Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
File: iydIPcFsMY5a__gyKTDIF_0ZLJE.mft (raw, json)
Hash identifier: 4IbFYwlBqmgJzV/7HKTKlfG4HDOEcnSA91BvuwZfeV8=
Subject key identifier: 15:9D:32:B2:C8:D1:E6:8F:C7:46:9D:0D:FA:D5:89:EF:20:3C:6B:6D
Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91
Certificate serial: 019A7293618D4C61292F48CDA31F559300A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
Manifest number: 0A7F
Signing time: Tue 11 Nov 2025 11:00:52 +0000
Manifest this update: Tue 11 Nov 2025 11:00:52 +0000
Manifest next update: Wed 12 Nov 2025 11:00:52 +0000
Files and hashes: 1: WG1KTWwRB1pYbj2P1y-YbJWElMQ.roa (hash: /RcbZ2ujStzbSPjPDGEz6Qg57WsDieIVmjOcowRraSQ=)
2: iydIPcFsMY5a__gyKTDIF_0ZLJE.crl (hash: C7/MQqIyIW7Z57Dy3HUBeK5YeWeSOjdjR8g0iZ8yXrg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:61:8d:4c:61:29:2f:48:cd:a3:1f:55:93:00:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91
Validity
Not Before: Nov 11 11:00:52 2025 GMT
Not After : Nov 12 11:00:52 2025 GMT
Subject: CN=159d32b2c8d1e68fc7469d0dfad589ef203c6b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:15:7f:22:47:ab:b1:67:2a:1d:92:ee:54:60:
0d:f6:2a:40:5a:91:3c:c5:74:71:75:15:c8:1d:b7:
fc:f0:f7:63:fc:ce:ad:c4:1b:8c:f9:a2:80:96:04:
8e:92:24:d5:8f:5f:bc:3e:11:3f:da:a3:36:7a:99:
78:a6:0f:40:66:ca:b9:92:b9:6d:60:26:9c:90:68:
bc:54:ce:e9:73:06:ea:aa:6b:0e:8f:32:c4:1e:93:
39:b7:39:d4:ab:b5:20:49:64:aa:54:cb:0f:63:47:
d9:bc:f6:a6:09:35:fd:f0:b1:f0:35:52:f8:8d:f5:
60:dd:67:9d:53:7a:85:7b:44:9e:0f:59:73:5e:4d:
50:73:f2:ad:35:6e:de:d3:ab:ff:1d:db:77:fa:43:
40:ba:a1:e2:8d:18:2d:b6:b7:d2:ed:00:61:c9:08:
51:5e:e9:da:3a:4e:09:67:83:d5:a6:67:53:bf:8c:
ac:a3:17:74:73:73:00:96:52:a9:07:36:63:8a:75:
0d:9b:e9:ad:ad:79:0a:36:7d:be:72:f1:e5:83:7b:
de:18:c7:24:33:5f:5d:83:28:a5:32:d0:62:22:aa:
d5:47:1c:26:e8:f7:19:8b:ee:f6:ea:ed:f7:63:d7:
4f:b2:48:27:7c:e6:27:56:48:b1:3b:f7:a9:45:3c:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9D:32:B2:C8:D1:E6:8F:C7:46:9D:0D:FA:D5:89:EF:20:3C:6B:6D
X509v3 Authority Key Identifier:
keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:e7:a8:d1:06:94:71:b9:0f:3b:d1:db:88:2c:4c:28:6d:57:
d2:6c:90:12:f4:d9:16:a3:67:af:de:bd:61:e5:c9:c0:76:05:
ed:65:6e:68:ff:82:ab:ba:3b:a7:1e:0b:36:eb:0f:c2:62:15:
32:9b:ce:55:74:d8:21:bd:e2:54:34:29:c5:82:e6:54:e9:2c:
a7:3e:ca:2c:bc:51:61:05:4f:69:09:d0:0b:70:b8:8f:5e:f1:
b1:ed:79:3e:fb:ef:d1:31:f5:4d:14:f5:da:14:25:32:18:d7:
fb:46:38:57:a9:86:fe:27:e0:9b:c8:4f:60:43:cf:70:81:a8:
b1:d9:1c:db:74:54:d0:c8:c4:ac:81:82:f0:b9:4a:a4:6b:06:
cb:f2:bf:ee:8f:6b:cf:95:e6:a6:df:b2:75:a2:4d:9e:5b:9a:
a5:01:d6:86:df:62:77:fd:48:dc:76:7d:b8:92:a2:8c:2e:fd:
cd:8b:a7:8f:70:3f:64:c1:0f:22:0a:ea:d8:8f:ee:cb:28:27:
d4:15:d5:5f:fb:db:3e:26:b3:ba:f3:d1:ef:18:5a:5c:43:3c:
fb:86:13:d6:c8:16:a5:a8:12:68:90:20:10:76:24:3e:a5:68:
54:82:42:c1:3c:75:d9:44:bd:65:85:2c:db:81:d2:f0:4c:cc:
fa:14:c8:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk2GNTGEpL0jNox9VkwCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx
OTJjOTEwHhcNMjUxMTExMTEwMDUyWhcNMjUxMTEyMTEwMDUyWjAzMTEwLwYDVQQD
EygxNTlkMzJiMmM4ZDFlNjhmYzc0NjlkMGRmYWQ1ODllZjIwM2M2YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hV/IkersWcqHZLuVGAN9ipAWpE8
xXRxdRXIHbf88Pdj/M6txBuM+aKAlgSOkiTVj1+8PhE/2qM2epl4pg9AZsq5krlt
YCackGi8VM7pcwbqqmsOjzLEHpM5tznUq7UgSWSqVMsPY0fZvPamCTX98LHwNVL4
jfVg3WedU3qFe0SeD1lzXk1Qc/KtNW7e06v/Hdt3+kNAuqHijRgttrfS7QBhyQhR
XunaOk4JZ4PVpmdTv4ysoxd0c3MAllKpBzZjinUNm+mtrXkKNn2+cvHlg3veGMck
M19dgyilMtBiIqrVRxwm6PcZi+726u33Y9dPskgnfOYnVkixO/epRTxF7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWdMrLI0eaPx0adDfrVie8gPGttMB8GA1UdIwQY
MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct
ZmI4OTNlMzkwOGQyLzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy
LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPeeo0QaU
cbkPO9HbiCxMKG1X0myQEvTZFqNnr969YeXJwHYF7WVuaP+Cq7o7px4LNusPwmIV
MpvOVXTYIb3iVDQpxYLmVOkspz7KLLxRYQVPaQnQC3C4j17xse15Pvvv0TH1TRT1
2hQlMhjX+0Y4V6mG/ifgm8hPYEPPcIGosdkc23RU0MjErIGC8LlKpGsGy/K/7o9r
z5Xmpt+ydaJNnluapQHWht9id/1I3HZ9uJKijC79zYunj3A/ZMEPIgrq2I/uyygn
1BXVX/vbPiazuvPR7xhaXEM8+4YT1sgWpagSaJAgEHYkPqVoVIJCwTx12US9ZYUs
24HS8EzM+hTI5A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:13 2025 by rpki-client