Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
File: iMaZNJivBRiWLl9I1chG3BddGIQ.mft (raw, json)
Hash identifier: nldOIz3v3zA4HQ+uWgFoIyVG2OvumbemLgv7NrBseDQ=
Subject key identifier: BD:A8:F0:F4:04:F0:8D:D3:B1:24:97:C4:90:C9:1B:3A:85:B7:91:80
Authority key identifier: 88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84
Certificate issuer: /CN=88c6993498af0518962e5f48d5c846dc175d1884
Certificate serial: 019A7226524B04E537A2C0F1E4DE69C28D60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:45 +0000
Manifest this update: Tue 11 Nov 2025 09:01:45 +0000
Manifest next update: Wed 12 Nov 2025 09:01:45 +0000
Files and hashes: 1: iMaZNJivBRiWLl9I1chG3BddGIQ.crl (hash: +wWOs6cPd87i/ivMXG2OQQE0Z292dyWvcM1/UTawLOc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:52:4b:04:e5:37:a2:c0:f1:e4:de:69:c2:8d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c6993498af0518962e5f48d5c846dc175d1884
Validity
Not Before: Nov 11 09:01:45 2025 GMT
Not After : Nov 12 09:01:45 2025 GMT
Subject: CN=bda8f0f404f08dd3b12497c490c91b3a85b79180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dd:a7:64:10:ea:40:e1:55:87:6a:b9:e8:56:
b2:6a:ed:52:45:ca:c7:18:db:9c:73:73:c6:b8:d9:
c5:ce:fb:95:91:12:91:f2:ec:d6:6b:30:1e:68:e1:
4e:87:d4:9c:0a:7a:45:d2:ba:ab:12:52:82:a3:13:
47:48:1e:9e:8a:76:5b:de:ce:e5:b2:c6:ef:57:ab:
11:d4:30:b9:cb:ed:f6:9d:20:59:ab:aa:f7:c9:38:
49:95:84:91:15:9a:e6:4a:71:74:21:64:23:d1:da:
89:bb:d6:0f:24:6a:bb:ee:56:78:33:d6:d1:da:fe:
43:18:eb:6f:1b:8e:1b:68:83:36:1e:b6:2f:d5:6a:
62:1a:ae:aa:0f:55:23:12:d7:65:8d:9e:38:91:fb:
ca:f1:32:81:bd:64:8d:01:fb:e9:d9:37:3a:53:3d:
c2:8e:81:f6:9a:24:42:01:c4:2f:df:b1:07:ae:01:
73:bb:15:b9:86:17:0e:19:3b:ae:38:ac:8a:ef:b2:
d1:0c:15:13:93:05:32:8d:18:a5:5e:20:ff:fb:24:
3c:07:84:f5:37:31:fe:f6:7a:f0:1d:ce:6e:62:7b:
32:b6:f6:cb:80:c4:1c:37:d4:49:4a:42:06:7b:f4:
50:fd:79:13:39:cf:77:0b:90:5f:c7:5e:9f:be:39:
76:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A8:F0:F4:04:F0:8D:D3:B1:24:97:C4:90:C9:1B:3A:85:B7:91:80
X509v3 Authority Key Identifier:
keyid:88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:ba:44:67:c4:b8:f5:5e:46:93:21:fd:ce:82:d5:bc:f5:6b:
8e:88:c8:2e:2c:32:4f:66:27:3b:ab:96:43:55:a6:bf:dd:27:
93:a8:7c:38:0a:94:be:11:0b:09:3b:e6:27:91:fe:ba:05:ac:
a0:41:ab:5a:38:fc:99:10:0f:65:aa:db:e0:9c:a3:7c:09:e0:
22:eb:5b:b5:07:95:66:ca:1a:0d:23:94:4d:0b:03:83:9c:61:
f0:33:ba:ab:7e:dd:64:e3:62:71:0d:82:44:a2:49:18:07:4f:
24:13:a4:07:1a:db:d8:80:3b:12:20:55:a0:d4:ef:27:dc:50:
4e:e5:de:19:4f:20:fd:ce:19:01:ae:67:03:42:a4:23:a1:c7:
9c:65:ff:7b:8e:f2:85:3c:ea:de:04:bb:98:8b:c5:a5:4f:79:
11:20:5e:1c:75:4e:7d:ee:92:2f:13:73:c7:45:bf:8c:87:37:
ae:61:c6:2d:43:9a:eb:fd:6a:fc:4e:57:5e:6a:19:fd:79:6e:
7d:4e:f8:cc:b3:e9:82:e4:dd:86:3d:26:24:12:6d:8a:44:2a:
dc:e8:4e:ef:b7:15:c4:0b:cb:4d:02:98:97:02:3a:0c:01:23:
c9:96:56:a7:e6:88:75:7c:a7:a4:24:bd:51:96:92:4f:88:7a:
7c:1a:58:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlJLBOU3osDx5N5pwo1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YzY5OTM0OThhZjA1MTg5NjJlNWY0OGQ1Yzg0NmRjMTc1
ZDE4ODQwHhcNMjUxMTExMDkwMTQ1WhcNMjUxMTEyMDkwMTQ1WjAzMTEwLwYDVQQD
EyhiZGE4ZjBmNDA0ZjA4ZGQzYjEyNDk3YzQ5MGM5MWIzYTg1Yjc5MTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd2nZBDqQOFVh2q56Fayau1SRcrH
GNucc3PGuNnFzvuVkRKR8uzWazAeaOFOh9ScCnpF0rqrElKCoxNHSB6einZb3s7l
ssbvV6sR1DC5y+32nSBZq6r3yThJlYSRFZrmSnF0IWQj0dqJu9YPJGq77lZ4M9bR
2v5DGOtvG44baIM2HrYv1WpiGq6qD1UjEtdljZ44kfvK8TKBvWSNAfvp2Tc6Uz3C
joH2miRCAcQv37EHrgFzuxW5hhcOGTuuOKyK77LRDBUTkwUyjRilXiD/+yQ8B4T1
NzH+9nrwHc5uYnsytvbLgMQcN9RJSkIGe/RQ/XkTOc93C5Bfx16fvjl2hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2o8PQE8I3TsSSXxJDJGzqFt5GAMB8GA1UdIwQY
MBaAFIjGmTSYrwUYli5fSNXIRtwXXRiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MWIwMGEtZjY4ZC00NGY0LTg4MjUt
OTgyNzM2YjQ1YmRmLzEvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MWIwMGEtZjY4ZC00NGY0LTg4MjUtOTgyNzM2YjQ1YmRm
LzEvaU1hWk5KaXZCUmlXTGw5STFjaEczQmRkR0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsLpEZ8S4
9V5GkyH9zoLVvPVrjojILiwyT2YnO6uWQ1Wmv90nk6h8OAqUvhELCTvmJ5H+ugWs
oEGrWjj8mRAPZarb4JyjfAngIutbtQeVZsoaDSOUTQsDg5xh8DO6q37dZONicQ2C
RKJJGAdPJBOkBxrb2IA7EiBVoNTvJ9xQTuXeGU8g/c4ZAa5nA0KkI6HHnGX/e47y
hTzq3gS7mIvFpU95ESBeHHVOfe6SLxNzx0W/jIc3rmHGLUOa6/1q/E5XXmoZ/Xlu
fU74zLPpguTdhj0mJBJtikQq3OhO77cVxAvLTQKYlwI6DAEjyZZWp+aIdXynpCS9
UZaST4h6fBpYpA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:18 2025 by rpki-client