Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
File: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft (raw, json)
Hash identifier: rdCs0Nlw/dU6Lj0U0UM9LEy61DHiPfwV7qOiLf7UWRc=
Subject key identifier: 0F:5D:63:DF:B9:B8:4F:D8:3F:09:CE:A3:89:61:82:BF:9C:DD:48:B2
Authority key identifier: 88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
Certificate issuer: /CN=88a8d325f97b03713342682fc408d53368740e7d
Certificate serial: 019A71EE8B3598572E3A6253AE5DE627A56E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
Manifest number: 11AC
Signing time: Tue 11 Nov 2025 08:00:49 +0000
Manifest this update: Tue 11 Nov 2025 08:00:49 +0000
Manifest next update: Wed 12 Nov 2025 08:00:49 +0000
Files and hashes: 1: 1g597y06foQbOFcS_h93SwkhNOQ.roa (hash: TZdC67NT8fkd1drCN7n7TEHOt/q1UG1cqUfoMBev2T4=)
2: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl (hash: aIgFliQX4PcXwtYD3wU0flHO/LJA/vgLCmx76Hu+Cbw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:8b:35:98:57:2e:3a:62:53:ae:5d:e6:27:a5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a8d325f97b03713342682fc408d53368740e7d
Validity
Not Before: Nov 11 08:00:49 2025 GMT
Not After : Nov 12 08:00:49 2025 GMT
Subject: CN=0f5d63dfb9b84fd83f09cea3896182bf9cdd48b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:05:93:76:fc:9d:27:d8:0e:fc:6b:ba:70:92:
70:15:bd:d2:a3:b0:73:e1:ea:cf:1a:ee:e2:f8:d5:
8b:6e:2b:96:92:41:23:69:dc:19:8b:dc:57:c2:33:
0a:d6:aa:10:d2:5c:b0:38:f9:93:66:30:85:a1:d8:
3d:0a:44:36:ff:40:bd:47:aa:12:6c:01:cf:54:4c:
b3:74:e9:01:4f:16:f1:63:25:90:ec:4f:30:45:8b:
79:ce:f4:7b:46:61:dd:ef:b6:f1:1c:92:54:cc:65:
01:c8:3a:9a:3a:eb:ec:ed:53:5f:9d:3b:84:f3:d0:
ed:ac:a7:05:2e:52:9c:44:34:f1:57:6c:07:f8:fc:
15:b9:f6:94:b7:5c:75:08:97:9d:ba:89:fe:55:d6:
2a:ce:4b:02:61:21:fb:bf:a9:e1:c7:9a:36:26:c1:
cc:21:84:db:c8:5a:af:66:19:33:e4:e0:45:29:47:
2e:c2:a5:97:a1:ef:31:5e:1e:ef:ea:02:78:83:85:
2d:96:01:30:82:d7:d6:20:01:91:fd:1b:f1:a5:2b:
1b:c9:a3:da:32:35:72:41:2d:c7:dc:83:2d:e4:23:
e9:a6:0c:2f:e7:a7:b3:f4:af:67:63:58:07:04:b3:
d1:de:55:e9:5d:a7:ed:cf:c4:fe:61:82:6f:21:fc:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5D:63:DF:B9:B8:4F:D8:3F:09:CE:A3:89:61:82:BF:9C:DD:48:B2
X509v3 Authority Key Identifier:
keyid:88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:0a:af:cb:e9:6f:0c:4e:1f:06:88:72:9e:ea:ce:2b:1d:45:
50:ed:6e:0d:66:da:01:b0:e9:dd:0a:66:9b:37:e2:8b:aa:b4:
0b:1e:a2:dc:a2:34:bd:5f:f7:22:77:70:08:e7:9b:e4:39:63:
e8:af:b7:2c:00:8a:03:af:6e:f4:a4:fd:b9:3d:92:a9:96:37:
cd:0d:35:6f:29:95:8b:43:37:00:26:93:34:d6:30:2a:ad:b9:
f5:25:42:f6:6e:eb:d9:51:24:cd:28:ab:d5:5e:3c:b7:6b:45:
00:b3:98:57:b5:2a:60:e1:19:5a:50:0b:53:03:28:3d:db:4a:
37:2f:0b:ab:3d:02:b1:c7:29:32:f9:b3:22:53:ab:7d:d3:54:
0e:f6:da:1d:35:e1:68:3a:2b:1c:19:0e:03:26:14:cd:88:8b:
51:cf:45:1c:21:8b:49:15:14:2a:9d:84:a4:c0:de:9b:a1:2c:
0e:9a:b1:01:d2:db:9e:59:1b:95:db:62:a2:34:20:f9:98:74:
09:2a:b2:0d:a2:96:3a:d0:13:e1:7e:55:e5:56:f4:ff:bd:6e:
85:2c:7b:3e:f6:11:e5:fb:9e:b7:ce:d8:ed:a2:50:93:6c:1a:
b7:a7:7c:2d:bc:29:9f:bf:d0:9e:08:62:5e:6f:1c:bb:81:59:
13:12:6e:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7os1mFcuOmJTrl3mJ6VuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YThkMzI1Zjk3YjAzNzEzMzQyNjgyZmM0MDhkNTMzNjg3
NDBlN2QwHhcNMjUxMTExMDgwMDQ5WhcNMjUxMTEyMDgwMDQ5WjAzMTEwLwYDVQQD
EygwZjVkNjNkZmI5Yjg0ZmQ4M2YwOWNlYTM4OTYxODJiZjljZGQ0OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QWTdvydJ9gO/Gu6cJJwFb3So7Bz
4erPGu7i+NWLbiuWkkEjadwZi9xXwjMK1qoQ0lywOPmTZjCFodg9CkQ2/0C9R6oS
bAHPVEyzdOkBTxbxYyWQ7E8wRYt5zvR7RmHd77bxHJJUzGUByDqaOuvs7VNfnTuE
89DtrKcFLlKcRDTxV2wH+PwVufaUt1x1CJeduon+VdYqzksCYSH7v6nhx5o2JsHM
IYTbyFqvZhkz5OBFKUcuwqWXoe8xXh7v6gJ4g4UtlgEwgtfWIAGR/RvxpSsbyaPa
MjVyQS3H3IMt5CPppgwv56ez9K9nY1gHBLPR3lXpXaftz8T+YYJvIfzyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9dY9+5uE/YPwnOo4lhgr+c3UiyMB8GA1UdIwQY
MBaAFIio0yX5ewNxM0JoL8QI1TNodA59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAt
Y2YwM2ZhNGNhMDgzLzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAtY2YwM2ZhNGNhMDgz
LzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgqvy+lv
DE4fBohynurOKx1FUO1uDWbaAbDp3Qpmmzfii6q0Cx6i3KI0vV/3IndwCOeb5Dlj
6K+3LACKA69u9KT9uT2SqZY3zQ01bymVi0M3ACaTNNYwKq259SVC9m7r2VEkzSir
1V48t2tFALOYV7UqYOEZWlALUwMoPdtKNy8Lqz0CsccpMvmzIlOrfdNUDvbaHTXh
aDorHBkOAyYUzYiLUc9FHCGLSRUUKp2EpMDem6EsDpqxAdLbnlkbldtiojQg+Zh0
CSqyDaKWOtAT4X5V5Vb0/71uhSx7PvYR5fuet87Y7aJQk2wat6d8Lbwpn7/Qnghi
Xm8cu4FZExJupA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:55:52 2025 by rpki-client