Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier: r6/vTVHzSktuyWUSV/ZSdiOzWmxY8wvGaBTu1DBfMxA=
Subject key identifier: AA:0C:DC:F9:0C:CE:9E:CA:DF:9A:41:D2:EC:17:93:3B:EE:E1:6F:04
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial: 019A71B831C68EB594CFCB9415B9FB933ED1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number: 1117
Signing time: Tue 11 Nov 2025 07:01:27 +0000
Manifest this update: Tue 11 Nov 2025 07:01:27 +0000
Manifest next update: Wed 12 Nov 2025 07:01:27 +0000
Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: MdTr/fpIgglSa0O/4SSaKInQaHOdwndRS2XwZ71lUIk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:31:c6:8e:b5:94:cf:cb:94:15:b9:fb:93:3e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
Validity
Not Before: Nov 11 07:01:27 2025 GMT
Not After : Nov 12 07:01:27 2025 GMT
Subject: CN=aa0cdcf90cce9ecadf9a41d2ec17933beee16f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:43:7a:12:b5:4d:eb:5b:e4:77:e3:ab:06:f9:
e5:26:05:b8:8c:77:98:9e:18:52:74:36:a8:07:0c:
6f:23:97:50:10:90:7e:fc:fa:42:56:b8:0f:33:29:
7a:72:67:c4:23:47:22:26:cc:36:35:b5:93:ca:a4:
6f:1e:33:c0:ce:d6:3f:0a:33:48:cf:33:0d:d2:4d:
67:64:20:5c:1a:ef:03:c1:29:63:ef:bb:20:6b:f8:
2e:53:28:87:36:ca:35:66:8e:78:68:df:fe:ca:43:
40:c1:65:f3:26:0e:9a:ea:b0:28:80:5b:c1:48:94:
a1:27:5f:18:b7:46:fd:fb:37:ba:b7:58:ec:62:ed:
5c:56:77:17:20:71:39:22:cf:d5:94:8c:aa:38:a8:
df:d2:66:1a:59:af:a4:79:4c:d1:9f:54:aa:18:b5:
08:50:97:20:85:d7:38:59:19:91:0d:a9:f4:ea:4e:
49:63:d9:72:fb:ca:73:6a:98:46:38:4e:ff:54:c4:
d0:41:f1:ab:bd:3a:6d:2e:a8:61:fe:ab:fb:2d:b4:
0c:e9:7c:ba:09:ee:86:b2:b2:6b:3e:fa:7b:be:fd:
57:c3:70:43:d9:5c:51:52:05:62:a7:72:91:85:7f:
e1:d6:61:29:67:9e:38:1e:b2:fe:08:aa:0e:af:37:
f1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0C:DC:F9:0C:CE:9E:CA:DF:9A:41:D2:EC:17:93:3B:EE:E1:6F:04
X509v3 Authority Key Identifier:
keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:0e:3c:b6:e0:30:f6:f3:60:12:be:00:dc:ff:36:a5:df:1d:
32:0d:39:80:6d:8c:90:0e:5e:f8:75:9b:c9:01:69:3b:9a:af:
e0:2c:54:03:7a:c1:ee:c2:a0:6c:d7:2a:6a:5e:2e:0a:de:33:
62:48:22:a5:e9:e8:83:d9:a7:e2:72:bd:9e:73:f1:d9:ac:3a:
b0:73:b2:63:88:b0:b1:3b:6e:c0:f4:60:ad:e0:97:64:bc:56:
8e:18:1a:8c:e9:4b:02:2e:b0:e3:0b:05:3d:61:ea:a2:80:9e:
0a:ef:a1:fe:60:66:4b:ab:34:f1:9e:dd:98:4d:7f:c2:bb:02:
cb:d6:4f:cb:52:e7:ec:9e:20:18:08:f5:b5:e1:3b:ce:2d:05:
dc:4c:ec:98:1b:0e:18:01:f6:6d:cd:06:bb:f8:43:6b:53:7c:
2c:4d:cf:fc:20:ef:74:86:1c:40:76:4a:19:c9:dd:fa:27:91:
16:6e:09:8d:e2:fa:63:9d:b1:3a:eb:f6:98:7a:01:f0:ab:c5:
70:70:34:14:12:45:42:91:0c:3c:b8:a6:92:9b:c5:19:36:95:
42:7c:a4:6c:2b:7e:72:9b:b3:33:51:b7:82:4c:79:f2:20:61:
b2:bc:e6:a9:f2:d1:e8:29:50:20:90:b5:cf:b7:5e:69:ff:03:
b8:79:14:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDHGjrWUz8uUFbn7kz7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
EyhhYTBjZGNmOTBjY2U5ZWNhZGY5YTQxZDJlYzE3OTMzYmVlZTE2ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0N6ErVN61vkd+OrBvnlJgW4jHeY
nhhSdDaoBwxvI5dQEJB+/PpCVrgPMyl6cmfEI0ciJsw2NbWTyqRvHjPAztY/CjNI
zzMN0k1nZCBcGu8DwSlj77sga/guUyiHNso1Zo54aN/+ykNAwWXzJg6a6rAogFvB
SJShJ18Yt0b9+ze6t1jsYu1cVncXIHE5Is/VlIyqOKjf0mYaWa+keUzRn1SqGLUI
UJcghdc4WRmRDan06k5JY9ly+8pzaphGOE7/VMTQQfGrvTptLqhh/qv7LbQM6Xy6
Ce6GsrJrPvp7vv1Xw3BD2VxRUgVip3KRhX/h1mEpZ544HrL+CKoOrzfxvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoM3PkMzp7K35pB0uwXkzvu4W8EMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQ48tuAw
9vNgEr4A3P82pd8dMg05gG2MkA5e+HWbyQFpO5qv4CxUA3rB7sKgbNcqal4uCt4z
Ykgipenog9mn4nK9nnPx2aw6sHOyY4iwsTtuwPRgreCXZLxWjhgajOlLAi6w4wsF
PWHqooCeCu+h/mBmS6s08Z7dmE1/wrsCy9ZPy1Ln7J4gGAj1teE7zi0F3EzsmBsO
GAH2bc0Gu/hDa1N8LE3P/CDvdIYcQHZKGcnd+ieRFm4JjeL6Y52xOuv2mHoB8KvF
cHA0FBJFQpEMPLimkpvFGTaVQnykbCt+cpuzM1G3gkx58iBhsrzmqfLR6ClQIJC1
z7deaf8DuHkUSw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:21 2025 by rpki-client