Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: kSRnxMfFxv7Yb4iCXjvkz0+kr5ih80L7yivQTK69sjg=
Subject key identifier: C7:0F:98:BF:4B:52:CE:FA:9F:87:09:36:43:22:09:08:49:D7:1D:7B
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019A72CA59EC757ABB31E6DA09962DAA4CC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 1331
Signing time: Tue 11 Nov 2025 12:00:55 +0000
Manifest this update: Tue 11 Nov 2025 12:00:55 +0000
Manifest next update: Wed 12 Nov 2025 12:00:55 +0000
Files and hashes: 1: JZQSwG4wbJPMZQTbI1xSGViuvto.roa (hash: 7nxSYve4K7+DiIBeaX8vSWVp7u4kFJYyJFHRolTK/UI=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: XRNyHNpa7qvfYK8Q4WT/N9yafXUFZAekXorVKybaoE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:59:ec:75:7a:bb:31:e6:da:09:96:2d:aa:4c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Nov 11 12:00:55 2025 GMT
Not After : Nov 12 12:00:55 2025 GMT
Subject: CN=c70f98bf4b52cefa9f8709364322090849d71d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ae:e2:e1:01:84:3a:6f:48:96:94:ce:b5:0d:
6e:a3:18:8b:49:13:b2:41:c2:82:44:d1:dc:06:5f:
f0:4b:5d:ad:fd:de:b0:04:8e:10:98:fa:64:d6:fb:
36:9b:6c:c8:29:6a:86:b0:bf:94:8a:26:54:80:14:
e1:f3:04:44:96:f8:93:5b:e0:dc:dd:f7:ed:57:07:
e8:cc:f3:9a:f7:9a:a0:33:51:5c:db:3e:c5:fe:d0:
d8:d0:87:3d:03:1d:fb:80:ec:d0:09:73:6e:d3:ab:
d0:ee:17:0d:db:12:8a:1e:8c:5a:59:6a:56:38:e7:
7e:61:c3:13:ec:9e:05:25:26:44:17:96:c3:b0:4e:
1b:d8:52:85:c6:77:35:ff:1f:72:a1:ba:a9:b7:37:
19:9e:10:c3:4c:6d:3a:3c:3b:84:1d:7e:bc:07:52:
27:23:b9:62:06:be:6f:60:ec:fb:45:7e:48:13:38:
80:fc:19:c5:1d:03:25:e6:6f:38:27:5c:67:a7:84:
74:e3:55:59:48:c2:33:0e:d6:a1:9f:cb:24:6d:a7:
0e:d5:95:68:32:7d:cb:f6:1c:38:a8:ad:0b:42:30:
df:b5:3b:86:06:9e:8c:4d:ff:bd:67:da:8f:14:17:
7d:1f:ae:f7:af:15:ec:f1:e1:50:52:75:52:9a:0a:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0F:98:BF:4B:52:CE:FA:9F:87:09:36:43:22:09:08:49:D7:1D:7B
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:5d:a9:53:e9:fe:dd:4d:1e:d4:7e:01:76:83:2c:4c:4a:bf:
df:b1:40:86:0b:96:10:5c:58:9e:9a:d7:74:45:43:74:1a:ac:
a3:c5:a1:b3:c2:c4:64:b4:89:59:d0:6c:a1:e3:9e:fe:cb:f4:
df:85:01:91:3a:25:79:2e:50:48:52:f5:9f:ad:ff:d8:a7:32:
52:ae:05:bd:fd:4e:ca:bc:04:7e:6b:10:0f:24:4c:2f:7e:ee:
5e:1b:a0:1b:56:5b:c4:92:d3:4e:3a:2b:dd:16:20:9e:20:73:
45:00:0e:b3:d2:9e:3c:3c:df:b7:f8:23:fb:f8:e8:68:88:c8:
35:02:4d:c3:0f:ad:52:e3:d4:ab:dc:3e:7c:41:a5:b6:c7:12:
a8:95:bb:f2:05:25:df:8d:a6:69:95:1e:dc:46:bc:28:21:c9:
77:96:3f:ce:a5:2a:55:b2:c8:50:1f:09:e0:a9:38:e3:e8:57:
ed:bf:52:01:fa:94:80:52:77:02:e4:bf:ca:b4:53:39:a4:69:
ac:19:69:ef:e5:20:75:20:be:63:5a:0d:48:96:13:32:68:dd:
1d:fb:89:cc:10:da:86:cb:1b:8a:7a:51:3b:47:22:b4:d5:84:
73:55:00:c9:38:e2:ad:99:19:9d:6c:c0:96:fd:47:9a:b5:20:
72:40:f7:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyylnsdXq7MebaCZYtqkzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjUxMTExMTIwMDU1WhcNMjUxMTEyMTIwMDU1WjAzMTEwLwYDVQQD
EyhjNzBmOThiZjRiNTJjZWZhOWY4NzA5MzY0MzIyMDkwODQ5ZDcxZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK7i4QGEOm9IlpTOtQ1uoxiLSROy
QcKCRNHcBl/wS12t/d6wBI4QmPpk1vs2m2zIKWqGsL+UiiZUgBTh8wRElviTW+Dc
3fftVwfozPOa95qgM1Fc2z7F/tDY0Ic9Ax37gOzQCXNu06vQ7hcN2xKKHoxaWWpW
OOd+YcMT7J4FJSZEF5bDsE4b2FKFxnc1/x9yobqptzcZnhDDTG06PDuEHX68B1In
I7liBr5vYOz7RX5IEziA/BnFHQMl5m84J1xnp4R041VZSMIzDtahn8skbacO1ZVo
Mn3L9hw4qK0LQjDftTuGBp6MTf+9Z9qPFBd9H673rxXs8eFQUnVSmgrgXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcPmL9LUs76n4cJNkMiCQhJ1x17MB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATF2pU+n+
3U0e1H4BdoMsTEq/37FAhguWEFxYnprXdEVDdBqso8Whs8LEZLSJWdBsoeOe/sv0
34UBkToleS5QSFL1n63/2KcyUq4Fvf1OyrwEfmsQDyRML37uXhugG1ZbxJLTTjor
3RYgniBzRQAOs9KePDzft/gj+/joaIjINQJNww+tUuPUq9w+fEGltscSqJW78gUl
342maZUe3Ea8KCHJd5Y/zqUqVbLIUB8J4Kk44+hX7b9SAfqUgFJ3AuS/yrRTOaRp
rBlp7+UgdSC+Y1oNSJYTMmjdHfuJzBDahssbinpRO0citNWEc1UAyTjirZkZnWzA
lv1HmrUgckD3Mw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:05 2025 by rpki-client