18.mft (raw, json)
Hash identifier: SPg9YFiKxTgK0joiiECp6fiyzDhg9dUTtCT6NzG+N+g=
Subject key identifier: C2:1F:39:49:06:D0:CC:12:B5:65:F2:4C:31:71:3F:41:4F:4D:E4:68
Authority key identifier: 89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
Certificate issuer: /CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Certificate serial: 019A7149F0A58424CA2F81BC334F9EDC491B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
Manifest number: 0224
Signing time: Tue 11 Nov 2025 05:01:02 +0000
Manifest this update: Tue 11 Nov 2025 05:01:02 +0000
Manifest next update: Wed 12 Nov 2025 05:01:02 +0000
Files and hashes: 1: h5XDYzeHNRC78pQldSdBc3wtmlU.roa (hash: y/jCUDtK6aEdyycsVox6EyAhTQt3+YacMPTfw4ggZeM=)
2: idaknSMAf7sSRxkvu3vZgus3M18.crl (hash: Dy0pFPyb7Ss0Floro3+Me4GUSvQCJFknbpJvW0A6o0g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:f0:a5:84:24:ca:2f:81:bc:33:4f:9e:dc:49:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Validity
Not Before: Nov 11 05:01:02 2025 GMT
Not After : Nov 12 05:01:02 2025 GMT
Subject: CN=c21f394906d0cc12b565f24c31713f414f4de468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:90:f2:d5:8a:ac:2f:b4:f3:ca:14:15:0d:
2e:ba:28:0a:36:d1:9e:f8:4a:0f:fe:42:ce:ba:82:
eb:57:db:d3:34:15:b8:3b:f2:9e:a4:75:2f:b0:c5:
84:04:e2:7c:0d:f6:cb:15:80:58:a3:ac:71:06:b9:
b8:22:bb:65:e6:34:d3:9d:9b:a9:49:f6:75:3c:40:
3c:e1:55:1c:ff:a9:bd:7f:b8:5d:c3:53:35:ec:84:
c1:83:03:e3:63:3b:b3:db:67:70:a4:d0:e6:ca:6c:
55:cc:82:09:fb:15:8f:85:0d:e5:26:1f:91:c8:33:
ca:9c:73:92:1b:f6:93:61:74:b0:f5:c0:63:a1:b9:
0b:d6:76:e0:eb:58:78:31:d6:81:22:82:6c:7f:29:
99:af:b8:23:14:79:2e:1e:85:e2:c0:37:67:39:81:
31:37:38:a1:92:ff:50:2b:7b:f8:a0:42:8d:64:c5:
fe:03:de:b6:69:64:a0:9b:35:e1:f9:af:5d:8f:d8:
1e:bb:a6:3b:68:47:a6:07:6c:ff:a4:e5:d6:16:88:
f4:92:13:05:0c:c4:d4:52:9f:83:6f:8d:b1:1a:c2:
5f:49:ae:fb:c8:bf:71:bb:ef:45:5e:fc:93:5b:43:
89:da:6d:41:11:53:ac:7e:0d:f0:4a:b3:3b:41:3b:
61:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1F:39:49:06:D0:CC:12:B5:65:F2:4C:31:71:3F:41:4F:4D:E4:68
X509v3 Authority Key Identifier:
keyid:89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:ed:dd:4b:8c:5a:12:d7:1a:51:d3:8a:4b:8b:7d:f2:45:21:
25:b5:16:d3:7c:16:57:d2:2b:c2:b3:22:13:3f:3f:16:0d:da:
c6:18:39:a7:a4:77:81:45:0d:12:b8:8f:9b:f3:19:fc:44:24:
e3:33:74:6d:e5:bb:ea:45:e8:bf:6b:b5:f1:5c:0f:50:09:7a:
1d:ab:14:50:3b:8d:25:5c:1c:65:dc:fb:cc:82:4e:9f:50:20:
4f:16:dd:24:ce:01:85:f3:be:71:98:12:82:3d:f1:7a:3b:4d:
e6:56:f4:e5:f4:bb:7b:e9:f4:71:57:51:5b:06:82:80:a7:76:
39:d3:ce:f2:60:fd:37:77:77:a9:4f:1f:0b:4d:9a:82:99:38:
d0:bb:a2:06:d6:97:50:1c:20:18:c7:a5:97:f2:97:1e:f3:84:
e9:56:36:32:12:dc:19:8a:66:90:2c:1c:2a:de:68:34:fb:9d:
72:70:27:e5:2a:97:8b:2f:ba:51:13:ea:bb:89:2c:98:44:13:
43:76:55:9c:b6:16:fd:81:92:62:19:f8:ae:9b:a8:96:b5:cf:
36:9e:31:b0:8c:0d:24:23:a2:94:bc:d5:6b:33:c6:4c:2a:c8:
2e:1d:3b:61:29:53:cc:07:b6:49:d2:39:06:cd:ec:04:8e:7f:
46:a3:54:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfClhCTKL4G8M0+e3EkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDZhNDlkMjMwMDdmYmIxMjQ3MTkyZmJiN2JkOTgyZWIz
NzMzNWYwHhcNMjUxMTExMDUwMTAyWhcNMjUxMTEyMDUwMTAyWjAzMTEwLwYDVQQD
EyhjMjFmMzk0OTA2ZDBjYzEyYjU2NWYyNGMzMTcxM2Y0MTRmNGRlNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgGQ8tWKrC+088oUFQ0uuigKNtGe
+EoP/kLOuoLrV9vTNBW4O/KepHUvsMWEBOJ8DfbLFYBYo6xxBrm4Irtl5jTTnZup
SfZ1PEA84VUc/6m9f7hdw1M17ITBgwPjYzuz22dwpNDmymxVzIIJ+xWPhQ3lJh+R
yDPKnHOSG/aTYXSw9cBjobkL1nbg61h4MdaBIoJsfymZr7gjFHkuHoXiwDdnOYEx
Nzihkv9QK3v4oEKNZMX+A962aWSgmzXh+a9dj9geu6Y7aEemB2z/pOXWFoj0khMF
DMTUUp+Db42xGsJfSa77yL9xu+9FXvyTW0OJ2m1BEVOsfg3wSrM7QTthPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIfOUkG0MwStWXyTDFxP0FPTeRoMB8GA1UdIwQY
MBaAFInWpJ0jAH+7EkcZL7t72YLrNzNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQt
NmZkNzUxZGU3MTdhLzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQtNmZkNzUxZGU3MTdh
LzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjO3dS4xa
EtcaUdOKS4t98kUhJbUW03wWV9IrwrMiEz8/Fg3axhg5p6R3gUUNEriPm/MZ/EQk
4zN0beW76kXov2u18VwPUAl6HasUUDuNJVwcZdz7zIJOn1AgTxbdJM4BhfO+cZgS
gj3xejtN5lb05fS7e+n0cVdRWwaCgKd2OdPO8mD9N3d3qU8fC02agpk40LuiBtaX
UBwgGMell/KXHvOE6VY2MhLcGYpmkCwcKt5oNPudcnAn5SqXiy+6URPqu4ksmEQT
Q3ZVnLYW/YGSYhn4rpuolrXPNp4xsIwNJCOilLzVazPGTCrILh07YSlTzAe2SdI5
Bs3sBI5/RqNUTw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:16 2025 by rpki-client