Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.mft
File: I7GUMIfOaWI-drIUWzR5rCBLock.mft (raw, json)
Hash identifier: +oiMSmvjqbZugeLE/5Q1RjtbF+XLV8TZYrdxxwPLLKw=
Subject key identifier: 24:AE:DD:9F:12:0E:42:C6:21:92:24:36:3A:EE:E3:14:B6:68:68:A7
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Certificate issuer: /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial: 019A7112F83A6920EFDA3AC2069882259C5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.mft
Manifest number: 165D
Signing time: Tue 11 Nov 2025 04:00:59 +0000
Manifest this update: Tue 11 Nov 2025 04:00:59 +0000
Manifest next update: Wed 12 Nov 2025 04:00:59 +0000
Files and hashes: 1: I7GUMIfOaWI-drIUWzR5rCBLock.crl (hash: xcBpbo4smXGu/PbtVCydmRzYA52RzrTxNaKDc7CBpjE=)
2: IGzDnKyfU3XrsCi1kVIq3v9WjnM.roa (hash: BCjdpahib4P29wEhEZ+5HfDxKnWj0l2OSsP7lZ3IOHg=)
3: fngY7vAjtnIa6khyzBr6ohfARXc.roa (hash: 8j7K0AdGmWd/+RMVsdDrX0khITQq1MTMhTuPXkbPnqc=)
4: xgdlAL2WKr_Js4V_ZLjPaz6bev8.roa (hash: CfOyHBtQR8zjYYv9qA3Dd8n5he3YeIT+MsIzoT30dKc=)
5: z5Ucz1kkGg56QZyAblN2WefSoGM.roa (hash: 5hK/qHn0csimMvRktmqCqsq2To8mi7zen0Vo1KFJGyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.mft
rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:f8:3a:69:20:ef:da:3a:c2:06:98:82:25:9c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Validity
Not Before: Nov 11 04:00:59 2025 GMT
Not After : Nov 12 04:00:59 2025 GMT
Subject: CN=24aedd9f120e42c6219224363aeee314b66868a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:ef:14:4e:22:c8:ba:bb:83:00:df:48:e5:
a8:01:e6:07:34:f9:05:fa:9a:15:ce:20:11:90:bd:
f5:20:94:ba:22:97:b4:10:82:f2:f7:17:5b:ca:6a:
01:1a:2f:8e:66:6b:76:89:93:85:db:2d:e7:90:42:
30:5c:05:49:29:37:7e:d8:ad:c6:9d:61:3b:82:16:
27:b4:39:b7:e6:8e:8b:23:ef:54:27:ad:df:f6:01:
b8:f3:fd:3b:66:6f:0b:c5:7e:81:7d:fa:ff:84:43:
d6:62:9e:94:c9:59:9f:6e:26:dc:c8:1e:a4:d0:4d:
7d:34:fa:79:69:0d:1e:aa:de:63:48:c0:5c:62:3f:
67:2e:28:0e:93:79:88:92:71:e3:5b:7e:51:95:19:
2b:96:83:29:28:3e:dd:1d:22:71:56:5f:d1:76:38:
24:c1:09:c0:85:cf:37:ec:59:f6:7c:9b:ca:70:8e:
a1:e9:4a:ad:e0:56:93:fd:ef:ca:2b:50:10:d0:db:
82:11:3f:e3:01:17:25:cc:0f:43:f0:b9:1c:57:d9:
e5:a0:38:1d:8a:e0:e6:56:2b:c7:f9:f2:94:f8:fb:
5b:16:f5:72:ba:e0:96:db:3e:74:53:82:aa:26:96:
8d:00:ea:b9:16:92:34:a8:84:b3:cc:c0:4f:ea:1e:
de:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AE:DD:9F:12:0E:42:C6:21:92:24:36:3A:EE:E3:14:B6:68:68:A7
X509v3 Authority Key Identifier:
keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:9b:f1:d9:7f:a7:e4:08:5e:b0:ce:b2:24:69:15:c6:75:d8:
a0:04:84:0b:6f:4d:5c:06:3a:6a:b5:ec:49:e5:65:2f:8a:b2:
0c:2f:32:83:d8:e0:30:d7:79:34:75:bd:71:2c:a5:7f:e7:e1:
97:6c:fd:e2:70:e3:a8:d4:40:9f:dd:22:c0:c6:f5:10:3b:3a:
72:33:75:1b:06:90:36:5b:3c:31:58:3c:5c:d4:85:28:0a:0c:
00:40:c2:45:9f:89:d4:55:3d:95:2a:eb:4d:90:80:b5:b6:bc:
d7:b4:ba:9b:4f:de:d4:4d:7f:5d:93:96:e6:33:2a:9a:f0:cb:
80:9d:ed:0c:1c:34:61:80:7a:52:f1:15:f2:fd:21:71:bb:48:
46:83:3a:7c:8a:1c:05:62:6a:80:ed:42:89:ae:90:06:0f:c3:
2f:82:a7:bb:e6:db:93:bc:2f:51:b6:ed:5e:28:2c:48:a8:6e:
9a:df:1d:e0:3d:65:f1:21:e5:84:7c:67:02:bd:b2:3c:0a:c7:
b5:96:94:5e:75:5b:3e:ae:a0:b2:4f:0c:ac:59:a1:d9:67:df:
e4:52:2a:47:c0:dc:42:40:30:4e:40:83:1b:b1:91:19:6f:99:
62:39:3d:55:4b:b8:ac:49:1a:b4:97:08:f3:3f:bf:f1:2a:89:
21:de:51:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEvg6aSDv2jrCBpiCJZxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjE5NDMwODdjZTY5NjIzZTc2YjIxNDViMzQ3OWFjMjA0
YmExYzkwHhcNMjUxMTExMDQwMDU5WhcNMjUxMTEyMDQwMDU5WjAzMTEwLwYDVQQD
EygyNGFlZGQ5ZjEyMGU0MmM2MjE5MjI0MzYzYWVlZTMxNGI2Njg2OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz7vFE4iyLq7gwDfSOWoAeYHNPkF
+poVziARkL31IJS6Ipe0EILy9xdbymoBGi+OZmt2iZOF2y3nkEIwXAVJKTd+2K3G
nWE7ghYntDm35o6LI+9UJ63f9gG48/07Zm8LxX6Bffr/hEPWYp6UyVmfbibcyB6k
0E19NPp5aQ0eqt5jSMBcYj9nLigOk3mIknHjW35RlRkrloMpKD7dHSJxVl/Rdjgk
wQnAhc837Fn2fJvKcI6h6Uqt4FaT/e/KK1AQ0NuCET/jARclzA9D8LkcV9nloDgd
iuDmVivH+fKU+PtbFvVyuuCW2z50U4KqJpaNAOq5FpI0qISzzMBP6h7eXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSu3Z8SDkLGIZIkNjru4xS2aGinMB8GA1UdIwQY
MBaAFCOxlDCHzmliPnayFFs0eawgS6HJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTkt
Zjc0MmYzOTVhYWY5LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTktZjc0MmYzOTVhYWY5
LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5vx2X+n
5AhesM6yJGkVxnXYoASEC29NXAY6arXsSeVlL4qyDC8yg9jgMNd5NHW9cSylf+fh
l2z94nDjqNRAn90iwMb1EDs6cjN1GwaQNls8MVg8XNSFKAoMAEDCRZ+J1FU9lSrr
TZCAtba817S6m0/e1E1/XZOW5jMqmvDLgJ3tDBw0YYB6UvEV8v0hcbtIRoM6fIoc
BWJqgO1Cia6QBg/DL4Knu+bbk7wvUbbtXigsSKhumt8d4D1l8SHlhHxnAr2yPArH
tZaUXnVbPq6gsk8MrFmh2Wff5FIqR8DcQkAwTkCDG7GRGW+ZYjk9VUu4rEkatJcI
8z+/8SqJId5RAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:17 2025 by rpki-client