Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.mft
File: ij8nyT77e7wLCv6OzCT3A50nUQg.mft (raw, json)
Hash identifier: mRm2ylxjBn7Pk7B/EAxwcf5oWFif3aAZmAn+XB5PW+A=
Subject key identifier: AC:DE:1B:CE:B5:BC:24:BD:65:DA:24:36:B8:A3:9B:AB:5C:99:39:00
Authority key identifier: 8A:3F:27:C9:3E:FB:7B:BC:0B:0A:FE:8E:CC:24:F7:03:9D:27:51:08
Certificate issuer: /CN=8a3f27c93efb7bbc0b0afe8ecc24f7039d275108
Certificate serial: 019A71B7D37EC263B880CCBB79B283E5E96E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij8nyT77e7wLCv6OzCT3A50nUQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.mft
Manifest number: 0515
Signing time: Tue 11 Nov 2025 07:01:03 +0000
Manifest this update: Tue 11 Nov 2025 07:01:03 +0000
Manifest next update: Wed 12 Nov 2025 07:01:03 +0000
Files and hashes: 1: 4mtjo1wkfTbCTW9KNexHpaJfxb4.roa (hash: NNFjMP/4ryf3yqLdY/nlmC6UZkGbjTY7ealoIUdpyCw=)
2: ij8nyT77e7wLCv6OzCT3A50nUQg.crl (hash: SA0xACPtteHiKYUYdaO+LMg4WwnmtjoFVNRmX3CzT9w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ij8nyT77e7wLCv6OzCT3A50nUQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:d3:7e:c2:63:b8:80:cc:bb:79:b2:83:e5:e9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3f27c93efb7bbc0b0afe8ecc24f7039d275108
Validity
Not Before: Nov 11 07:01:03 2025 GMT
Not After : Nov 12 07:01:03 2025 GMT
Subject: CN=acde1bceb5bc24bd65da2436b8a39bab5c993900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:6d:9d:cc:6a:95:31:f5:ce:6b:5a:6a:93:
dd:de:c9:37:19:02:89:26:ad:15:5f:91:fc:96:3f:
2c:8f:b2:ff:f5:35:26:75:84:91:78:da:91:ba:9f:
fa:a8:1c:7e:3b:83:c0:e3:94:13:91:39:2c:ff:db:
01:eb:c1:f5:87:37:b6:0a:55:6c:63:42:73:bb:af:
c1:49:10:b2:51:fa:8e:97:80:40:45:b0:ce:4d:b0:
d4:56:62:51:9d:c0:dd:99:00:e1:45:5e:24:e5:ce:
c6:6d:69:d4:2f:da:e6:be:dc:8f:3e:ae:bb:aa:e9:
09:fc:c1:b6:86:8d:2d:76:9f:25:63:cd:97:be:28:
3d:58:29:c7:a2:db:d2:aa:1d:b6:05:9d:b9:60:b2:
c9:c5:6b:e7:c9:e3:9f:36:eb:07:2a:80:41:0a:48:
91:63:8c:86:d0:5f:b3:db:e0:c3:c3:de:1f:0f:36:
d3:61:d2:28:a6:79:86:0c:ee:f3:fa:24:bc:35:95:
c8:7e:54:9c:2e:a2:17:aa:78:8a:8d:67:04:0c:87:
8a:d4:7b:f1:f4:a3:aa:e3:fd:8f:3e:90:b2:4f:c3:
ed:85:b0:b9:f5:8d:b3:05:1f:da:57:a8:a7:1a:06:
e5:34:da:57:8c:62:68:ae:a2:ba:61:9f:cc:6e:47:
45:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DE:1B:CE:B5:BC:24:BD:65:DA:24:36:B8:A3:9B:AB:5C:99:39:00
X509v3 Authority Key Identifier:
keyid:8A:3F:27:C9:3E:FB:7B:BC:0B:0A:FE:8E:CC:24:F7:03:9D:27:51:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij8nyT77e7wLCv6OzCT3A50nUQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c9a24-8560-4307-acc7-ebf834fe9a15/1/ij8nyT77e7wLCv6OzCT3A50nUQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:9f:55:90:ae:fb:51:d6:8f:40:f5:85:2a:94:60:42:93:91:
40:92:11:18:b8:c0:54:bb:48:fa:3f:1e:a1:e1:7d:f5:31:4a:
2e:1b:d1:5a:59:9e:6d:34:ae:67:91:a0:a5:ec:b3:79:b6:ec:
42:8c:19:67:eb:de:a5:8a:13:c8:19:e1:c5:aa:bb:38:ce:87:
6e:6b:a9:59:08:3c:a6:99:85:03:6a:f5:a8:e9:63:ad:86:07:
80:b7:a0:4b:11:cd:70:c2:99:b6:24:63:17:10:14:7e:47:7d:
94:ae:a6:7a:ae:a0:3b:93:ee:0a:70:13:5d:fc:c7:7f:03:12:
41:b6:70:a9:ad:fe:8c:b7:85:9f:42:ea:a0:3c:fe:95:c5:64:
57:ee:99:e9:c5:1c:f3:59:b0:fc:be:95:82:8d:4f:1b:4f:89:
c6:2f:8c:3f:6a:36:d2:52:63:ef:2b:f0:4a:d7:d7:af:c8:c8:
dc:a1:81:d7:4c:ac:45:09:fc:ee:d0:f0:20:49:3a:c6:87:8b:
c3:7e:00:71:98:bf:99:91:5a:29:0a:1a:61:02:40:70:e5:17:
4c:b3:ce:a8:56:d4:55:a6:bf:09:05:b6:b5:83:26:0c:46:74:
81:bd:59:c8:18:b9:08:55:80:dc:49:ae:6b:d7:58:e8:3b:ce:
99:ec:91:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9N+wmO4gMy7ebKD5eluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhM2YyN2M5M2VmYjdiYmMwYjBhZmU4ZWNjMjRmNzAzOWQy
NzUxMDgwHhcNMjUxMTExMDcwMTAzWhcNMjUxMTEyMDcwMTAzWjAzMTEwLwYDVQQD
EyhhY2RlMWJjZWI1YmMyNGJkNjVkYTI0MzZiOGEzOWJhYjVjOTkzOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXttncxqlTH1zmtaapPd3sk3GQKJ
Jq0VX5H8lj8sj7L/9TUmdYSReNqRup/6qBx+O4PA45QTkTks/9sB68H1hze2ClVs
Y0Jzu6/BSRCyUfqOl4BARbDOTbDUVmJRncDdmQDhRV4k5c7GbWnUL9rmvtyPPq67
qukJ/MG2ho0tdp8lY82Xvig9WCnHotvSqh22BZ25YLLJxWvnyeOfNusHKoBBCkiR
Y4yG0F+z2+DDw94fDzbTYdIopnmGDO7z+iS8NZXIflScLqIXqniKjWcEDIeK1Hvx
9KOq4/2PPpCyT8PthbC59Y2zBR/aV6inGgblNNpXjGJorqK6YZ/MbkdFowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzeG861vCS9ZdokNrijm6tcmTkAMB8GA1UdIwQY
MBaAFIo/J8k++3u8Cwr+jswk9wOdJ1EIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWo4bnlUNzdlN3dMQ3Y2T3pDVDNBNTBuVVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yYzlhMjQtODU2MC00MzA3LWFjYzct
ZWJmODM0ZmU5YTE1LzEvaWo4bnlUNzdlN3dMQ3Y2T3pDVDNBNTBuVVFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yYzlhMjQtODU2MC00MzA3LWFjYzctZWJmODM0ZmU5YTE1
LzEvaWo4bnlUNzdlN3dMQ3Y2T3pDVDNBNTBuVVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZ9VkK77
UdaPQPWFKpRgQpORQJIRGLjAVLtI+j8eoeF99TFKLhvRWlmebTSuZ5Ggpeyzebbs
QowZZ+vepYoTyBnhxaq7OM6HbmupWQg8ppmFA2r1qOljrYYHgLegSxHNcMKZtiRj
FxAUfkd9lK6meq6gO5PuCnATXfzHfwMSQbZwqa3+jLeFn0LqoDz+lcVkV+6Z6cUc
81mw/L6Vgo1PG0+Jxi+MP2o20lJj7yvwStfXr8jI3KGB10ysRQn87tDwIEk6xoeL
w34AcZi/mZFaKQoaYQJAcOUXTLPOqFbUVaa/CQW2tYMmDEZ0gb1ZyBi5CFWA3Emu
a9dY6DvOmeyR6A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:52:09 2025 by rpki-client