Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
File: I5xF5DYlUiCArsU5UpiaE6KKvQA.mft (raw, json)
Hash identifier: /+Pw1jAIF/XifrHuJQpRjjClyUsmrBVp0SMZKVi7arw=
Subject key identifier: 85:0D:49:4C:07:F0:9B:5D:E2:0F:83:FE:CF:55:F1:C3:34:5A:AD:64
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 019A71B840BD4CB72906007EF6893F5BCAFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 07:01:31 +0000
Manifest this update: Tue 11 Nov 2025 07:01:31 +0000
Manifest next update: Wed 12 Nov 2025 07:01:31 +0000
Files and hashes: 1: I5xF5DYlUiCArsU5UpiaE6KKvQA.crl (hash: GD4Qy7RI47kPlNKdoLqme7hdUt232W3wYJHQ54ZimKE=)
2: lw90sey6Y2XkP3Sip6ebzWQtTKU.roa (hash: IdqbojAlXr4XwjmKtJYEU/2zd7cvDplQCfLZ9IO+/d0=)
3: uBZl19XYTdc5SBXaRHXvV0GGF98.roa (hash: 1Ti03xYR3EsLOQdndtqiFtUtuVxyXY66yoLYTtqG1ik=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:40:bd:4c:b7:29:06:00:7e:f6:89:3f:5b:ca:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Nov 11 07:01:31 2025 GMT
Not After : Nov 12 07:01:31 2025 GMT
Subject: CN=850d494c07f09b5de20f83fecf55f1c3345aad64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:07:da:a4:34:06:35:3b:f9:8d:69:ca:56:
81:fd:59:62:6b:ca:e4:1b:8b:87:2e:88:bd:d2:a5:
c5:71:25:38:8f:d4:63:32:c6:15:ff:f8:d4:52:10:
0e:21:f3:07:10:a9:7b:92:72:68:b5:99:91:24:24:
6b:2b:54:36:27:d3:8e:9a:a5:92:2c:d1:7a:fb:b6:
14:dc:0d:dd:56:05:cd:ea:43:dc:7a:80:01:9f:1b:
d0:09:fa:ab:d6:b5:25:2b:cb:6a:5e:0c:76:f5:47:
15:61:1e:46:4a:30:61:da:03:97:5f:bf:8f:ac:db:
14:f5:f0:1f:03:63:1b:56:ca:17:c2:fa:90:34:a8:
62:ba:5d:d7:1a:5a:1b:6c:d5:d8:9a:6d:95:ad:2d:
2d:40:08:10:7e:e2:9e:60:44:06:62:f2:5e:a2:b0:
a2:40:a8:9e:9f:b4:d0:80:af:b9:98:df:ad:d5:8d:
6f:ee:63:cb:79:03:a3:1c:b4:55:0a:88:3a:6d:34:
c1:77:1a:5d:38:f0:b0:20:c4:1c:79:2f:38:4d:19:
89:50:30:19:fd:91:dc:c2:42:d6:95:79:c5:51:23:
37:6b:9e:3a:ee:fc:f1:98:ac:47:10:d6:b3:de:84:
a4:b3:6f:14:38:41:f9:0f:af:08:23:53:c2:ed:1f:
43:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0D:49:4C:07:F0:9B:5D:E2:0F:83:FE:CF:55:F1:C3:34:5A:AD:64
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:32:65:b5:3d:4c:87:86:f3:35:ed:e7:65:c9:95:c1:8d:90:
e0:98:a2:f3:3d:cd:d1:57:6e:26:67:71:5c:66:28:71:18:16:
04:f5:20:e1:00:3e:8f:c6:9c:16:5d:fd:a0:89:ad:b9:26:7f:
00:4d:ea:63:1a:c0:7a:14:01:98:96:1d:cc:24:94:cb:86:c2:
de:07:8c:fd:fb:1f:a0:04:aa:0f:eb:ac:60:17:86:48:cf:4d:
11:76:35:3b:ba:57:4e:92:9b:1d:7b:b4:1d:02:66:33:e9:5d:
1f:6b:8a:d4:92:ac:f2:96:0e:fe:59:41:46:80:3f:c0:cd:7b:
cc:d1:ef:7b:65:07:c0:ff:20:bd:29:40:0e:18:aa:45:d1:ab:
29:d0:d6:f1:89:df:45:8e:62:c5:40:71:75:0d:06:d8:59:10:
b1:8e:74:1a:0f:9a:72:15:e0:56:3e:b8:a7:40:91:87:67:94:
1f:83:b7:e0:0e:27:5b:a7:71:24:89:b9:17:dc:7f:96:49:a2:
7c:0a:77:99:38:df:0b:36:25:1a:eb:19:7c:cf:19:22:37:9f:
35:43:ce:6d:49:62:41:da:30:bf:17:58:6c:e7:10:76:2e:7c:
82:da:e5:46:40:9b:92:70:fb:85:e1:ab:bc:f2:68:42:01:11:
d7:3c:34:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEC9TLcpBgB+9ok/W8r9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWM0NWU0MzYyNTUyMjA4MGFlYzUzOTUyOTg5YTEzYTI4
YWJkMDAwHhcNMjUxMTExMDcwMTMxWhcNMjUxMTEyMDcwMTMxWjAzMTEwLwYDVQQD
Eyg4NTBkNDk0YzA3ZjA5YjVkZTIwZjgzZmVjZjU1ZjFjMzM0NWFhZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHYH2qQ0BjU7+Y1pylaB/Vlia8rk
G4uHLoi90qXFcSU4j9RjMsYV//jUUhAOIfMHEKl7knJotZmRJCRrK1Q2J9OOmqWS
LNF6+7YU3A3dVgXN6kPceoABnxvQCfqr1rUlK8tqXgx29UcVYR5GSjBh2gOXX7+P
rNsU9fAfA2MbVsoXwvqQNKhiul3XGlobbNXYmm2VrS0tQAgQfuKeYEQGYvJeorCi
QKien7TQgK+5mN+t1Y1v7mPLeQOjHLRVCog6bTTBdxpdOPCwIMQceS84TRmJUDAZ
/ZHcwkLWlXnFUSM3a5467vzxmKxHENaz3oSks28UOEH5D68II1PC7R9DZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUNSUwH8Jtd4g+D/s9V8cM0Wq1kMB8GA1UdIwQY
MBaAFCOcReQ2JVIggK7FOVKYmhOiir0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2Njgt
OTc1YTIzN2VjZDA2LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2NjgtOTc1YTIzN2VjZDA2
LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDJltT1M
h4bzNe3nZcmVwY2Q4Jii8z3N0VduJmdxXGYocRgWBPUg4QA+j8acFl39oImtuSZ/
AE3qYxrAehQBmJYdzCSUy4bC3geM/fsfoASqD+usYBeGSM9NEXY1O7pXTpKbHXu0
HQJmM+ldH2uK1JKs8pYO/llBRoA/wM17zNHve2UHwP8gvSlADhiqRdGrKdDW8Ynf
RY5ixUBxdQ0G2FkQsY50Gg+achXgVj64p0CRh2eUH4O34A4nW6dxJIm5F9x/lkmi
fAp3mTjfCzYlGusZfM8ZIjefNUPObUliQdowvxdYbOcQdi58gtrlRkCbknD7heGr
vPJoQgER1zw0Cg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:47 2025 by rpki-client