Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
File: iu8WONCRG6mIZOl5yEJrpPQaJy4.mft (raw, json)
Hash identifier: m6nxAOZSjLAXtEfEGpEJ8/3rwtuu4HrR+x1tLuGh6fU=
Subject key identifier: 2D:85:29:FF:BF:B4:50:5D:A1:B6:B8:3E:B0:57:39:8B:9A:14:06:5A
Authority key identifier: 8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
Certificate issuer: /CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Certificate serial: 019A71B8E312B138544A190952E866838349
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:02:13 +0000
Manifest this update: Tue 11 Nov 2025 07:02:13 +0000
Manifest next update: Wed 12 Nov 2025 07:02:13 +0000
Files and hashes: 1: if3KaihHpbg1Z08V6cXxVYQmFhk.roa (hash: 4GJMU1mopT3EhZuM0ayjHedY3bbBO8iZn11kZBRbuts=)
2: iu8WONCRG6mIZOl5yEJrpPQaJy4.crl (hash: ITXnYuPKZcE6O0D1vzBrtSZCogXEG3Qt2olNhM47BUc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:e3:12:b1:38:54:4a:19:09:52:e8:66:83:83:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Validity
Not Before: Nov 11 07:02:13 2025 GMT
Not After : Nov 12 07:02:13 2025 GMT
Subject: CN=2d8529ffbfb4505da1b6b83eb057398b9a14065a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:76:7a:e0:53:b9:ec:c5:26:7b:ca:88:41:87:
8d:89:f2:f7:08:91:30:b1:bd:34:d0:ce:93:55:12:
74:90:ac:1e:a7:64:5b:4f:47:cd:07:b3:f5:cc:c1:
93:4c:60:7c:ac:6d:b3:42:73:d3:e9:21:de:2e:d2:
dd:19:12:8b:87:6a:a9:eb:cc:37:93:0d:a3:bf:66:
f3:85:98:b7:cd:d9:ca:54:bc:84:fd:f4:b1:1b:00:
57:7d:a0:46:b7:8f:00:6e:61:f9:f3:fe:d6:74:2e:
f1:db:98:5d:4b:f5:cd:41:d9:51:4d:78:77:6c:50:
05:10:c6:a6:f6:3a:54:4d:f0:dd:70:85:59:a3:4d:
73:2a:ff:eb:e5:b3:83:33:0a:68:60:e0:88:22:d5:
dc:ae:ee:fd:72:a3:bb:9d:7e:53:01:10:86:f4:47:
6c:b2:d9:06:8c:e4:98:bc:77:5d:73:2a:8c:31:0f:
29:2b:3d:ae:c1:e0:21:91:6c:33:e4:76:39:93:c8:
da:2b:f5:8e:11:35:4d:81:be:db:b7:50:9b:dd:c0:
b9:c4:af:e6:29:12:f8:a4:63:77:73:d0:11:e0:93:
2d:0f:42:d8:6c:59:6a:ad:fc:fa:c3:e6:da:dc:de:
17:85:df:0e:9c:9c:59:de:9d:88:13:c8:e4:ff:b8:
c2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:85:29:FF:BF:B4:50:5D:A1:B6:B8:3E:B0:57:39:8B:9A:14:06:5A
X509v3 Authority Key Identifier:
keyid:8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d2:86:e8:f8:8d:a7:06:28:7a:8f:7e:d0:68:f0:9d:f0:ef:eb:
57:d6:e3:aa:a2:9e:e0:78:b2:4f:35:4c:79:48:4f:7f:06:b7:
db:a1:09:60:23:d5:c4:c6:79:7a:c5:45:ef:a3:98:91:58:6e:
13:b3:45:65:6b:8d:1a:6b:83:95:d0:30:ba:09:fb:a5:2d:cd:
dd:94:c4:a3:6b:68:68:02:93:3b:54:ed:70:0d:c5:91:03:34:
ac:38:37:b9:5a:09:e7:c8:4e:55:0e:32:82:b3:77:9e:ad:a8:
77:6b:9b:2f:96:13:0e:12:dc:66:3c:9a:ed:0b:a5:dd:65:86:
f0:e0:99:23:ed:76:f4:ed:37:0e:87:64:22:fc:17:79:e8:7b:
c9:ba:77:61:86:3f:28:64:24:d8:9a:6a:75:fa:7c:f4:92:1b:
66:df:f0:1f:c7:38:41:bf:18:6c:45:96:b7:7a:7a:0f:39:81:
d0:03:7a:37:c5:4e:36:4b:b8:5a:58:f2:db:e9:5f:8f:df:1b:
d0:9a:1e:3d:9e:1d:9d:50:0e:70:fb:53:76:3f:79:db:aa:f4:
00:79:ac:f8:eb:d9:50:60:a1:65:aa:21:e2:c0:94:7e:1a:cd:
ff:b9:9c:cb:7a:db:9d:51:85:a2:e8:fb:29:bc:94:76:01:03:
5a:cc:f2:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOMSsThUShkJUuhmg4NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZWYxNjM4ZDA5MTFiYTk4ODY0ZTk3OWM4NDI2YmE0ZjQx
YTI3MmUwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EygyZDg1MjlmZmJmYjQ1MDVkYTFiNmI4M2ViMDU3Mzk4YjlhMTQwNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HZ64FO57MUme8qIQYeNifL3CJEw
sb000M6TVRJ0kKwep2RbT0fNB7P1zMGTTGB8rG2zQnPT6SHeLtLdGRKLh2qp68w3
kw2jv2bzhZi3zdnKVLyE/fSxGwBXfaBGt48AbmH58/7WdC7x25hdS/XNQdlRTXh3
bFAFEMam9jpUTfDdcIVZo01zKv/r5bODMwpoYOCIItXcru79cqO7nX5TARCG9Eds
stkGjOSYvHddcyqMMQ8pKz2uweAhkWwz5HY5k8jaK/WOETVNgb7bt1Cb3cC5xK/m
KRL4pGN3c9AR4JMtD0LYbFlqrfz6w+ba3N4Xhd8OnJxZ3p2IE8jk/7jCvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2FKf+/tFBdoba4PrBXOYuaFAZaMB8GA1UdIwQY
MBaAFIrvFjjQkRupiGTpechCa6T0GicuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDIt
OTRmOTdiM2EyY2UyLzEvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDItOTRmOTdiM2EyY2Uy
LzEvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0obo+I2n
Bih6j37QaPCd8O/rV9bjqqKe4HiyTzVMeUhPfwa326EJYCPVxMZ5esVF76OYkVhu
E7NFZWuNGmuDldAwugn7pS3N3ZTEo2toaAKTO1TtcA3FkQM0rDg3uVoJ58hOVQ4y
grN3nq2od2ubL5YTDhLcZjya7Qul3WWG8OCZI+129O03DodkIvwXeeh7ybp3YYY/
KGQk2Jpqdfp89JIbZt/wH8c4Qb8YbEWWt3p6DzmB0AN6N8VONku4Wljy2+lfj98b
0JoePZ4dnVAOcPtTdj9526r0AHms+OvZUGChZaoh4sCUfhrN/7mcy3rbnVGFouj7
KbyUdgEDWszydQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:53 2025 by rpki-client