Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
File: IMZhH8hUYvC8yscvPfTFNRvlEN4.mft (raw, json)
Hash identifier: R6FGMyhsr+7EKGb9G13KT+OmVUqe2YNL30fulxyejLk=
Subject key identifier: 91:09:B5:83:98:0E:6B:42:C5:6B:4B:8C:40:B4:BE:2D:B6:1E:5F:E7
Authority key identifier: 20:C6:61:1F:C8:54:62:F0:BC:CA:C7:2F:3D:F4:C5:35:1B:E5:10:DE
Certificate issuer: /CN=20c6611fc85462f0bccac72f3df4c5351be510de
Certificate serial: 019A72259404029C7E7990D05C45D69CC04C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
Manifest number: FF
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: IMZhH8hUYvC8yscvPfTFNRvlEN4.crl (hash: d1GkGr7GGb35EcoXG9qCDk5AOoP3mA5qB33232oBSLI=)
2: KGtn_CGJ9WQ0fMr4tUY-3i93MNg.roa (hash: 03IEtTQfIrx28kdxnAxm3chhufsP9RPQAiqL8u3FBkA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:94:04:02:9c:7e:79:90:d0:5c:45:d6:9c:c0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20c6611fc85462f0bccac72f3df4c5351be510de
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=9109b583980e6b42c56b4b8c40b4be2db61e5fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7d:34:9e:b5:91:83:7e:44:9a:3e:29:01:d8:
09:21:32:2d:06:2e:8e:b0:eb:45:af:36:6e:a9:6a:
12:fe:ae:58:1a:0d:ff:65:2a:8e:e8:58:e2:ec:b7:
c4:d0:1e:7b:cd:c2:75:3b:d7:38:db:2e:06:68:e3:
b3:2c:af:7e:c1:7a:96:f5:29:7a:76:8d:23:3e:1a:
9e:e8:50:93:89:1e:a8:bc:18:4b:55:d6:ad:11:f4:
73:ed:48:b2:d2:6f:55:75:f3:0c:9e:73:38:23:72:
f6:6b:ed:34:e5:df:f9:2b:94:47:f6:cc:e4:e3:61:
64:79:4b:f7:22:9e:ea:10:09:a6:2e:a9:92:76:e4:
0f:af:4b:96:08:6d:b5:43:c5:85:de:2c:4f:16:1c:
e3:1f:80:2f:d1:34:d7:08:9a:fc:8d:87:00:ad:13:
29:25:34:86:c1:55:4c:97:a1:d5:e7:72:4b:f2:6a:
77:f0:aa:02:39:81:ff:0a:7b:66:89:95:02:a5:82:
2e:b9:5d:9b:70:95:9c:ec:b1:80:ff:55:f2:7a:31:
89:80:d2:06:39:29:7c:1b:b2:b7:64:9b:e3:1b:1f:
2f:31:f0:68:86:54:5c:91:08:ea:a4:07:7e:05:f3:
10:ca:6c:e5:1e:c1:3e:a8:85:8f:bd:66:c1:56:c1:
6e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:09:B5:83:98:0E:6B:42:C5:6B:4B:8C:40:B4:BE:2D:B6:1E:5F:E7
X509v3 Authority Key Identifier:
keyid:20:C6:61:1F:C8:54:62:F0:BC:CA:C7:2F:3D:F4:C5:35:1B:E5:10:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:4b:b8:78:34:4f:a0:55:82:4f:29:a6:8d:d1:53:62:22:8d:
ea:fd:f5:ec:df:7e:b5:87:41:30:e4:a8:df:9c:3d:dc:b3:40:
2c:9b:6f:63:2a:62:6c:8d:02:40:a5:56:0c:a8:6f:e8:82:40:
d3:56:9a:e1:2f:29:c4:62:a6:87:2e:37:9f:6c:51:6a:a1:c9:
76:2e:d4:4d:30:7e:34:5d:b5:9b:08:4a:02:ea:24:80:12:2b:
16:a4:9f:7d:f1:0d:bb:bc:bb:91:b7:a0:2c:2b:6d:61:3b:f7:
c4:e2:80:40:cb:d9:52:a3:ab:98:bf:23:e6:23:42:20:5a:24:
d6:8f:a9:8c:5e:96:89:56:72:59:44:f3:19:e9:db:86:e1:d7:
d3:ff:57:af:04:2a:c6:59:f6:78:21:e2:96:74:5e:1f:d0:6c:
37:3f:57:3d:b6:18:8c:70:36:2b:a8:f0:ce:bb:c0:e3:a9:aa:
75:a0:c3:5b:6e:d2:84:43:6a:53:51:3a:27:bd:52:cb:3f:45:
d9:ff:e7:67:eb:ab:3c:bc:bd:5d:10:c9:f4:04:d6:eb:05:68:
7d:ec:35:05:39:c3:37:b9:92:1d:93:e7:04:48:ec:d6:57:29:
4f:3a:63:c0:9c:6d:81:2e:8a:ba:28:ec:ae:f3:93:7f:14:b4:
aa:d5:c3:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZQEApx+eZDQXEXWnMBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzY2MTFmYzg1NDYyZjBiY2NhYzcyZjNkZjRjNTM1MWJl
NTEwZGUwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
Eyg5MTA5YjU4Mzk4MGU2YjQyYzU2YjRiOGM0MGI0YmUyZGI2MWU1ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH00nrWRg35Emj4pAdgJITItBi6O
sOtFrzZuqWoS/q5YGg3/ZSqO6Fji7LfE0B57zcJ1O9c42y4GaOOzLK9+wXqW9Sl6
do0jPhqe6FCTiR6ovBhLVdatEfRz7Uiy0m9VdfMMnnM4I3L2a+005d/5K5RH9szk
42FkeUv3Ip7qEAmmLqmSduQPr0uWCG21Q8WF3ixPFhzjH4Av0TTXCJr8jYcArRMp
JTSGwVVMl6HV53JL8mp38KoCOYH/CntmiZUCpYIuuV2bcJWc7LGA/1XyejGJgNIG
OSl8G7K3ZJvjGx8vMfBohlRckQjqpAd+BfMQymzlHsE+qIWPvWbBVsFuJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEJtYOYDmtCxWtLjEC0vi22Hl/nMB8GA1UdIwQY
MBaAFCDGYR/IVGLwvMrHLz30xTUb5RDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zODQxZmUtZGM0OS00YjljLWFmOWQt
ZGFhMjNmZmI0Y2JmLzEvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zODQxZmUtZGM0OS00YjljLWFmOWQtZGFhMjNmZmI0Y2Jm
LzEvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiku4eDRP
oFWCTymmjdFTYiKN6v317N9+tYdBMOSo35w93LNALJtvYypibI0CQKVWDKhv6IJA
01aa4S8pxGKmhy43n2xRaqHJdi7UTTB+NF21mwhKAuokgBIrFqSfffENu7y7kbeg
LCttYTv3xOKAQMvZUqOrmL8j5iNCIFok1o+pjF6WiVZyWUTzGenbhuHX0/9XrwQq
xln2eCHilnReH9BsNz9XPbYYjHA2K6jwzrvA46mqdaDDW27ShENqU1E6J71Syz9F
2f/nZ+urPLy9XRDJ9ATW6wVofew1BTnDN7mSHZPnBEjs1lcpTzpjwJxtgS6Kuijs
rvOTfxS0qtXDNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:50 2025 by rpki-client