Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.mft
File: iPQfqz5j6vW98HFm31qmgWLq16Y.mft (raw, json)
Hash identifier: 9QNTGmaQfmmPNibfQ4q0S3xSoI7sGlgVI3oexS8Uax4=
Subject key identifier: D2:33:BE:EF:04:13:D8:1B:4A:54:BD:64:FB:A7:92:C4:CE:0D:EE:11
Authority key identifier: 88:F4:1F:AB:3E:63:EA:F5:BD:F0:71:66:DF:5A:A6:81:62:EA:D7:A6
Certificate issuer: /CN=88f41fab3e63eaf5bdf07166df5aa68162ead7a6
Certificate serial: 019A725C8887F41DB9E4E2F161667CF1BA98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 10:00:58 +0000
Manifest this update: Tue 11 Nov 2025 10:00:58 +0000
Manifest next update: Wed 12 Nov 2025 10:00:58 +0000
Files and hashes: 1: iPQfqz5j6vW98HFm31qmgWLq16Y.crl (hash: s/c0g7SrpMNUUL7S6uRbeA2jlW9Y7A2MCFwihgNwDB0=)
2: uNj0vhcUK_UhfSxrxVZLYp2n6nk.roa (hash: xTRc4Rd4GJsupl0R/CzG6nNJAwdCcx0IPu8T4AbYP1I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:88:87:f4:1d:b9:e4:e2:f1:61:66:7c:f1:ba:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f41fab3e63eaf5bdf07166df5aa68162ead7a6
Validity
Not Before: Nov 11 10:00:58 2025 GMT
Not After : Nov 12 10:00:58 2025 GMT
Subject: CN=d233beef0413d81b4a54bd64fba792c4ce0dee11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:51:e2:3e:58:d8:7c:31:c7:31:93:d2:22:7d:
5d:29:d2:d1:e1:46:21:6a:1c:1a:69:63:70:a5:74:
8c:56:99:4b:b3:66:f7:5d:b0:26:c0:62:81:42:a6:
07:a1:27:f7:ed:06:10:48:d4:e0:95:29:bc:4c:64:
4b:8c:d5:87:96:00:85:c3:e0:49:44:6b:a9:cd:8a:
1d:95:55:e4:bd:e2:d7:0e:23:f8:b0:74:32:6a:91:
cc:a4:28:a6:71:77:46:33:d7:5d:f2:bd:d5:cc:e0:
29:ac:1c:88:51:f8:03:75:ff:51:4a:39:f7:a6:fb:
92:a8:06:01:5e:ef:0d:bb:86:92:3b:14:08:f6:c0:
5b:3b:62:2e:f0:00:4a:d0:63:fb:07:fa:96:6c:f2:
25:f0:98:89:8f:00:6d:11:80:7b:5f:db:dd:8a:e5:
5a:0e:e6:9a:7a:eb:44:39:0d:22:66:b8:0d:10:40:
5e:6c:85:51:d7:c5:43:66:29:53:c5:16:22:52:4e:
fc:3d:af:1d:dd:cf:94:e9:77:5d:06:46:61:c3:6d:
5e:f8:a0:39:9b:c2:8d:96:e4:3a:10:77:12:96:a2:
88:de:2d:1c:2f:de:eb:91:2f:e4:ac:d0:d6:09:02:
0d:86:e3:3c:3f:1a:e9:d5:40:e2:7f:5a:30:da:25:
be:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:33:BE:EF:04:13:D8:1B:4A:54:BD:64:FB:A7:92:C4:CE:0D:EE:11
X509v3 Authority Key Identifier:
keyid:88:F4:1F:AB:3E:63:EA:F5:BD:F0:71:66:DF:5A:A6:81:62:EA:D7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:1e:27:d8:4b:da:55:84:2d:c6:c7:25:88:57:5c:65:a9:33:
ec:7d:8b:54:61:2b:d8:a9:e7:d2:ae:c4:f4:86:12:26:ca:57:
74:bc:e6:9d:6e:b9:17:65:77:45:59:9c:6f:2e:cb:5e:39:8a:
63:a1:b4:f7:b4:68:6d:98:9b:86:e7:40:eb:74:cb:a9:b3:96:
98:93:71:02:cd:94:d8:38:10:26:26:ed:69:c7:81:20:7e:5f:
dd:a2:25:11:f3:1a:bc:f0:8e:2c:79:76:37:8d:4c:53:eb:d4:
f7:4e:d9:c5:73:0b:42:0f:77:f6:a2:03:9f:e7:2d:15:1d:1a:
8d:05:0f:d7:36:6a:ec:71:94:b0:68:e5:8f:9d:9e:77:65:21:
67:95:90:ff:a3:61:6e:49:02:a3:df:46:d0:88:44:79:b1:88:
2e:92:63:dd:bc:1e:f8:82:61:86:32:65:ab:ba:a5:23:ee:67:
90:e9:e3:f2:9b:ee:ad:df:4e:8e:90:b8:a2:f8:ff:f3:5a:46:
86:a6:fc:78:1c:d9:2e:e9:e7:e1:68:c5:83:d3:7a:e9:9a:69:
c0:f5:d3:9c:a3:07:3a:ba:4e:95:82:94:03:3a:67:d6:bd:21:
75:dd:d4:f0:63:80:44:81:4c:e5:9f:d9:c8:37:6a:15:9f:f6:
94:03:8e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIiH9B255OLxYWZ88bqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZjQxZmFiM2U2M2VhZjViZGYwNzE2NmRmNWFhNjgxNjJl
YWQ3YTYwHhcNMjUxMTExMTAwMDU4WhcNMjUxMTEyMTAwMDU4WjAzMTEwLwYDVQQD
EyhkMjMzYmVlZjA0MTNkODFiNGE1NGJkNjRmYmE3OTJjNGNlMGRlZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1HiPljYfDHHMZPSIn1dKdLR4UYh
ahwaaWNwpXSMVplLs2b3XbAmwGKBQqYHoSf37QYQSNTglSm8TGRLjNWHlgCFw+BJ
RGupzYodlVXkveLXDiP4sHQyapHMpCimcXdGM9dd8r3VzOAprByIUfgDdf9RSjn3
pvuSqAYBXu8Nu4aSOxQI9sBbO2Iu8ABK0GP7B/qWbPIl8JiJjwBtEYB7X9vdiuVa
DuaaeutEOQ0iZrgNEEBebIVR18VDZilTxRYiUk78Pa8d3c+U6XddBkZhw21e+KA5
m8KNluQ6EHcSlqKI3i0cL97rkS/krNDWCQINhuM8Pxrp1UDif1ow2iW+6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIzvu8EE9gbSlS9ZPunksTODe4RMB8GA1UdIwQY
MBaAFIj0H6s+Y+r1vfBxZt9apoFi6temMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBRZnF6NWo2dlc5OEhGbTMxcW1nV0xxMTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDZkOGItYzc1OC00YjkzLWI5ZjMt
ODk3Y2I2YTQzMGQ3LzEvaVBRZnF6NWo2dlc5OEhGbTMxcW1nV0xxMTZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDZkOGItYzc1OC00YjkzLWI5ZjMtODk3Y2I2YTQzMGQ3
LzEvaVBRZnF6NWo2dlc5OEhGbTMxcW1nV0xxMTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJB4n2Eva
VYQtxscliFdcZakz7H2LVGEr2Knn0q7E9IYSJspXdLzmnW65F2V3RVmcby7LXjmK
Y6G097RobZibhudA63TLqbOWmJNxAs2U2DgQJibtaceBIH5f3aIlEfMavPCOLHl2
N41MU+vU907ZxXMLQg939qIDn+ctFR0ajQUP1zZq7HGUsGjlj52ed2UhZ5WQ/6Nh
bkkCo99G0IhEebGILpJj3bwe+IJhhjJlq7qlI+5nkOnj8pvurd9OjpC4ovj/81pG
hqb8eBzZLunn4WjFg9N66ZppwPXTnKMHOrpOlYKUAzpn1r0hdd3U8GOARIFM5Z/Z
yDdqFZ/2lAOOaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:30 2025 by rpki-client