Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
File: IG0YKjtEp74F0-5w3JCoXVer-40.mft (raw, json)
Hash identifier: ANDd1jIYDLmMDBF8hy0a+zTbu28hikGoA61soIAViX0=
Subject key identifier: 58:A1:2D:D7:39:65:53:1B:B1:0B:5D:DD:F8:7D:D5:F0:FE:AB:0C:68
Authority key identifier: 20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
Certificate issuer: /CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Certificate serial: 019A725C3ACEDB7E7053895BDD5D3C0CAC7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
Manifest number: 1681
Signing time: Tue 11 Nov 2025 10:00:38 +0000
Manifest this update: Tue 11 Nov 2025 10:00:38 +0000
Manifest next update: Wed 12 Nov 2025 10:00:38 +0000
Files and hashes: 1: IG0YKjtEp74F0-5w3JCoXVer-40.crl (hash: kSm5eVdd1GorL3M6nBRuiYCZAE7eAkD5MZkqAY/qEuY=)
2: oL5s4daZ2-CvSDbZedMFWpoaJg4.roa (hash: rBJTh0rRi4HBxgXoejT0Pcmh+tBjyPVq1RYIy0Ljiec=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:3a:ce:db:7e:70:53:89:5b:dd:5d:3c:0c:ac:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Validity
Not Before: Nov 11 10:00:38 2025 GMT
Not After : Nov 12 10:00:38 2025 GMT
Subject: CN=58a12dd73965531bb10b5dddf87dd5f0feab0c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:29:84:30:3b:ab:00:c9:8a:73:af:98:5f:d0:
4a:85:a9:37:3c:cc:51:a5:32:f8:f6:a8:6a:e6:b3:
32:55:e8:be:6f:d8:3d:c7:8b:81:f9:41:a0:fc:d9:
8b:d6:06:3e:c8:05:e9:b5:d8:17:a4:d6:1f:29:c4:
14:f8:89:8f:0e:78:12:03:ac:92:b6:37:ad:e1:56:
db:e1:8d:52:7d:72:f4:0e:e6:90:28:c0:86:7b:9d:
af:59:9c:18:d2:16:79:ce:70:89:6d:bd:11:ef:29:
72:88:d6:29:18:aa:ab:31:81:32:cb:a5:52:09:be:
76:f9:37:83:a3:b0:8d:16:22:90:8c:d6:f5:b6:db:
3a:fc:b1:7d:ca:4d:2e:95:51:c7:5e:bd:83:5d:0b:
a6:ac:46:3d:ad:88:49:e9:9e:f4:27:63:d3:9e:2e:
f8:3b:d5:2a:09:da:3b:f3:08:85:91:48:f7:bd:43:
28:cb:e8:d7:f6:6b:b1:9a:00:0d:87:3e:ad:89:f1:
1f:83:3d:91:ee:a5:d3:4d:d5:37:3e:6f:e8:39:8e:
aa:a3:95:70:2a:3a:d2:b6:48:47:7a:85:f8:c3:9f:
39:ca:ba:b5:26:6a:bd:51:3c:19:b0:53:e9:43:58:
b6:03:92:40:47:80:46:0e:39:3f:9a:41:b8:37:c6:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A1:2D:D7:39:65:53:1B:B1:0B:5D:DD:F8:7D:D5:F0:FE:AB:0C:68
X509v3 Authority Key Identifier:
keyid:20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:b0:22:a9:1a:ac:d5:ca:3d:f9:9f:30:20:4a:23:3a:39:c8:
75:34:c7:65:c8:20:5c:97:c0:0b:87:1b:f3:db:5e:5d:bc:e7:
84:1b:a9:9c:52:c2:8d:b0:fe:9f:20:17:a5:2b:43:ab:53:82:
6a:44:ef:ce:bb:74:29:c0:f5:d0:0a:26:f2:c6:d0:81:56:e4:
e9:86:34:2e:67:44:1e:b4:a0:2b:aa:31:1b:40:bd:4f:9a:c3:
b3:f5:bb:59:d1:da:03:7e:53:c3:67:59:c8:b6:c2:ae:b4:b7:
0b:04:7e:7f:f5:42:5f:e3:fa:96:bf:15:a9:44:41:2a:ec:29:
4e:9e:bc:d6:ec:a3:cc:0e:64:d0:11:bf:b7:51:93:fc:86:d4:
68:5b:cb:5e:c2:31:a4:b1:5b:f9:c7:2c:89:aa:ab:e7:95:65:
a1:99:31:b6:00:8a:24:ee:2c:44:2f:02:90:83:78:eb:01:53:
11:be:92:f1:3f:c4:b4:51:9b:91:2b:13:41:66:14:79:f5:04:
3b:72:77:83:eb:27:1c:64:27:68:6e:4a:b4:38:f8:53:3f:7e:
d8:60:f6:c7:8d:23:eb:39:71:51:e8:78:76:c9:a4:6e:0a:99:
64:81:65:6e:e4:56:3a:e2:79:b9:96:a9:d4:67:53:ed:fe:ab:
2d:73:8e:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXDrO235wU4lb3V08DKx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmQxODJhM2I0NGE3YmUwNWQzZWU3MGRjOTBhODVkNTdh
YmZiOGQwHhcNMjUxMTExMTAwMDM4WhcNMjUxMTEyMTAwMDM4WjAzMTEwLwYDVQQD
Eyg1OGExMmRkNzM5NjU1MzFiYjEwYjVkZGRmODdkZDVmMGZlYWIwYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCmEMDurAMmKc6+YX9BKhak3PMxR
pTL49qhq5rMyVei+b9g9x4uB+UGg/NmL1gY+yAXptdgXpNYfKcQU+ImPDngSA6yS
tjet4Vbb4Y1SfXL0DuaQKMCGe52vWZwY0hZ5znCJbb0R7ylyiNYpGKqrMYEyy6VS
Cb52+TeDo7CNFiKQjNb1tts6/LF9yk0ulVHHXr2DXQumrEY9rYhJ6Z70J2PTni74
O9UqCdo78wiFkUj3vUMoy+jX9muxmgANhz6tifEfgz2R7qXTTdU3Pm/oOY6qo5Vw
KjrStkhHeoX4w585yrq1Jmq9UTwZsFPpQ1i2A5JAR4BGDjk/mkG4N8YKAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFihLdc5ZVMbsQtd3fh91fD+qwxoMB8GA1UdIwQY
MBaAFCBtGCo7RKe+BdPucNyQqF1Xq/uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEt
NjYwNzc4MDk5YjNkLzEvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEtNjYwNzc4MDk5YjNk
LzEvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVrAiqRqs
1co9+Z8wIEojOjnIdTTHZcggXJfAC4cb89teXbznhBupnFLCjbD+nyAXpStDq1OC
akTvzrt0KcD10Aom8sbQgVbk6YY0LmdEHrSgK6oxG0C9T5rDs/W7WdHaA35Tw2dZ
yLbCrrS3CwR+f/VCX+P6lr8VqURBKuwpTp681uyjzA5k0BG/t1GT/IbUaFvLXsIx
pLFb+ccsiaqr55VloZkxtgCKJO4sRC8CkIN46wFTEb6S8T/EtFGbkSsTQWYUefUE
O3J3g+snHGQnaG5KtDj4Uz9+2GD2x40j6zlxUeh4dsmkbgqZZIFlbuRWOuJ5uZap
1GdT7f6rLXOO5w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:17 2025 by rpki-client