Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
File: IO7gXaGD3uK4EYFBlWRiySQNeHY.mft (raw, json)
Hash identifier: fUkIVeQywCeRm14b9q43vxls+LlhfJJ0DGaDvG2/L4E=
Subject key identifier: 31:8D:17:58:21:9D:7D:10:B4:76:B0:B8:99:7C:FC:27:C4:77:56:27
Authority key identifier: 20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
Certificate issuer: /CN=20eee05da183dee2b8118141956462c9240d7876
Certificate serial: 019A71EE7C18214D505F5F43C9D096149A22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
Manifest number: 152A
Signing time: Tue 11 Nov 2025 08:00:45 +0000
Manifest this update: Tue 11 Nov 2025 08:00:45 +0000
Manifest next update: Wed 12 Nov 2025 08:00:45 +0000
Files and hashes: 1: IO7gXaGD3uK4EYFBlWRiySQNeHY.crl (hash: Vyy4bi7LOHcoZ7eVvlB1hKtUN+Zhl/EZjrhPNrvWmes=)
2: UOhBO5tiijOD2pDmpEzGmcmWS0c.roa (hash: xgr3YICoBLMfkC1gTEslMu1vKZNde/9vfYQRW1pAxzQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:7c:18:21:4d:50:5f:5f:43:c9:d0:96:14:9a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20eee05da183dee2b8118141956462c9240d7876
Validity
Not Before: Nov 11 08:00:45 2025 GMT
Not After : Nov 12 08:00:45 2025 GMT
Subject: CN=318d1758219d7d10b476b0b8997cfc27c4775627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:15:6c:29:c8:1a:ea:4b:14:84:4e:e9:a6:
2f:a5:90:4d:96:15:de:6d:e8:c1:7e:6d:61:43:e7:
eb:34:0a:2b:33:14:1f:da:4f:0f:55:a6:2e:b6:b4:
37:90:42:99:fa:93:41:e7:66:ea:21:94:af:13:14:
2a:df:63:22:4a:dc:ea:2b:63:50:88:8d:ee:3b:25:
25:36:5b:89:f9:7f:c9:12:6c:0f:3c:74:d8:80:8b:
75:73:53:3e:b3:55:47:70:8b:f1:0e:52:36:3b:54:
f7:e8:7c:a3:be:e8:37:65:62:96:a1:a4:a0:19:a5:
6a:a4:5b:af:39:83:40:85:db:5a:e6:9e:3e:05:67:
d2:82:e0:f1:22:ea:77:63:1f:1a:ec:ec:68:d2:d6:
29:d5:3b:20:7e:77:4f:a4:e4:91:31:7b:09:46:58:
1a:c7:c3:c7:20:90:4d:34:e6:e0:6a:f4:08:50:8e:
4d:ca:4d:97:72:d0:ff:15:56:0b:41:19:ad:94:8d:
36:b5:8a:16:a8:2f:c2:5f:57:50:36:ac:1a:c1:c6:
71:8e:d6:7b:7d:7b:a4:92:54:88:e9:d1:63:1f:6c:
08:46:00:73:37:fb:1e:ae:9b:64:5d:d4:e1:74:05:
6f:8d:8e:b5:7e:a9:15:c1:cd:ce:e4:ed:12:e1:0e:
f4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8D:17:58:21:9D:7D:10:B4:76:B0:B8:99:7C:FC:27:C4:77:56:27
X509v3 Authority Key Identifier:
keyid:20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:1f:f8:35:b8:fe:ec:ff:9b:82:59:56:54:13:80:81:a1:f6:
ee:74:6a:03:97:81:8c:87:09:f1:4c:d2:c0:d4:88:54:c3:1b:
d7:a1:74:1b:c4:24:3f:bf:26:07:cf:b5:07:a3:b1:f6:98:bb:
20:3e:8c:bd:e7:85:62:06:7e:0c:aa:04:d9:a5:e2:51:c7:d2:
f8:63:e7:f3:fb:bf:31:e7:9f:c3:ed:44:e2:cf:7c:91:10:d5:
f9:a3:ad:6e:79:3f:9e:9a:f5:96:88:04:98:5b:fd:7e:79:5f:
cc:0e:5a:4d:60:a4:1a:80:a3:85:10:3b:f8:7a:ec:1e:d2:cb:
14:a9:13:42:f6:0a:2b:f8:de:dd:dc:85:60:da:29:e4:fc:5c:
a0:ed:f1:ce:4a:78:c9:5b:80:4d:ff:c0:c9:df:3f:01:de:1b:
03:44:d2:b4:3c:e7:ab:b0:74:37:cc:d4:de:fd:26:43:7d:96:
c2:76:88:5e:da:67:8a:97:95:15:84:ba:df:8a:71:2c:74:13:
1d:7a:32:39:9e:e8:41:59:00:5e:b9:01:0c:e1:50:ad:2f:93:
6a:70:1e:21:97:85:04:c1:3c:9a:e2:25:80:a9:fd:98:90:18:
e9:de:ce:71:0c:f9:9d:db:91:13:cc:26:18:7d:b9:d5:ab:4c:
ba:91:c7:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7nwYIU1QX19DydCWFJoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWVlMDVkYTE4M2RlZTJiODExODE0MTk1NjQ2MmM5MjQw
ZDc4NzYwHhcNMjUxMTExMDgwMDQ1WhcNMjUxMTEyMDgwMDQ1WjAzMTEwLwYDVQQD
EygzMThkMTc1ODIxOWQ3ZDEwYjQ3NmIwYjg5OTdjZmMyN2M0Nzc1NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvEVbCnIGupLFIRO6aYvpZBNlhXe
bejBfm1hQ+frNAorMxQf2k8PVaYutrQ3kEKZ+pNB52bqIZSvExQq32MiStzqK2NQ
iI3uOyUlNluJ+X/JEmwPPHTYgIt1c1M+s1VHcIvxDlI2O1T36Hyjvug3ZWKWoaSg
GaVqpFuvOYNAhdta5p4+BWfSguDxIup3Yx8a7Oxo0tYp1TsgfndPpOSRMXsJRlga
x8PHIJBNNObgavQIUI5Nyk2XctD/FVYLQRmtlI02tYoWqC/CX1dQNqwawcZxjtZ7
fXukklSI6dFjH2wIRgBzN/serptkXdThdAVvjY61fqkVwc3O5O0S4Q70iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGNF1ghnX0QtHawuJl8/CfEd1YnMB8GA1UdIwQY
MBaAFCDu4F2hg97iuBGBQZVkYskkDXh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQt
Mzk4NTI5OWZhZDZkLzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQtMzk4NTI5OWZhZDZk
LzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYR/4Nbj+
7P+bgllWVBOAgaH27nRqA5eBjIcJ8UzSwNSIVMMb16F0G8QkP78mB8+1B6Ox9pi7
ID6MveeFYgZ+DKoE2aXiUcfS+GPn8/u/Meefw+1E4s98kRDV+aOtbnk/npr1logE
mFv9fnlfzA5aTWCkGoCjhRA7+HrsHtLLFKkTQvYKK/je3dyFYNop5PxcoO3xzkp4
yVuATf/Ayd8/Ad4bA0TStDznq7B0N8zU3v0mQ32WwnaIXtpnipeVFYS634pxLHQT
HXoyOZ7oQVkAXrkBDOFQrS+TanAeIZeFBME8muIlgKn9mJAY6d7OcQz5nduRE8wm
GH251atMupHHfg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:18 2025 by rpki-client