Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
File: iOuqLxdpo932X4c9wx81HvB4rSU.mft (raw, json)
Hash identifier: dGSnmM9RtdKJ33R5ZojV/5TDaAsweb9KmfuW9IYEQN0=
Subject key identifier: 37:63:4B:0A:5C:B0:2E:9C:0C:F1:6E:89:D1:AA:2A:26:25:2D:23:93
Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
Certificate issuer: /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Certificate serial: 019A725CC3411E6FC8811ECE4A922B0337CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
Manifest number: 0EBD
Signing time: Tue 11 Nov 2025 10:01:13 +0000
Manifest this update: Tue 11 Nov 2025 10:01:13 +0000
Manifest next update: Wed 12 Nov 2025 10:01:13 +0000
Files and hashes: 1: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (hash: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=)
2: iOuqLxdpo932X4c9wx81HvB4rSU.crl (hash: oOc5MAS4CiRQ1zkFLyfTWiR4So9H8janXlVcVP5bsH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:c3:41:1e:6f:c8:81:1e:ce:4a:92:2b:03:37:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Validity
Not Before: Nov 11 10:01:13 2025 GMT
Not After : Nov 12 10:01:13 2025 GMT
Subject: CN=37634b0a5cb02e9c0cf16e89d1aa2a26252d2393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:3f:6d:b8:6c:5a:0c:4c:c7:7d:01:7b:12:
b6:86:9b:be:50:35:13:2e:53:6c:e1:e0:0a:f5:c0:
0a:ff:43:2e:1d:d5:d0:6d:ad:f6:ef:04:b6:9c:8b:
85:fb:23:6b:f8:12:40:2e:d2:79:81:e2:86:1c:3b:
79:ce:52:17:be:6f:f3:9c:0d:c4:05:34:1c:20:bd:
80:01:69:79:8f:f5:6a:01:56:78:1e:3a:ec:27:01:
e4:f3:5c:87:88:2f:00:dd:28:33:33:7e:d1:88:df:
96:2c:98:e9:a7:0c:8b:71:8d:d6:c4:46:42:23:9e:
59:62:c0:e6:5f:88:4f:f5:70:d9:49:df:03:67:0c:
be:7f:38:25:4f:aa:10:79:ee:34:dc:53:40:69:19:
9d:33:03:f7:27:54:f1:ac:cb:e2:59:1b:3a:25:75:
92:78:a4:3b:e0:38:6d:59:b9:8a:99:13:95:e8:69:
c8:22:01:cd:d9:15:99:14:58:fe:56:27:bc:d4:69:
e8:f8:81:39:22:7c:e2:49:33:22:fb:2a:0a:88:dd:
bf:b9:a9:61:2b:87:21:91:6e:e5:88:6c:68:7b:30:
cc:68:b1:30:fd:e1:b3:da:66:e2:8b:4a:5a:d3:a2:
24:8e:e1:5e:77:cb:16:36:c6:ef:44:c4:1f:e6:c4:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:63:4B:0A:5C:B0:2E:9C:0C:F1:6E:89:D1:AA:2A:26:25:2D:23:93
X509v3 Authority Key Identifier:
keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:c3:6b:ae:d7:41:16:4a:7c:3c:33:cc:fb:f9:a1:fc:63:3d:
44:51:29:95:8c:be:78:72:ef:9d:18:6a:93:9a:41:ff:03:ad:
86:bc:8d:8a:cc:97:f2:35:a3:06:c5:e0:a9:f0:ee:60:0a:9c:
4a:e3:14:c4:8d:ae:19:12:0c:56:77:ae:3a:30:9c:e6:2d:c8:
45:9c:60:a7:f8:9b:d9:19:cc:54:8a:95:a0:70:61:14:b8:3c:
ae:92:31:49:c9:05:ec:5b:ff:ff:d1:75:df:78:2a:58:a9:4e:
ff:a9:82:4e:5b:a8:33:c5:ff:2b:56:68:12:fc:1b:ef:33:de:
38:b3:8c:35:a5:7f:ac:81:17:ca:c1:c2:e5:8a:bc:5d:93:78:
dd:9a:83:57:3e:eb:1d:de:10:4d:d9:5c:17:21:2b:5e:07:ab:
57:09:5b:43:4d:56:b0:99:3d:26:0d:26:ed:27:89:85:c3:bf:
8a:45:6f:3d:6e:ed:a7:80:88:a3:67:2d:c4:13:ee:cc:16:20:
dc:6f:80:d1:7b:39:13:4d:a8:ae:ed:dd:e3:80:de:8e:b1:ca:
9e:d2:07:bf:bb:53:e5:17:ca:95:8c:ae:bb:16:fd:7b:1d:5a:
0d:42:74:21:4a:b0:ec:50:48:49:83:4a:c4:ed:70:7a:c1:cc:
7e:13:8b:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMNBHm/IgR7OSpIrAzfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3
OGFkMjUwHhcNMjUxMTExMTAwMTEzWhcNMjUxMTEyMTAwMTEzWjAzMTEwLwYDVQQD
EygzNzYzNGIwYTVjYjAyZTljMGNmMTZlODlkMWFhMmEyNjI1MmQyMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHw/bbhsWgxMx30BexK2hpu+UDUT
LlNs4eAK9cAK/0MuHdXQba327wS2nIuF+yNr+BJALtJ5geKGHDt5zlIXvm/znA3E
BTQcIL2AAWl5j/VqAVZ4HjrsJwHk81yHiC8A3SgzM37RiN+WLJjppwyLcY3WxEZC
I55ZYsDmX4hP9XDZSd8DZwy+fzglT6oQee403FNAaRmdMwP3J1TxrMviWRs6JXWS
eKQ74DhtWbmKmROV6GnIIgHN2RWZFFj+Vie81Gno+IE5InziSTMi+yoKiN2/ualh
K4chkW7liGxoezDMaLEw/eGz2mbii0pa06IkjuFed8sWNsbvRMQf5sTf6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdjSwpcsC6cDPFuidGqKiYlLSOTMB8GA1UdIwQY
MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt
MmJiZjQ2ODg0NTg1LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1
LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMNrrtdB
Fkp8PDPM+/mh/GM9RFEplYy+eHLvnRhqk5pB/wOthryNisyX8jWjBsXgqfDuYAqc
SuMUxI2uGRIMVneuOjCc5i3IRZxgp/ib2RnMVIqVoHBhFLg8rpIxSckF7Fv//9F1
33gqWKlO/6mCTluoM8X/K1ZoEvwb7zPeOLOMNaV/rIEXysHC5Yq8XZN43ZqDVz7r
Hd4QTdlcFyErXgerVwlbQ01WsJk9Jg0m7SeJhcO/ikVvPW7tp4CIo2ctxBPuzBYg
3G+A0Xs5E02oru3d44DejrHKntIHv7tT5RfKlYyuuxb9ex1aDUJ0IUqw7FBISYNK
xO1wesHMfhOLEg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:06 2025 by rpki-client