Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
File: 1Iml3dMALoAJmbXBhn94Z4G68T0.mft (raw, json)
Hash identifier: 46bF9/CM9hIdmP2XhM/UyPAYmihcRqcTZ7UhAP46Yic=
Subject key identifier: 21:C1:59:D1:48:D3:63:61:54:53:7D:9B:2F:EB:B6:8A:D8:6F:B4:D1
Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d
Certificate serial: 019A2930AF7A7A24DD1E50B92BC364CE2A5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
Manifest number: 16FA
Signing time: Tue 28 Oct 2025 05:00:47 +0000
Manifest this update: Tue 28 Oct 2025 05:00:47 +0000
Manifest next update: Wed 29 Oct 2025 05:00:47 +0000
Files and hashes: 1: 1Iml3dMALoAJmbXBhn94Z4G68T0.crl (hash: GNef7Ic0sDfp4vFHyuGFd+EhsSWIjameQtuPdeggFPg=)
2: Oic624JnJmz9lkyUCkfkxynrzXU.roa (hash: reuQNdNLE9OYq59c7HheLuUPxQ+GdUmZR0j+FA5WU8M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:30:af:7a:7a:24:dd:1e:50:b9:2b:c3:64:ce:2a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d
Validity
Not Before: Oct 28 05:00:47 2025 GMT
Not After : Oct 29 05:00:47 2025 GMT
Subject: CN=21c159d148d3636154537d9b2febb68ad86fb4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:62:11:a0:72:92:f6:78:f7:69:df:1e:6b:
17:c8:a3:7d:49:37:6b:58:bc:f1:4a:16:c5:54:f3:
a6:be:88:40:ba:e5:e3:38:a9:d0:4a:a5:10:37:c1:
73:b2:18:31:40:27:49:9a:ae:8c:fe:92:a2:a0:46:
99:35:19:ef:ee:cd:88:86:05:28:b5:ee:82:67:1b:
24:27:3e:d6:d5:d5:7c:e0:50:ae:a7:3a:e1:ca:ef:
02:48:34:ff:18:78:86:62:f0:0c:37:cb:df:8c:ac:
aa:3a:87:f2:a9:61:a7:0f:c0:83:67:0a:70:ae:ce:
3d:a2:11:23:53:d1:7e:6a:2a:7e:59:00:79:89:f4:
b8:38:60:23:67:cc:6c:6c:7c:b0:f9:4a:5a:2a:4a:
85:49:89:5e:57:64:73:bf:17:1e:ac:c7:0e:f0:76:
cb:83:fc:02:93:b2:83:2a:2e:4a:ff:d3:b7:d3:9e:
57:e8:34:e4:81:3e:e1:e2:d1:ee:88:f7:c9:64:d8:
a4:1f:e4:c0:ba:53:fa:0b:6c:63:0c:6d:5b:04:8f:
dc:b0:4f:cf:94:68:b6:96:d1:71:60:84:fb:a8:42:
79:d4:f9:54:b1:1a:bb:97:d8:04:2b:03:8a:b0:4a:
50:9b:9c:83:e9:e1:d1:93:ac:b1:2c:5f:d5:a2:2c:
83:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C1:59:D1:48:D3:63:61:54:53:7D:9B:2F:EB:B6:8A:D8:6F:B4:D1
X509v3 Authority Key Identifier:
keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:10:d9:94:26:d1:7b:64:4b:cf:81:99:c7:24:72:11:80:73:
65:6b:d1:41:b3:02:09:8f:64:8a:14:dd:99:63:ef:7b:0a:62:
fe:87:98:4f:24:9e:21:1d:6b:16:b7:23:03:f5:4a:7f:ac:82:
da:4c:f5:f2:17:66:4c:ab:73:24:7c:1a:9f:f6:e1:8a:26:56:
d5:9d:97:7a:44:e6:b0:21:a1:c4:05:52:30:2c:ed:23:10:47:
26:b1:bb:a3:1d:d6:76:bc:65:95:53:0d:b0:17:0f:05:a7:28:
0b:57:54:c8:e0:6b:70:4e:f5:8d:3d:fc:b7:d9:68:cf:9a:50:
4e:14:af:fd:25:28:ff:c9:2c:dc:d2:d2:8d:df:d7:1c:05:ea:
2f:6f:95:2b:64:43:59:c7:85:8f:ea:8f:00:90:b6:45:ab:24:
56:a4:a0:cc:d3:ee:ae:69:e3:d3:e4:be:89:03:0a:ec:82:ae:
aa:bb:66:4d:32:c8:bf:0b:c6:5b:99:8a:79:13:8f:5b:c5:5a:
5d:4b:9f:1b:d2:80:49:80:6f:9d:1c:69:68:87:3a:14:ff:00:
cd:18:f6:53:21:45:20:cf:6b:d9:71:14:f1:fc:5c:22:d2:c4:
c3:4e:d6:44:4c:dc:5e:3c:38:27:f8:87:f7:c2:88:d1:23:77:
56:5b:b7:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopMK96eiTdHlC5K8NkzipfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi
YWYxM2QwHhcNMjUxMDI4MDUwMDQ3WhcNMjUxMDI5MDUwMDQ3WjAzMTEwLwYDVQQD
EygyMWMxNTlkMTQ4ZDM2MzYxNTQ1MzdkOWIyZmViYjY4YWQ4NmZiNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cJiEaBykvZ492nfHmsXyKN9STdr
WLzxShbFVPOmvohAuuXjOKnQSqUQN8FzshgxQCdJmq6M/pKioEaZNRnv7s2IhgUo
te6CZxskJz7W1dV84FCupzrhyu8CSDT/GHiGYvAMN8vfjKyqOofyqWGnD8CDZwpw
rs49ohEjU9F+aip+WQB5ifS4OGAjZ8xsbHyw+UpaKkqFSYleV2RzvxcerMcO8HbL
g/wCk7KDKi5K/9O3055X6DTkgT7h4tHuiPfJZNikH+TAulP6C2xjDG1bBI/csE/P
lGi2ltFxYIT7qEJ51PlUsRq7l9gEKwOKsEpQm5yD6eHRk6yxLF/VoiyDkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHBWdFI02NhVFN9my/rtorYb7TRMB8GA1UdIwQY
MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt
NTI1OWVlZGNhMDdjLzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj
LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxDZlCbR
e2RLz4GZxyRyEYBzZWvRQbMCCY9kihTdmWPvewpi/oeYTySeIR1rFrcjA/VKf6yC
2kz18hdmTKtzJHwan/bhiiZW1Z2XekTmsCGhxAVSMCztIxBHJrG7ox3WdrxllVMN
sBcPBacoC1dUyOBrcE71jT38t9loz5pQThSv/SUo/8ks3NLSjd/XHAXqL2+VK2RD
WceFj+qPAJC2RaskVqSgzNPurmnj0+S+iQMK7IKuqrtmTTLIvwvGW5mKeROPW8Va
XUufG9KASYBvnRxpaIc6FP8AzRj2UyFFIM9r2XEU8fxcItLEw07WREzcXjw4J/iH
98KI0SN3Vlu3bA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 11:51:09 2025 by rpki-client