Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
File: I--d4hUq7xsqYqMfsvNehZCzrYQ.mft (raw, json)
Hash identifier: gu/Ez2U9UWwuHXeqfdDEH1qDgIz8MiWYdbW5TtH2yao=
Subject key identifier: AA:88:63:92:92:D7:E8:F0:33:2B:BD:63:37:C1:EE:14:F4:99:EF:D4
Authority key identifier: 23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84
Certificate issuer: /CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
Certificate serial: 019A70DC3B408B435B8901E716795C57E697
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
Manifest number: 076F
Signing time: Tue 11 Nov 2025 03:01:12 +0000
Manifest this update: Tue 11 Nov 2025 03:01:12 +0000
Manifest next update: Wed 12 Nov 2025 03:01:12 +0000
Files and hashes: 1: H78piGDM9XMhN9ttfDQLjflrGw0.roa (hash: A/U1yMrz8Q8LYte4PciQEyU7L3zVOHn5gKWczBZWelo=)
2: I--d4hUq7xsqYqMfsvNehZCzrYQ.crl (hash: xYeEzi3u7R1IxqAacihNxx9zoOZ+EYgHbRjr//vQxak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:3b:40:8b:43:5b:89:01:e7:16:79:5c:57:e6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
Validity
Not Before: Nov 11 03:01:12 2025 GMT
Not After : Nov 12 03:01:12 2025 GMT
Subject: CN=aa88639292d7e8f0332bbd6337c1ee14f499efd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:09:ca:1f:9c:fc:ff:d9:27:36:ce:29:5f:
64:9c:eb:f9:ae:83:d0:21:34:59:a4:3d:4a:fb:ea:
21:0a:56:5c:2c:45:48:aa:84:55:8a:dc:7c:9a:00:
8c:9a:ca:a1:86:39:04:95:e1:f5:fe:1c:79:1b:0b:
50:cc:cc:f2:6b:2f:6e:5c:c5:ab:35:69:f8:20:fc:
2a:e3:1e:9e:3f:67:dc:74:5c:13:66:90:85:3d:cb:
de:86:9a:c4:49:38:6d:13:b6:46:18:5f:f8:cb:10:
65:00:ec:70:f7:3a:f2:c1:8a:4b:64:a4:53:10:16:
29:b1:16:63:3e:fe:8e:13:60:0b:40:06:77:f0:0d:
62:8b:98:a8:64:f1:45:60:c1:8d:1b:4b:aa:36:bd:
32:f6:68:26:8c:29:d8:c0:a2:89:a4:b6:8c:c5:29:
ea:63:19:e4:bc:9d:e7:99:06:b1:a8:86:ca:69:f5:
9c:7d:91:1b:4c:ba:b1:65:88:b7:63:84:d8:b7:40:
61:7c:8e:cc:41:82:9f:18:64:34:ec:33:ee:f6:ce:
46:1f:28:1a:3d:8d:4b:b0:3f:43:e0:ef:25:0a:e0:
fa:b6:07:72:c9:38:43:4c:5e:4d:fd:6e:0a:bc:eb:
8d:ad:32:a8:19:dd:80:a8:23:4d:38:65:ec:37:43:
df:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:88:63:92:92:D7:E8:F0:33:2B:BD:63:37:C1:EE:14:F4:99:EF:D4
X509v3 Authority Key Identifier:
keyid:23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:52:ee:70:0c:38:fe:1f:19:34:b6:79:81:58:0f:cd:01:fd:
a7:5f:4a:8c:cf:a2:eb:58:5b:7f:d6:75:82:cc:f5:2c:7d:30:
43:02:5a:52:83:7f:cb:85:c6:98:0f:0c:b4:30:6c:3c:36:1e:
e4:ca:b6:ea:f9:b0:d9:4e:3c:48:48:4f:0d:12:f5:a4:6c:9f:
0c:bd:3c:1c:16:61:1b:b7:fd:37:ff:ca:90:26:53:be:a6:b9:
af:e7:a9:ae:1f:ed:92:10:26:69:0d:8b:ac:c2:72:d5:8d:1a:
e1:bc:a1:0e:7c:18:69:e1:e7:6f:38:69:51:8b:9e:79:7f:ff:
f6:05:3e:42:c9:9d:cd:ec:ca:7b:e8:0b:8b:71:34:c6:96:ca:
ff:a3:f9:a7:0f:4c:53:5f:2d:a0:57:55:bd:67:ec:d5:4f:9c:
37:28:e4:bd:4f:7e:af:75:83:46:9a:3e:52:8e:20:7c:82:d9:
89:b1:4e:cf:c0:e1:4c:cb:e9:ea:85:69:81:5f:1e:94:59:47:
73:88:bc:f3:5e:81:ba:16:f5:2b:53:79:81:57:c0:14:f4:82:
f2:1f:61:3a:54:4e:2a:87:21:cc:2e:45:7a:7c:42:db:54:2d:
68:fb:56:08:c9:2c:73:0e:ee:50:f2:90:41:b1:70:de:3d:a3:
d2:16:06:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3DtAi0NbiQHnFnlcV+aXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZWY5ZGUyMTUyYWVmMWIyYTYyYTMxZmIyZjM1ZTg1OTBi
M2FkODQwHhcNMjUxMTExMDMwMTEyWhcNMjUxMTEyMDMwMTEyWjAzMTEwLwYDVQQD
EyhhYTg4NjM5MjkyZDdlOGYwMzMyYmJkNjMzN2MxZWUxNGY0OTllZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp0Jyh+c/P/ZJzbOKV9knOv5roPQ
ITRZpD1K++ohClZcLEVIqoRVitx8mgCMmsqhhjkEleH1/hx5GwtQzMzyay9uXMWr
NWn4IPwq4x6eP2fcdFwTZpCFPcvehprESThtE7ZGGF/4yxBlAOxw9zrywYpLZKRT
EBYpsRZjPv6OE2ALQAZ38A1ii5ioZPFFYMGNG0uqNr0y9mgmjCnYwKKJpLaMxSnq
YxnkvJ3nmQaxqIbKafWcfZEbTLqxZYi3Y4TYt0BhfI7MQYKfGGQ07DPu9s5GHyga
PY1LsD9D4O8lCuD6tgdyyThDTF5N/W4KvOuNrTKoGd2AqCNNOGXsN0PfKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqIY5KS1+jwMyu9YzfB7hT0me/UMB8GA1UdIwQY
MBaAFCPvneIVKu8bKmKjH7LzXoWQs62EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2Yt
M2JjNmViMGEzNDdmLzEvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2YtM2JjNmViMGEzNDdm
LzEvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp1LucAw4
/h8ZNLZ5gVgPzQH9p19KjM+i61hbf9Z1gsz1LH0wQwJaUoN/y4XGmA8MtDBsPDYe
5Mq26vmw2U48SEhPDRL1pGyfDL08HBZhG7f9N//KkCZTvqa5r+eprh/tkhAmaQ2L
rMJy1Y0a4byhDnwYaeHnbzhpUYueeX//9gU+QsmdzezKe+gLi3E0xpbK/6P5pw9M
U18toFdVvWfs1U+cNyjkvU9+r3WDRpo+Uo4gfILZibFOz8DhTMvp6oVpgV8elFlH
c4i8816Buhb1K1N5gVfAFPSC8h9hOlROKochzC5FenxC21QtaPtWCMkscw7uUPKQ
QbFw3j2j0hYGWg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:51 2025 by rpki-client