Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
File: IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft (raw, json)
Hash identifier: ugZ8inJkQXTQJu/XcqWWDi0Wqfz6mXJIuJkeyO+r48Y=
Subject key identifier: C5:D6:23:27:DF:C2:6F:E5:EE:3A:22:62:D9:9F:D3:DC:B3:94:A9:D0
Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Certificate serial: 019A71B7BA86FD7373A169D15D11760F83F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:00:57 +0000
Manifest this update: Tue 11 Nov 2025 07:00:57 +0000
Manifest next update: Wed 12 Nov 2025 07:00:57 +0000
Files and hashes: 1: BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa (hash: 7T5AV/yHdfgZicPaqkaiWb9Osz7vZVkyB1rTGAClRcg=)
2: IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl (hash: ogJPIkTZIiEcgmQRxNLOhGV+unwYn18UcweXsNbwFjc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ba:86:fd:73:73:a1:69:d1:5d:11:76:0f:83:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35
Validity
Not Before: Nov 11 07:00:57 2025 GMT
Not After : Nov 12 07:00:57 2025 GMT
Subject: CN=c5d62327dfc26fe5ee3a2262d99fd3dcb394a9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a9:16:db:8f:b3:55:00:86:40:85:ba:35:45:
ea:76:ac:98:6d:e4:89:f0:6a:a2:78:f7:f3:2c:ed:
fb:36:9c:23:99:63:5a:03:49:d8:97:13:c0:98:d1:
07:1c:3f:cf:8a:51:6f:f6:20:24:6a:9b:45:50:47:
c1:d1:5c:62:51:67:bc:44:a0:d4:9f:22:67:bd:36:
f6:58:88:73:80:38:15:a9:15:9c:de:e3:00:a2:22:
21:be:ab:de:be:13:ce:55:6d:ba:c7:c8:8e:8e:c9:
8c:82:be:95:da:e2:5e:d8:99:62:ec:66:90:17:d4:
83:a3:60:0d:9b:d2:f8:36:c2:ef:20:a2:b0:55:cb:
bc:86:b2:c5:4b:b6:92:e3:bc:5a:b0:be:24:ee:9f:
cc:80:4f:95:bc:eb:45:38:bb:25:a5:3d:63:42:6b:
6d:ce:7e:00:ca:12:9a:b4:6a:b3:5e:dd:6a:22:f6:
c2:64:49:cf:ca:a6:7c:15:a8:0c:40:8d:d5:c3:9d:
20:01:77:83:ae:e3:df:5c:a7:e9:7c:37:dd:05:6c:
af:9d:cf:97:0c:25:3f:bc:d2:ac:6c:f0:21:16:f6:
ed:35:f4:a5:76:8b:41:f6:43:ef:60:59:cc:bf:5a:
61:d0:78:79:44:ac:9c:3a:0b:cb:c7:23:40:65:d6:
f2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D6:23:27:DF:C2:6F:E5:EE:3A:22:62:D9:9F:D3:DC:B3:94:A9:D0
X509v3 Authority Key Identifier:
keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:4d:e2:34:4d:a0:6b:b0:85:b5:77:6c:e5:a1:0d:ad:49:23:
4f:0b:11:45:9c:56:b9:22:4e:64:53:17:6e:72:f6:35:75:dd:
95:1e:70:7b:f9:1e:b2:c6:54:9b:e4:8b:c8:44:05:af:c8:1c:
64:da:be:56:98:e1:ed:0b:c9:4e:4a:91:c5:9c:0b:32:8b:dd:
de:6b:f8:e8:48:1f:e3:b5:cc:1f:ac:b5:d1:56:11:62:e5:e6:
55:36:0e:e2:73:75:c2:0c:77:f5:ee:3d:5d:1f:ae:52:1a:7e:
96:a7:77:17:3c:00:43:59:99:41:3d:80:95:71:de:38:49:1d:
6b:dd:8a:aa:e2:bf:87:35:8e:37:db:33:48:70:14:6e:63:0a:
f5:c3:8b:0c:53:0d:3d:c9:f6:8c:a3:31:9b:d7:f9:b1:1a:bc:
0d:13:5b:1b:00:c9:5a:75:25:51:77:5f:db:46:c1:05:d4:c0:
2b:bd:07:8e:1e:ad:4e:0b:7a:59:f0:36:a2:37:df:7e:87:8d:
0c:62:99:98:32:15:cd:72:0f:f7:fa:90:07:6f:bf:b2:e6:23:
09:a2:6d:8d:ad:1c:6d:b6:a1:f7:3b:d8:0c:4a:08:a9:7d:a0:
62:ad:4f:42:30:95:6f:42:b9:87:08:bf:85:cd:79:c4:c7:7e:
35:44:3e:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7qG/XNzoWnRXRF2D4P0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm
ZGNiMzUwHhcNMjUxMTExMDcwMDU3WhcNMjUxMTEyMDcwMDU3WjAzMTEwLwYDVQQD
EyhjNWQ2MjMyN2RmYzI2ZmU1ZWUzYTIyNjJkOTlmZDNkY2IzOTRhOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqkW24+zVQCGQIW6NUXqdqyYbeSJ
8GqiePfzLO37NpwjmWNaA0nYlxPAmNEHHD/PilFv9iAkaptFUEfB0VxiUWe8RKDU
nyJnvTb2WIhzgDgVqRWc3uMAoiIhvqvevhPOVW26x8iOjsmMgr6V2uJe2Jli7GaQ
F9SDo2ANm9L4NsLvIKKwVcu8hrLFS7aS47xasL4k7p/MgE+VvOtFOLslpT1jQmtt
zn4AyhKatGqzXt1qIvbCZEnPyqZ8FagMQI3Vw50gAXeDruPfXKfpfDfdBWyvnc+X
DCU/vNKsbPAhFvbtNfSldotB9kPvYFnMv1ph0Hh5RKycOgvLxyNAZdby7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXWIyffwm/l7joiYtmf09yzlKnQMB8GA1UdIwQY
MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt
YjY2NTZjYzFiZDU5LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5
LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFE3iNE2g
a7CFtXds5aENrUkjTwsRRZxWuSJOZFMXbnL2NXXdlR5we/kessZUm+SLyEQFr8gc
ZNq+Vpjh7QvJTkqRxZwLMovd3mv46Egf47XMH6y10VYRYuXmVTYO4nN1wgx39e49
XR+uUhp+lqd3FzwAQ1mZQT2AlXHeOEkda92KquK/hzWON9szSHAUbmMK9cOLDFMN
Pcn2jKMxm9f5sRq8DRNbGwDJWnUlUXdf20bBBdTAK70Hjh6tTgt6WfA2ojfffoeN
DGKZmDIVzXIP9/qQB2+/suYjCaJtja0cbbah9zvYDEoIqX2gYq1PQjCVb0K5hwi/
hc15xMd+NUQ+5w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:55:10 2025 by rpki-client