Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File: iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier: GKMU7e0wuMK2FIN8WiWvDlZA0c4VMzwsQBYDz8OlnTE=
Subject key identifier: 84:A7:CE:2D:50:99:7E:90:20:00:9A:75:85:71:2E:99:06:D3:41:74
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer: /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial: 019A725C8040579EBB0140F003553138EB09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number: 04B1
Signing time: Tue 11 Nov 2025 10:00:55 +0000
Manifest this update: Tue 11 Nov 2025 10:00:55 +0000
Manifest next update: Wed 12 Nov 2025 10:00:55 +0000
Files and hashes: 1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: +hqxFnv8XyNSHCh+HiVo5aObkg2RsZKB1EM+KnbwZm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:80:40:57:9e:bb:01:40:f0:03:55:31:38:eb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Validity
Not Before: Nov 11 10:00:55 2025 GMT
Not After : Nov 12 10:00:55 2025 GMT
Subject: CN=84a7ce2d50997e9020009a7585712e9906d34174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d0:aa:10:e0:d7:95:65:96:f5:e1:c7:73:31:
fa:0b:3c:70:48:65:d5:ae:61:0a:87:4e:f0:2a:78:
4d:b8:98:ca:b9:17:dd:2e:c1:b1:81:eb:96:eb:91:
54:4e:8d:1b:31:35:94:e2:8f:c2:5b:ca:60:f0:31:
0e:87:93:90:1a:46:9e:d9:89:f5:ae:b9:35:94:92:
c5:4c:35:45:ea:ec:e3:44:6a:7e:86:a3:6f:1c:d6:
88:47:25:07:91:c0:b7:87:6e:b8:0c:04:1a:91:0f:
4b:0f:5d:09:a8:5a:2e:b3:1a:ea:c4:72:a8:05:be:
ad:43:35:a5:03:22:09:f4:3d:a1:41:f0:39:4a:b7:
90:7d:47:f5:dc:46:1d:71:68:07:cf:60:ca:4a:46:
50:7f:3a:69:4a:aa:25:19:38:77:9f:23:46:08:d8:
77:8b:d0:85:78:04:f6:8c:27:68:42:5f:3f:36:6e:
42:64:77:11:a0:ad:02:8e:2a:0f:27:fe:c5:81:30:
1e:32:75:00:95:75:43:af:15:24:aa:4b:18:2f:c9:
0f:33:7a:57:72:85:1a:ca:43:57:90:2e:8d:b2:c3:
7c:77:d8:b0:c7:cb:99:9d:0c:45:47:34:46:97:92:
4e:15:c3:b8:82:48:b6:c2:e7:e8:52:65:bc:b3:44:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A7:CE:2D:50:99:7E:90:20:00:9A:75:85:71:2E:99:06:D3:41:74
X509v3 Authority Key Identifier:
keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:4e:14:94:11:c4:25:b6:93:c1:9d:3f:04:81:40:b4:10:ca:
61:ac:bc:9e:22:fc:ab:20:34:71:1d:c2:73:3c:6a:bb:91:93:
ea:d5:40:2f:f4:07:45:19:3a:6c:ec:69:11:37:ec:e0:ce:ec:
01:4f:cb:da:2b:f2:09:ec:87:3c:9a:56:4d:88:13:db:6b:0c:
9b:b9:39:87:52:44:4a:43:6e:2f:89:4e:a8:6b:60:28:c9:8c:
23:4c:84:de:f5:73:94:65:02:83:c9:c9:07:8d:ef:67:58:d2:
fa:bb:7d:b5:89:78:6b:4e:14:dd:da:ae:fd:f5:ec:44:c2:99:
e7:71:58:a7:cc:36:40:3f:a0:0a:ef:b6:91:70:3d:c3:4d:6b:
3e:4a:ef:bb:7f:cd:e6:7c:f7:9f:e5:e7:bc:79:2e:48:7f:87:
41:de:05:fd:bd:d0:e2:49:93:a9:28:cb:47:72:f3:78:46:df:
4e:74:3e:ed:01:90:df:86:be:d6:6f:86:78:c0:80:92:fd:be:
66:29:e3:6b:69:42:ca:0b:66:c3:f6:e7:43:7d:3e:1e:9e:e1:
7d:ac:64:45:3f:d2:7f:50:a3:0c:99:b3:71:7d:c7:00:c2:07:
ee:88:70:39:3c:7b:b4:81:67:8f:ad:34:32:68:6a:d4:82:ce:
51:0f:d7:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIBAV567AUDwA1UxOOsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjUxMTExMTAwMDU1WhcNMjUxMTEyMTAwMDU1WjAzMTEwLwYDVQQD
Eyg4NGE3Y2UyZDUwOTk3ZTkwMjAwMDlhNzU4NTcxMmU5OTA2ZDM0MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9dCqEODXlWWW9eHHczH6CzxwSGXV
rmEKh07wKnhNuJjKuRfdLsGxgeuW65FUTo0bMTWU4o/CW8pg8DEOh5OQGkae2Yn1
rrk1lJLFTDVF6uzjRGp+hqNvHNaIRyUHkcC3h264DAQakQ9LD10JqFousxrqxHKo
Bb6tQzWlAyIJ9D2hQfA5SreQfUf13EYdcWgHz2DKSkZQfzppSqolGTh3nyNGCNh3
i9CFeAT2jCdoQl8/Nm5CZHcRoK0CjioPJ/7FgTAeMnUAlXVDrxUkqksYL8kPM3pX
coUaykNXkC6NssN8d9iwx8uZnQxFRzRGl5JOFcO4gki2wufoUmW8s0S8MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISnzi1QmX6QIACadYVxLpkG00F0MB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATE4UlBHE
JbaTwZ0/BIFAtBDKYay8niL8qyA0cR3Cczxqu5GT6tVAL/QHRRk6bOxpETfs4M7s
AU/L2ivyCeyHPJpWTYgT22sMm7k5h1JESkNuL4lOqGtgKMmMI0yE3vVzlGUCg8nJ
B43vZ1jS+rt9tYl4a04U3dqu/fXsRMKZ53FYp8w2QD+gCu+2kXA9w01rPkrvu3/N
5nz3n+XnvHkuSH+HQd4F/b3Q4kmTqSjLR3LzeEbfTnQ+7QGQ34a+1m+GeMCAkv2+
Zinja2lCygtmw/bnQ30+Hp7hfaxkRT/Sf1CjDJmzcX3HAMIH7ohwOTx7tIFnj600
Mmhq1ILOUQ/XYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:01:39 2025 by rpki-client