Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
File: ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft (raw, json)
Hash identifier: pEHUhiqLY4tW9Q8jFDXMKbFhyBN4vBvOSKRaxz1ktLI=
Subject key identifier: 5A:38:5E:93:A8:DB:EF:35:55:7E:1A:4C:78:D9:CF:24:F3:79:04:4C
Authority key identifier: 8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
Certificate issuer: /CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Certificate serial: 019A725CB8E0D39D996685EFE89E6D730D81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
Manifest number: 0B07
Signing time: Tue 11 Nov 2025 10:01:10 +0000
Manifest this update: Tue 11 Nov 2025 10:01:10 +0000
Manifest next update: Wed 12 Nov 2025 10:01:10 +0000
Files and hashes: 1: RZMmAomJrqs0yCU-Sl6pSFt5lLQ.roa (hash: mHTuz89sEZswLAvVyf4aCavMINMyLcZOi1mRW8tq0vE=)
2: ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl (hash: l63Oq5kzXJS1jiM+kuqvo8kMlTr3QBqlxJQg8er0Cao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:b8:e0:d3:9d:99:66:85:ef:e8:9e:6d:73:0d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Validity
Not Before: Nov 11 10:01:10 2025 GMT
Not After : Nov 12 10:01:10 2025 GMT
Subject: CN=5a385e93a8dbef35557e1a4c78d9cf24f379044c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:62:b5:68:3d:7c:0d:92:8f:09:91:91:6b:0f:
6f:3d:ff:c2:e8:6c:1b:62:b0:5b:06:d7:28:0b:b7:
ef:29:94:31:12:36:f0:c9:ea:34:59:a6:77:29:45:
23:ec:56:c8:5e:1e:13:93:c4:8b:5e:d2:29:cf:5a:
f0:7f:65:be:0b:e5:07:09:55:ec:58:64:98:9d:3f:
81:15:39:f7:02:cb:d2:53:4d:68:a3:7a:37:0f:5b:
54:51:a1:26:7e:dd:f7:ea:58:bc:0d:c4:3a:b2:01:
fe:75:6e:40:fc:b4:75:9c:73:bd:57:51:aa:d8:03:
01:7c:6e:b6:34:0b:19:c1:e0:da:ee:91:8f:12:04:
ae:14:cd:e6:23:2d:79:66:71:8c:54:e4:e2:98:6e:
63:fd:2c:1f:f0:8d:8a:15:36:43:ba:e2:b2:e7:f3:
6a:d5:1c:4a:2a:e5:f0:44:3a:c7:1c:bb:32:2e:97:
f0:e2:51:09:23:47:0f:f9:69:90:77:b9:98:a1:05:
6c:83:48:16:1a:8c:e2:fa:15:29:27:04:d4:55:57:
7a:79:67:a5:a7:f0:ae:ea:e5:20:b0:26:f6:4d:13:
97:08:42:09:a3:82:fd:a0:9e:04:2e:36:17:70:6d:
d1:3c:a9:7e:39:40:b2:f6:d5:b8:bb:50:6b:76:7d:
42:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:38:5E:93:A8:DB:EF:35:55:7E:1A:4C:78:D9:CF:24:F3:79:04:4C
X509v3 Authority Key Identifier:
keyid:8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:a7:0d:f6:96:00:c1:64:bd:88:b1:e3:19:bc:be:23:4d:87:
87:bf:8c:2d:6e:89:7f:cc:db:0e:86:7a:87:5f:f3:a9:dc:28:
88:ff:e0:67:f1:7c:53:3c:ad:09:da:43:41:c5:e3:62:fe:31:
d5:b3:b0:2a:d4:20:da:6e:d2:f4:c0:8e:d7:dd:96:32:a3:4b:
1d:3c:8f:8f:4c:fc:47:c1:2f:53:08:7b:2c:83:75:b8:05:d2:
7d:32:b1:99:89:f1:90:02:22:bd:b6:20:a0:5d:ab:33:cb:84:
88:22:26:43:40:16:1a:fa:59:6f:f1:4f:01:51:8c:c8:11:1f:
cc:3f:c4:e1:fb:8b:a6:2d:d3:ee:fa:06:46:e2:8c:5a:f3:64:
01:36:96:09:29:b0:dc:cc:c5:1f:b0:f4:c0:8e:9c:d7:1f:8c:
bd:06:91:28:56:5a:cb:e7:4b:26:f1:2f:8c:49:a0:9c:f4:b7:
f1:6b:aa:74:41:5b:87:ac:1e:be:5f:40:fb:4a:0f:1b:a6:0d:
bf:cb:6d:da:d5:6c:04:cd:bb:dc:23:b2:06:91:e6:5a:b7:0b:
08:7e:be:bd:79:82:a1:18:66:79:c7:08:83:ee:d4:f8:a9:5d:
7a:91:90:9c:1f:44:bf:94:39:d6:d5:9b:ba:18:54:04:c9:e7:
6f:77:c9:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLjg052ZZoXv6J5tcw2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjdmMzJkMzNmNjY0Njc3OWE1MWZiMjMyMDFjNjQ0MmQx
NDUxY2EwHhcNMjUxMTExMTAwMTEwWhcNMjUxMTEyMTAwMTEwWjAzMTEwLwYDVQQD
Eyg1YTM4NWU5M2E4ZGJlZjM1NTU3ZTFhNGM3OGQ5Y2YyNGYzNzkwNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2K1aD18DZKPCZGRaw9vPf/C6Gwb
YrBbBtcoC7fvKZQxEjbwyeo0WaZ3KUUj7FbIXh4Tk8SLXtIpz1rwf2W+C+UHCVXs
WGSYnT+BFTn3AsvSU01oo3o3D1tUUaEmft336li8DcQ6sgH+dW5A/LR1nHO9V1Gq
2AMBfG62NAsZweDa7pGPEgSuFM3mIy15ZnGMVOTimG5j/Swf8I2KFTZDuuKy5/Nq
1RxKKuXwRDrHHLsyLpfw4lEJI0cP+WmQd7mYoQVsg0gWGozi+hUpJwTUVVd6eWel
p/Cu6uUgsCb2TROXCEIJo4L9oJ4ELjYXcG3RPKl+OUCy9tW4u1Brdn1CcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFo4XpOo2+81VX4aTHjZzyTzeQRMMB8GA1UdIwQY
MBaAFIr38y0z9mRneaUfsjIBxkQtFFHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMt
NWI3MmZiOTI3ZDFjLzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMtNWI3MmZiOTI3ZDFj
LzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD6cN9pYA
wWS9iLHjGby+I02Hh7+MLW6Jf8zbDoZ6h1/zqdwoiP/gZ/F8UzytCdpDQcXjYv4x
1bOwKtQg2m7S9MCO192WMqNLHTyPj0z8R8EvUwh7LIN1uAXSfTKxmYnxkAIivbYg
oF2rM8uEiCImQ0AWGvpZb/FPAVGMyBEfzD/E4fuLpi3T7voGRuKMWvNkATaWCSmw
3MzFH7D0wI6c1x+MvQaRKFZay+dLJvEvjEmgnPS38WuqdEFbh6wevl9A+0oPG6YN
v8tt2tVsBM273COyBpHmWrcLCH6+vXmCoRhmeccIg+7U+KldepGQnB9Ev5Q51tWb
uhhUBMnnb3fJnw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:42:51 2025 by rpki-client