Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier: W5eOrcnrGN0AQanc9U0YNyGcx+81XgUAYWgnBSsbDxg=
Subject key identifier: F5:C3:2E:AB:97:59:45:E4:BB:50:FD:60:90:1D:55:47:13:51:D1:3E
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial: 019A725CB54B5F8EA2788A9398FF761D6B3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number: 0E68
Signing time: Tue 11 Nov 2025 10:01:09 +0000
Manifest this update: Tue 11 Nov 2025 10:01:09 +0000
Manifest next update: Wed 12 Nov 2025 10:01:09 +0000
Files and hashes: 1: CDrnNbtJLaCL50xwnqrzUWhQ_9k.roa (hash: xkyChTjHPfmap3pEfIzmPahUIANDsQxEAOedvER2SvU=)
2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: EQrIozW6bSYxlpvE12a2/SGg4AIyi3mHUcuWWH1Bh78=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:b5:4b:5f:8e:a2:78:8a:93:98:ff:76:1d:6b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8801543812040477d4744229466c8537d45171
Validity
Not Before: Nov 11 10:01:09 2025 GMT
Not After : Nov 12 10:01:09 2025 GMT
Subject: CN=f5c32eab975945e4bb50fd60901d55471351d13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:d9:be:42:6f:8e:2c:62:06:53:b3:01:e6:
c7:93:6e:bd:00:c9:fd:db:6f:84:15:d0:88:25:be:
29:1c:9c:3b:12:ac:63:10:82:d3:67:85:ad:ef:52:
e6:f3:c1:6d:43:12:bb:f8:77:bc:36:55:1e:51:4d:
e6:58:26:14:aa:fd:bc:26:4b:20:03:41:5e:80:ad:
6d:6c:6e:76:86:85:03:fa:bd:1e:66:fd:ec:eb:bb:
9e:a8:ab:09:1b:a3:d9:40:12:89:9f:5f:74:b5:53:
44:8a:66:39:b0:9f:8a:f0:d3:1d:5e:83:d0:c6:f5:
fc:26:e7:fa:b6:c6:ad:db:2b:a1:91:c6:46:44:92:
d4:94:a6:85:7c:1a:87:19:6b:bf:c4:2d:76:b3:d2:
a4:da:32:60:a0:d5:ba:ef:0b:80:f3:de:15:9c:1f:
88:62:1c:ec:9c:13:f1:b5:fb:4a:b0:e4:7e:c6:e9:
67:58:76:ed:61:1f:06:18:86:6a:77:28:b0:22:85:
ca:c2:cf:5a:34:a1:55:80:b7:b3:42:98:94:13:ca:
66:85:92:2b:3a:3a:14:b0:5c:f6:db:56:fe:3b:a6:
7b:66:6d:c5:17:74:d0:91:4e:a6:24:6d:97:5a:74:
a0:69:f6:c2:c1:f2:d8:07:a2:12:e6:db:20:fb:d5:
5b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C3:2E:AB:97:59:45:E4:BB:50:FD:60:90:1D:55:47:13:51:D1:3E
X509v3 Authority Key Identifier:
keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:95:27:d8:0d:b7:1c:e8:e6:cf:9b:4c:6d:3b:39:62:b1:89:
a0:25:0e:c7:4c:ee:98:3d:f6:57:5e:bc:8f:a1:a7:1b:39:57:
26:40:54:fc:d0:83:19:90:e0:47:04:15:6f:31:6f:f5:c3:6b:
13:52:da:af:ab:8d:4d:41:31:46:65:65:77:d9:87:d5:22:4a:
3f:92:52:13:ba:4b:8a:44:50:66:b1:66:02:6a:35:c6:0e:03:
c1:1c:46:92:39:d4:70:dd:d4:f4:38:cf:02:cd:c2:0d:65:ae:
51:00:d6:df:cf:a3:9e:77:32:e7:26:bb:e6:8a:5a:f4:c9:be:
4c:59:de:04:b2:7c:e0:5f:72:c3:13:37:d0:90:2f:46:67:e2:
a7:1b:8c:36:b0:dc:27:6a:fc:d8:f5:c4:ec:57:60:6b:94:e4:
96:3e:2a:5f:40:32:e4:7e:b9:ef:a6:2f:83:85:38:fa:35:f1:
96:fd:f2:c2:df:35:bc:29:16:1f:81:36:00:65:18:02:74:b2:
67:e4:ff:21:25:4f:1b:3f:fd:45:0c:a2:2a:f3:c1:a1:51:fe:
ff:25:80:34:b1:28:b0:6c:c5:7f:b1:6b:ee:4d:db:9c:57:a6:
ce:40:98:5d:19:88:8b:aa:34:ff:cb:ab:7e:fd:3f:5d:bb:bf:
79:77:e1:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLVLX46ieIqTmP92HWs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjUxMTExMTAwMTA5WhcNMjUxMTEyMTAwMTA5WjAzMTEwLwYDVQQD
EyhmNWMzMmVhYjk3NTk0NWU0YmI1MGZkNjA5MDFkNTU0NzEzNTFkMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfPZvkJvjixiBlOzAebHk269AMn9
22+EFdCIJb4pHJw7EqxjEILTZ4Wt71Lm88FtQxK7+He8NlUeUU3mWCYUqv28Jksg
A0FegK1tbG52hoUD+r0eZv3s67ueqKsJG6PZQBKJn190tVNEimY5sJ+K8NMdXoPQ
xvX8Juf6tsat2yuhkcZGRJLUlKaFfBqHGWu/xC12s9Kk2jJgoNW67wuA894VnB+I
YhzsnBPxtftKsOR+xulnWHbtYR8GGIZqdyiwIoXKws9aNKFVgLezQpiUE8pmhZIr
OjoUsFz221b+O6Z7Zm3FF3TQkU6mJG2XWnSgafbCwfLYB6IS5tsg+9VbDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXDLquXWUXku1D9YJAdVUcTUdE+MB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpUn2A23
HOjmz5tMbTs5YrGJoCUOx0zumD32V168j6GnGzlXJkBU/NCDGZDgRwQVbzFv9cNr
E1Lar6uNTUExRmVld9mH1SJKP5JSE7pLikRQZrFmAmo1xg4DwRxGkjnUcN3U9DjP
As3CDWWuUQDW38+jnncy5ya75opa9Mm+TFneBLJ84F9ywxM30JAvRmfipxuMNrDc
J2r82PXE7Fdga5Tklj4qX0Ay5H6576Yvg4U4+jXxlv3ywt81vCkWH4E2AGUYAnSy
Z+T/ISVPGz/9RQyiKvPBoVH+/yWANLEosGzFf7Fr7k3bnFemzkCYXRmIi6o0/8ur
fv0/Xbu/eXfhkQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:52 2025 by rpki-client