Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File: I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier: b4PpNNz8Vo6oIQMSpC3h032+JICCOcEzFTpiVYxZMGE=
Subject key identifier: 0E:26:D9:59:6B:7D:69:55:33:6B:71:E4:7F:CE:C6:78:5C:11:53:B2
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer: /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial: 019A722654D4EF1AB9F4FAACC047073B4C92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number: 016D
Signing time: Tue 11 Nov 2025 09:01:45 +0000
Manifest this update: Tue 11 Nov 2025 09:01:45 +0000
Manifest next update: Wed 12 Nov 2025 09:01:45 +0000
Files and hashes: 1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: kfRFwOWXt228wfcSGt9qNNuBxtDOx/5lrQTLNzNxwBc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:54:d4:ef:1a:b9:f4:fa:ac:c0:47:07:3b:4c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Validity
Not Before: Nov 11 09:01:45 2025 GMT
Not After : Nov 12 09:01:45 2025 GMT
Subject: CN=0e26d9596b7d6955336b71e47fcec6785c1153b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b9:31:96:8c:21:48:1c:c5:3a:75:2c:c3:bc:
74:b1:c2:1c:c8:66:16:7b:4a:4a:34:7c:2c:4e:e5:
a9:f1:3d:4b:d9:cd:ce:8b:a6:b1:44:2c:eb:2c:c7:
f2:ef:48:fe:57:ed:f5:46:93:42:c0:10:da:72:a9:
6a:ea:d6:77:e4:b0:0e:d5:ad:4d:59:03:6d:dd:fb:
09:43:d9:06:da:a4:7a:cd:49:15:c1:9e:53:33:9d:
14:54:b1:9e:67:77:85:c3:58:a4:ba:69:5d:08:ac:
ea:6a:ee:bf:a6:72:86:ad:8d:56:25:39:bf:4b:e0:
2c:6f:ad:6a:d8:49:10:82:9d:3d:fa:e5:3b:e8:a5:
02:f5:0a:15:de:5b:12:c6:06:b7:e1:58:c6:aa:17:
c6:c6:dc:68:7a:14:6a:98:96:c6:33:2b:b5:f7:65:
65:99:30:05:81:f3:cd:73:26:01:6d:c7:40:45:3c:
37:5c:9c:e9:45:8d:71:80:ef:37:c2:7c:9c:86:3f:
2e:9f:44:c8:ef:a4:21:0e:97:e8:19:dd:19:b3:b8:
db:7a:f1:4f:50:be:e1:b9:5b:a6:c4:04:6a:52:3a:
20:4c:98:ee:f0:3e:33:b1:4d:56:79:ad:1f:e9:c3:
83:53:05:7b:80:7e:a9:17:30:93:f3:ba:2d:d9:8f:
26:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:26:D9:59:6B:7D:69:55:33:6B:71:E4:7F:CE:C6:78:5C:11:53:B2
X509v3 Authority Key Identifier:
keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:06:0b:7b:57:4d:8d:41:f6:b5:8c:d4:ea:cf:e6:6b:e5:3a:
02:10:37:10:2b:57:02:df:d3:0d:ee:41:1d:1e:a3:cf:b1:fa:
10:15:46:af:a0:ed:dc:53:31:46:40:bc:e3:65:1e:17:a8:f4:
4e:27:93:bf:af:b9:20:e7:37:40:bd:65:92:e3:b9:ba:19:0f:
35:86:12:8d:b8:fb:ce:9d:9b:2b:3e:e6:f2:a3:6c:d1:8a:2a:
79:70:1c:c3:de:7c:f6:15:27:e0:97:1b:35:8e:72:16:01:c8:
3e:cb:de:6a:1f:07:e1:6b:89:5a:a0:ba:c5:19:94:c0:16:78:
ee:a3:a2:34:df:47:c9:73:b3:73:51:ae:61:48:63:7c:d9:d1:
bf:d2:0b:a2:05:00:43:ff:9d:16:43:32:a7:ad:47:68:d0:0a:
be:a6:3f:d5:cc:28:0a:dd:2d:52:13:34:8e:cc:69:03:49:4f:
4c:78:bb:a9:55:0c:54:45:d2:d3:69:10:7b:bf:08:95:d5:73:
35:07:0a:c9:51:63:05:8a:d3:93:53:4e:ac:51:68:ef:0e:90:
fe:e1:ef:f0:8e:b7:16:fa:69:8e:d9:19:b7:7e:52:aa:ea:6e:
0f:15:0d:88:f1:24:ac:bb:37:a1:b1:5f:7c:9d:42:4f:59:7d:
07:28:0c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlTU7xq59PqswEcHO0ySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjUxMTExMDkwMTQ1WhcNMjUxMTEyMDkwMTQ1WjAzMTEwLwYDVQQD
EygwZTI2ZDk1OTZiN2Q2OTU1MzM2YjcxZTQ3ZmNlYzY3ODVjMTE1M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rkxlowhSBzFOnUsw7x0scIcyGYW
e0pKNHwsTuWp8T1L2c3Oi6axRCzrLMfy70j+V+31RpNCwBDacqlq6tZ35LAO1a1N
WQNt3fsJQ9kG2qR6zUkVwZ5TM50UVLGeZ3eFw1ikumldCKzqau6/pnKGrY1WJTm/
S+Asb61q2EkQgp09+uU76KUC9QoV3lsSxga34VjGqhfGxtxoehRqmJbGMyu192Vl
mTAFgfPNcyYBbcdARTw3XJzpRY1xgO83wnychj8un0TI76QhDpfoGd0Zs7jbevFP
UL7huVumxARqUjogTJju8D4zsU1Wea0f6cODUwV7gH6pFzCT87ot2Y8m2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4m2VlrfWlVM2tx5H/OxnhcEVOyMB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwYLe1dN
jUH2tYzU6s/ma+U6AhA3ECtXAt/TDe5BHR6jz7H6EBVGr6Dt3FMxRkC842UeF6j0
TieTv6+5IOc3QL1lkuO5uhkPNYYSjbj7zp2bKz7m8qNs0YoqeXAcw9589hUn4Jcb
NY5yFgHIPsveah8H4WuJWqC6xRmUwBZ47qOiNN9HyXOzc1GuYUhjfNnRv9ILogUA
Q/+dFkMyp61HaNAKvqY/1cwoCt0tUhM0jsxpA0lPTHi7qVUMVEXS02kQe78IldVz
NQcKyVFjBYrTk1NOrFFo7w6Q/uHv8I63FvppjtkZt35SqupuDxUNiPEkrLs3obFf
fJ1CT1l9BygMWg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:18:05 2025 by rpki-client