Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: xGnZuajzOfOFGCHOdP0iR6nj+L7WMeELBySAN1Ywo7Y=
Subject key identifier: 88:71:E2:8E:8E:B6:29:CD:E4:AB:36:83:8F:48:10:DA:90:0D:43:EB
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019A73A6F80C0685CB734E64FD0316A382BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 02C3
Signing time: Tue 11 Nov 2025 16:01:53 +0000
Manifest this update: Tue 11 Nov 2025 16:01:53 +0000
Manifest next update: Wed 12 Nov 2025 16:01:53 +0000
Files and hashes: 1: 9WCM-NfBtEzVC0bLgcXxGw_dKs0.roa (hash: +AotBLTXOYZ2qqQz68W39gfX7TdnqXgGz673AR3fS9c=)
2: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: b3+XDYWcl+dM8yurviM+oCQjWm/W5Plnn06c9S7kkLA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:a6:f8:0c:06:85:cb:73:4e:64:fd:03:16:a3:82:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Nov 11 16:01:53 2025 GMT
Not After : Nov 12 16:01:53 2025 GMT
Subject: CN=8871e28e8eb629cde4ab36838f4810da900d43eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:64:7a:11:16:bc:89:65:c9:4d:0b:1e:52:5f:
b3:51:4b:20:8d:53:f5:fc:28:6f:7b:7a:7a:56:29:
a7:da:2e:c9:b6:be:a1:92:07:2c:16:fa:f2:f7:b4:
58:3a:39:97:48:90:72:68:98:d3:f1:2f:e2:e1:6f:
03:dc:62:f9:13:8e:87:d6:92:50:57:d1:a6:a8:82:
c9:5c:24:ae:8f:8f:28:b0:9a:66:65:df:48:d9:ce:
f8:ff:36:06:a0:6b:3f:ab:9b:fb:eb:66:e0:2c:2b:
50:34:de:01:13:55:e4:e9:d6:69:15:b3:ee:ec:5b:
34:37:33:35:ef:f3:93:e9:09:7f:3f:9b:90:ed:92:
41:41:1b:d1:ea:c8:b4:d6:89:36:d4:c6:26:12:ec:
bf:d1:97:a2:46:e6:6f:3f:cc:05:b8:d7:2d:24:bd:
22:5f:76:40:aa:60:72:34:e3:13:cc:df:8c:d5:a1:
9a:f3:77:4b:ab:dc:9e:cc:43:49:a8:b0:74:67:bf:
69:7c:13:a9:e4:00:42:93:a7:bd:3d:de:d8:37:ee:
f8:3e:cc:31:de:b6:5f:b0:03:64:4e:22:46:81:4a:
3c:38:7d:74:0f:6d:f9:fa:e6:28:86:36:2b:d4:b4:
79:0d:6e:90:85:fd:a7:84:01:52:6d:62:ba:f5:14:
d9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:71:E2:8E:8E:B6:29:CD:E4:AB:36:83:8F:48:10:DA:90:0D:43:EB
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:b9:a7:41:f5:9d:75:ab:31:a5:59:92:5b:eb:12:6d:3a:4d:
f6:14:80:d6:0d:42:07:66:6d:64:53:a3:7e:45:d0:88:b4:e6:
b7:89:26:b2:31:38:5a:ba:d1:26:ac:42:8b:39:4a:fd:f4:58:
ae:e5:f9:f2:ed:8e:20:52:76:ca:74:a8:6d:2d:f5:d9:a9:84:
80:d8:24:5f:8a:86:24:de:e2:81:17:86:5c:e8:ec:82:54:42:
c7:a6:e4:99:c3:36:d4:90:11:53:3a:1a:60:dd:6a:05:df:3d:
dd:c7:08:c5:9e:2f:2c:8d:07:69:04:2f:34:bd:1b:d4:83:d3:
6d:f0:a6:7c:bd:d9:5a:87:0a:19:90:74:96:67:84:c5:5b:be:
f0:52:20:b7:8e:19:d6:7d:56:4e:a9:d9:ed:ac:e7:f7:43:ce:
9e:57:95:2b:d4:18:fb:e5:10:f4:fc:9b:28:a0:43:ae:ce:3e:
63:fe:60:7b:8e:25:39:11:72:1a:c4:57:9d:ee:da:bf:6b:dc:
95:c2:bc:ec:98:98:c6:ca:87:6b:be:8b:68:0e:df:05:16:4f:
bc:0d:b3:29:5a:54:85:64:9c:ed:72:d7:08:10:5f:e2:c5:bc:
3a:68:13:08:8f:ea:c4:40:66:2a:a9:d2:fc:87:52:bd:41:05:
2f:26:d2:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpvgMBoXLc05k/QMWo4K+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjUxMTExMTYwMTUzWhcNMjUxMTEyMTYwMTUzWjAzMTEwLwYDVQQD
Eyg4ODcxZTI4ZThlYjYyOWNkZTRhYjM2ODM4ZjQ4MTBkYTkwMGQ0M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmR6ERa8iWXJTQseUl+zUUsgjVP1
/Chve3p6Vimn2i7Jtr6hkgcsFvry97RYOjmXSJByaJjT8S/i4W8D3GL5E46H1pJQ
V9GmqILJXCSuj48osJpmZd9I2c74/zYGoGs/q5v762bgLCtQNN4BE1Xk6dZpFbPu
7Fs0NzM17/OT6Ql/P5uQ7ZJBQRvR6si01ok21MYmEuy/0ZeiRuZvP8wFuNctJL0i
X3ZAqmByNOMTzN+M1aGa83dLq9yezENJqLB0Z79pfBOp5ABCk6e9Pd7YN+74Pswx
3rZfsANkTiJGgUo8OH10D235+uYohjYr1LR5DW6Qhf2nhAFSbWK69RTZawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhx4o6OtinN5Ks2g49IENqQDUPrMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLmnQfWd
dasxpVmSW+sSbTpN9hSA1g1CB2ZtZFOjfkXQiLTmt4kmsjE4WrrRJqxCizlK/fRY
ruX58u2OIFJ2ynSobS312amEgNgkX4qGJN7igReGXOjsglRCx6bkmcM21JARUzoa
YN1qBd893ccIxZ4vLI0HaQQvNL0b1IPTbfCmfL3ZWocKGZB0lmeExVu+8FIgt44Z
1n1WTqnZ7azn90POnleVK9QY++UQ9PybKKBDrs4+Y/5ge44lORFyGsRXne7av2vc
lcK87JiYxsqHa76LaA7fBRZPvA2zKVpUhWSc7XLXCBBf4sW8OmgTCI/qxEBmKqnS
/IdSvUEFLybSgg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:13:09 2025 by rpki-client