Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
File: IQH0Od66_1iAOV148Lv62Mp2CL8.mft (raw, json)
Hash identifier: FEoHklDmqo0leXi4xrDi+edBlVEK8BSXblndDQq6B6Y=
Subject key identifier: 47:C1:6C:98:A9:0E:12:10:2E:C0:EC:1D:6B:16:E5:15:76:9C:BE:92
Authority key identifier: 21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
Certificate issuer: /CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Certificate serial: 019A13F25CB89F08ACFCD661B3BA959856AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
Manifest number: 0DAB
Signing time: Fri 24 Oct 2025 02:00:41 +0000
Manifest this update: Fri 24 Oct 2025 02:00:41 +0000
Manifest next update: Sat 25 Oct 2025 02:00:41 +0000
Files and hashes: 1: IQH0Od66_1iAOV148Lv62Mp2CL8.crl (hash: tw1SbxGDSQieZSJPRgZp95lE4We0nNWi+9mMTjMt4LM=)
2: maYu8dN9neYyc8DtbRu2KTpDdQk.roa (hash: H5U+8VR9PAI4QlkVpTR8DC6LqpMXq6tJVvxgrK/vIPo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:13:f2:5c:b8:9f:08:ac:fc:d6:61:b3:ba:95:98:56:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Validity
Not Before: Oct 24 02:00:41 2025 GMT
Not After : Oct 25 02:00:41 2025 GMT
Subject: CN=47c16c98a90e12102ec0ec1d6b16e515769cbe92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:6b:c6:35:5a:8e:13:b5:76:19:8a:f9:15:
5d:5c:e5:73:c9:14:f4:f7:e8:87:de:45:01:2f:0b:
f3:8c:ae:41:37:1f:93:43:3b:20:ed:3b:21:f0:d8:
89:60:f7:93:67:39:ba:30:7f:e7:6a:9c:de:82:7e:
a9:80:a0:38:53:e4:a0:fd:e1:42:11:a0:ef:88:17:
02:38:11:48:8e:d5:ab:87:76:2b:b0:90:c2:bd:b7:
f2:f7:1a:00:99:d0:d3:ab:c6:e3:1e:c9:a0:ed:01:
3a:9d:8e:e1:15:ab:b7:e4:47:07:c8:91:aa:cc:0b:
bd:9c:c8:fc:71:ae:b9:49:b1:ca:b9:ab:cd:9b:04:
23:76:23:1a:d5:1a:bb:71:d5:df:0f:7d:14:3e:ab:
e1:c6:ae:96:c1:62:37:13:b2:65:24:b1:8b:87:14:
36:9e:86:48:15:ed:33:69:40:31:dc:1d:1e:f0:97:
18:f3:a0:a1:55:c4:10:44:5d:f1:90:c8:5f:6d:d9:
5f:b4:ae:4d:b8:6f:f4:82:f9:39:82:33:6e:9d:f8:
bb:4f:6b:95:e2:77:94:ca:56:de:f8:a3:a5:a4:a0:
36:ba:7e:67:86:7e:af:22:8d:54:19:68:19:03:a7:
e4:38:b7:61:f5:db:f2:a8:5f:11:61:62:d2:8a:a8:
3f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C1:6C:98:A9:0E:12:10:2E:C0:EC:1D:6B:16:E5:15:76:9C:BE:92
X509v3 Authority Key Identifier:
keyid:21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:93:3e:c7:3c:c0:d6:ad:ce:78:87:53:39:d5:fd:67:7f:5f:
b2:41:33:2d:a9:23:d0:af:2f:95:67:2e:3a:b6:9b:62:ef:ef:
48:e1:48:c1:23:00:97:a8:0f:32:13:3d:ee:ff:7d:8e:1a:e8:
db:b7:f4:60:bb:62:15:a4:21:08:3b:d7:34:48:29:4f:ca:56:
40:48:7c:fb:d1:35:d8:3b:d0:fe:7f:b1:cf:86:70:e5:63:9d:
15:ed:ed:13:95:4c:60:67:78:a6:81:00:bd:55:51:ff:1a:a6:
ac:a4:14:49:52:7a:45:30:94:6c:d0:8a:bd:0c:3d:a1:a8:57:
2b:f3:cc:f4:35:4a:32:cd:6d:c2:bc:c7:68:44:f3:ac:ab:5b:
f8:32:66:89:89:c1:b2:23:54:61:16:2a:70:6b:79:65:9f:0b:
ce:33:16:11:62:9b:b6:10:39:a3:d4:6f:c9:9b:e5:6c:2b:3e:
41:59:29:cb:ac:16:04:79:d5:fc:a7:74:43:88:40:92:08:86:
81:da:7e:12:ad:be:65:08:d4:a4:b2:a1:e4:1c:38:b0:81:17:
a1:fa:66:ec:6b:d8:86:76:84:91:ff:e8:4b:60:11:92:60:b9:
57:c7:59:2e:fe:03:67:80:00:e9:b4:fa:4f:e5:4a:66:06:27:
ec:4b:29:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoT8ly4nwis/NZhs7qVmFasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFmNDM5ZGViYWZmNTg4MDM5NWQ3OGYwYmJmYWQ4Y2E3
NjA4YmYwHhcNMjUxMDI0MDIwMDQxWhcNMjUxMDI1MDIwMDQxWjAzMTEwLwYDVQQD
Eyg0N2MxNmM5OGE5MGUxMjEwMmVjMGVjMWQ2YjE2ZTUxNTc2OWNiZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwVrxjVajhO1dhmK+RVdXOVzyRT0
9+iH3kUBLwvzjK5BNx+TQzsg7Tsh8NiJYPeTZzm6MH/napzegn6pgKA4U+Sg/eFC
EaDviBcCOBFIjtWrh3YrsJDCvbfy9xoAmdDTq8bjHsmg7QE6nY7hFau35EcHyJGq
zAu9nMj8ca65SbHKuavNmwQjdiMa1Rq7cdXfD30UPqvhxq6WwWI3E7JlJLGLhxQ2
noZIFe0zaUAx3B0e8JcY86ChVcQQRF3xkMhfbdlftK5NuG/0gvk5gjNunfi7T2uV
4neUylbe+KOlpKA2un5nhn6vIo1UGWgZA6fkOLdh9dvyqF8RYWLSiqg/xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfBbJipDhIQLsDsHWsW5RV2nL6SMB8GA1UdIwQY
MBaAFCEB9Dneuv9YgDldePC7+tjKdgi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgt
ZTNkZWZiN2UyNTE4LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgtZTNkZWZiN2UyNTE4
LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapM+xzzA
1q3OeIdTOdX9Z39fskEzLakj0K8vlWcuOrabYu/vSOFIwSMAl6gPMhM97v99jhro
27f0YLtiFaQhCDvXNEgpT8pWQEh8+9E12DvQ/n+xz4Zw5WOdFe3tE5VMYGd4poEA
vVVR/xqmrKQUSVJ6RTCUbNCKvQw9oahXK/PM9DVKMs1twrzHaETzrKtb+DJmiYnB
siNUYRYqcGt5ZZ8LzjMWEWKbthA5o9RvyZvlbCs+QVkpy6wWBHnV/Kd0Q4hAkgiG
gdp+Eq2+ZQjUpLKh5Bw4sIEXofpm7GvYhnaEkf/oS2ARkmC5V8dZLv4DZ4AA6bT6
T+VKZgYn7Esplw==
-----END CERTIFICATE-----
Generated at Fri Oct 24 11:59:22 2025 by rpki-client