Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: etFBdxduvkZn3kzsDXTFyp10XKC0kQdTzQtGaXIVHNE=
Subject key identifier: 85:E1:EB:C1:8A:5A:3F:EC:B3:DA:8A:A8:26:A3:5C:B5:0C:9E:B0:24
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 01993612E04E9CE6B9DC7E08A968C03ACE54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 13C1
Signing time: Thu 11 Sep 2025 00:00:30 +0000
Manifest this update: Thu 11 Sep 2025 00:00:30 +0000
Manifest next update: Fri 12 Sep 2025 00:00:30 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: E9hK59M1B/e9KEHZ8kFmM7hgOP3Xcz4Q0JEhjkBjb2o=)
2: MWwIJyVW-xGM8HHmiPSGu90ysVM.roa (hash: 9euJkhmoCQb1LOfkGIPpqowd4pomSIjB0l7bFL7u4Yg=)
3: PiMCmpetvGyOad9hAP8fiU1Qa8U.roa (hash: W2k0p2aLpcmF1pGu+mKgyVPY0tAWg3LNT6+Z7BuBqqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 00:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:12:e0:4e:9c:e6:b9:dc:7e:08:a9:68:c0:3a:ce:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Sep 11 00:00:30 2025 GMT
Not After : Sep 12 00:00:30 2025 GMT
Subject: CN=85e1ebc18a5a3fecb3da8aa826a35cb50c9eb024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ae:33:9f:43:7c:10:53:c1:5e:f3:c3:81:0f:
8d:23:88:25:d4:12:ea:7f:de:ad:36:25:e0:b5:fb:
b4:a1:a4:d7:21:b5:c2:7b:b5:1e:19:42:88:fd:1f:
ae:b8:8b:31:5b:6d:d6:36:a2:c0:ed:dd:16:da:16:
f9:7b:5d:34:02:bf:eb:7b:0c:b3:b5:81:80:2e:b2:
1b:0d:2c:65:d2:68:bf:d3:85:5a:44:e9:c2:4b:14:
6c:57:77:8d:58:1b:e4:9c:b2:d7:8e:8d:ae:ca:50:
4f:2d:8a:2f:45:01:76:e8:a0:b5:bd:8f:30:38:bb:
f9:e6:f3:d7:f0:90:17:f0:03:20:ce:91:88:f7:60:
2a:89:66:68:3d:ef:24:69:75:32:b3:55:db:d2:b4:
43:44:07:ff:91:88:b0:f6:ca:96:89:7f:d6:c8:6e:
1f:78:f0:00:30:08:29:5f:e4:25:f7:b2:79:3b:65:
32:1b:f5:92:ed:d4:e7:a3:79:a6:5a:c5:b4:0c:5b:
6e:08:95:da:10:b8:1a:ce:83:b6:44:bd:fa:1f:3e:
60:65:2f:b4:f4:0e:fe:d9:57:66:0f:48:f0:fa:ca:
eb:68:21:24:44:71:f0:40:75:2c:3a:92:4b:5a:db:
2f:af:c9:87:ab:8c:02:c7:25:96:e1:f5:24:c9:1a:
b5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:EB:C1:8A:5A:3F:EC:B3:DA:8A:A8:26:A3:5C:B5:0C:9E:B0:24
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:82:e0:d9:a5:84:66:2b:5a:40:54:2e:a1:73:de:32:ad:78:
81:46:86:98:5b:eb:c0:73:48:8b:ed:3e:ff:9e:9e:b4:c0:c5:
93:5b:61:fa:c7:61:82:40:92:6f:20:c3:09:13:54:ed:21:a6:
0e:24:4d:f2:78:10:b4:47:c3:5d:3d:28:ba:94:35:6d:1d:37:
1e:49:3e:0d:3f:51:a1:60:e4:4e:15:e8:69:b9:84:f5:b0:6d:
f3:c8:5e:c3:e4:4e:59:7b:7e:4e:8e:0b:32:4a:cc:ad:4c:49:
cb:a8:a3:95:03:87:05:6e:f0:8b:28:a8:05:8b:bf:2f:01:aa:
ce:da:a9:56:c4:c3:be:5e:31:89:93:67:39:33:8f:8e:65:e0:
d4:4a:7d:36:ad:82:97:f5:b0:3d:af:ab:09:13:bd:ec:42:24:
a4:a0:6d:4a:86:10:5e:5b:11:3a:65:15:73:9a:03:ab:c5:18:
47:fa:35:35:ff:1d:a2:0a:97:83:e3:49:b4:0e:ef:53:96:91:
5f:ad:49:9c:56:1b:59:c0:0a:38:97:68:07:e0:70:31:0b:8c:
fd:62:04:65:ce:55:19:48:ba:64:0e:ac:73:cb:91:9c:c0:26:
2a:f4:e0:0b:67:79:a2:2f:6e:ce:0c:57:56:db:6a:97:a4:0c:
a0:5d:30:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk2EuBOnOa53H4IqWjAOs5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjUwOTExMDAwMDMwWhcNMjUwOTEyMDAwMDMwWjAzMTEwLwYDVQQD
Eyg4NWUxZWJjMThhNWEzZmVjYjNkYThhYTgyNmEzNWNiNTBjOWViMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3a4zn0N8EFPBXvPDgQ+NI4gl1BLq
f96tNiXgtfu0oaTXIbXCe7UeGUKI/R+uuIsxW23WNqLA7d0W2hb5e100Ar/rewyz
tYGALrIbDSxl0mi/04VaROnCSxRsV3eNWBvknLLXjo2uylBPLYovRQF26KC1vY8w
OLv55vPX8JAX8AMgzpGI92AqiWZoPe8kaXUys1Xb0rRDRAf/kYiw9sqWiX/WyG4f
ePAAMAgpX+Ql97J5O2UyG/WS7dTno3mmWsW0DFtuCJXaELgazoO2RL36Hz5gZS+0
9A7+2VdmD0jw+srraCEkRHHwQHUsOpJLWtsvr8mHq4wCxyWW4fUkyRq1MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXh68GKWj/ss9qKqCajXLUMnrAkMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM4Lg2aWE
ZitaQFQuoXPeMq14gUaGmFvrwHNIi+0+/56etMDFk1th+sdhgkCSbyDDCRNU7SGm
DiRN8ngQtEfDXT0oupQ1bR03Hkk+DT9RoWDkThXoabmE9bBt88hew+ROWXt+To4L
MkrMrUxJy6ijlQOHBW7wiyioBYu/LwGqztqpVsTDvl4xiZNnOTOPjmXg1Ep9Nq2C
l/WwPa+rCRO97EIkpKBtSoYQXlsROmUVc5oDq8UYR/o1Nf8dogqXg+NJtA7vU5aR
X61JnFYbWcAKOJdoB+BwMQuM/WIEZc5VGUi6ZA6sc8uRnMAmKvTgC2d5oi9uzgxX
Vttql6QMoF0w0Q==
-----END CERTIFICATE-----
Generated at Thu Sep 11 08:59:13 2025 by rpki-client