Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.mft
File: IOagEH1ompNwtiKVGkSWRsw4tZA.mft (raw, json)
Hash identifier: qMvhrZpooYio2u4Zx+gOFHOeAiSyOScx1imj3bts4CY=
Subject key identifier: 82:3A:28:94:0A:80:43:86:79:D0:29:97:7A:DD:1F:8E:82:69:44:00
Authority key identifier: 20:E6:A0:10:7D:68:9A:93:70:B6:22:95:1A:44:96:46:CC:38:B5:90
Certificate issuer: /CN=20e6a0107d689a9370b622951a449646cc38b590
Certificate serial: 019A71B8C62FB3EFEE8A488F10BAC585CB18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOagEH1ompNwtiKVGkSWRsw4tZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.mft
Manifest number: 129F
Signing time: Tue 11 Nov 2025 07:02:06 +0000
Manifest this update: Tue 11 Nov 2025 07:02:06 +0000
Manifest next update: Wed 12 Nov 2025 07:02:06 +0000
Files and hashes: 1: IOagEH1ompNwtiKVGkSWRsw4tZA.crl (hash: E5A/y8IpgvsdTm5V1PkDUyR9pR0s9ViYoHJc9bay/WU=)
2: g2AkX7o9HPLfXDUc9lLxF0hd7Tw.roa (hash: GtbK3C6ImbkCxUfm64Bkm+DP0kf7OaLjUPRMxP6pI/0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOagEH1ompNwtiKVGkSWRsw4tZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:c6:2f:b3:ef:ee:8a:48:8f:10:ba:c5:85:cb:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e6a0107d689a9370b622951a449646cc38b590
Validity
Not Before: Nov 11 07:02:06 2025 GMT
Not After : Nov 12 07:02:06 2025 GMT
Subject: CN=823a28940a80438679d029977add1f8e82694400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:af:3d:29:e2:1f:0c:22:6e:f9:a3:ca:fc:8b:
7f:9b:89:73:1b:46:55:fa:34:cd:ad:40:01:53:2d:
43:90:a5:68:e0:9a:69:7e:92:5c:a9:05:ff:c1:5b:
24:24:03:fc:92:fe:79:14:83:1b:4b:89:b0:52:b8:
08:8a:3d:dd:90:0b:49:33:4e:6a:a1:ff:45:3f:81:
66:27:20:52:68:3e:4a:5d:c7:a3:6b:57:69:86:fa:
2c:b9:cd:1d:63:ea:ee:90:b3:11:3e:88:f7:0b:3a:
2f:6f:6e:af:2e:f4:7c:97:d9:14:1f:bb:52:ee:90:
88:5f:e7:84:e3:94:53:c1:a4:f1:f4:f2:d4:02:5f:
4d:d9:0c:ea:8d:54:16:ba:a2:4e:ac:6e:66:fe:00:
26:45:3c:66:d3:38:9d:e8:ed:2c:63:fc:b9:0d:c4:
4a:cf:1a:f5:96:cc:21:1c:dd:fa:16:b8:58:1d:fe:
26:be:6e:83:f9:27:88:5a:fe:ac:40:f3:06:7a:07:
67:3c:d3:56:65:9c:57:44:54:9d:91:75:39:60:57:
2a:3c:85:a7:49:99:71:7d:1d:0b:e5:ad:2a:1d:e1:
de:42:c6:92:43:e6:73:8b:8a:ce:b8:16:cf:03:cd:
25:8d:94:4d:bc:07:45:38:9b:20:c3:58:c1:22:ed:
91:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3A:28:94:0A:80:43:86:79:D0:29:97:7A:DD:1F:8E:82:69:44:00
X509v3 Authority Key Identifier:
keyid:20:E6:A0:10:7D:68:9A:93:70:B6:22:95:1A:44:96:46:CC:38:B5:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOagEH1ompNwtiKVGkSWRsw4tZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e84e8f-8bb2-4054-b495-125eedf8d9f1/1/IOagEH1ompNwtiKVGkSWRsw4tZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:52:db:77:61:99:17:61:f0:0d:7b:d5:a8:f0:12:25:f6:6c:
e2:58:a9:cd:84:c4:30:fe:32:88:67:7a:86:63:6d:b2:c3:97:
68:f6:d5:e6:3a:3c:51:9b:25:42:a0:90:ce:fa:fe:e5:f4:17:
4f:5b:3e:f1:9f:e8:d0:32:bf:ad:b2:35:4a:7d:77:23:9d:5b:
f8:dc:ca:ce:ab:68:01:e6:c2:2c:6c:dc:12:72:50:31:e8:c0:
aa:c6:e5:b2:a0:a4:67:54:af:46:90:df:40:04:35:9d:17:ad:
d3:f4:45:17:24:a9:ce:72:88:63:6a:f1:69:41:10:8b:78:60:
c2:84:55:cb:99:df:28:d5:a1:0f:b5:f8:cd:69:e0:28:45:42:
eb:4c:9c:1e:2c:c0:14:62:ef:8a:29:44:2a:b2:d1:98:3c:6e:
56:24:64:3f:f7:82:7b:f3:2b:03:2a:2e:17:d9:ae:89:96:de:
14:f1:5a:db:37:11:11:18:aa:cd:35:dd:41:fb:30:ac:bb:ac:
75:50:7b:9a:87:92:44:02:39:f0:27:45:01:a7:8c:f1:93:39:
3a:0b:40:1f:e1:41:df:03:68:18:1c:40:2c:9d:3f:71:d7:7a:
63:79:22:aa:06:20:9a:f7:da:84:0c:08:cf:fc:5b:df:17:c2:
48:e1:93:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMYvs+/uikiPELrFhcsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTZhMDEwN2Q2ODlhOTM3MGI2MjI5NTFhNDQ5NjQ2Y2Mz
OGI1OTAwHhcNMjUxMTExMDcwMjA2WhcNMjUxMTEyMDcwMjA2WjAzMTEwLwYDVQQD
Eyg4MjNhMjg5NDBhODA0Mzg2NzlkMDI5OTc3YWRkMWY4ZTgyNjk0NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla89KeIfDCJu+aPK/It/m4lzG0ZV
+jTNrUABUy1DkKVo4JppfpJcqQX/wVskJAP8kv55FIMbS4mwUrgIij3dkAtJM05q
of9FP4FmJyBSaD5KXceja1dphvosuc0dY+rukLMRPoj3Czovb26vLvR8l9kUH7tS
7pCIX+eE45RTwaTx9PLUAl9N2QzqjVQWuqJOrG5m/gAmRTxm0zid6O0sY/y5DcRK
zxr1lswhHN36FrhYHf4mvm6D+SeIWv6sQPMGegdnPNNWZZxXRFSdkXU5YFcqPIWn
SZlxfR0L5a0qHeHeQsaSQ+Zzi4rOuBbPA80ljZRNvAdFOJsgw1jBIu2RuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFII6KJQKgEOGedApl3rdH46CaUQAMB8GA1UdIwQY
MBaAFCDmoBB9aJqTcLYilRpElkbMOLWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9hZ0VIMW9tcE53dGlLVkdrU1dSc3c0dFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lODRlOGYtOGJiMi00MDU0LWI0OTUt
MTI1ZWVkZjhkOWYxLzEvSU9hZ0VIMW9tcE53dGlLVkdrU1dSc3c0dFpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lODRlOGYtOGJiMi00MDU0LWI0OTUtMTI1ZWVkZjhkOWYx
LzEvSU9hZ0VIMW9tcE53dGlLVkdrU1dSc3c0dFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1Lbd2GZ
F2HwDXvVqPASJfZs4lipzYTEMP4yiGd6hmNtssOXaPbV5jo8UZslQqCQzvr+5fQX
T1s+8Z/o0DK/rbI1Sn13I51b+NzKzqtoAebCLGzcEnJQMejAqsblsqCkZ1SvRpDf
QAQ1nRet0/RFFySpznKIY2rxaUEQi3hgwoRVy5nfKNWhD7X4zWngKEVC60ycHizA
FGLviilEKrLRmDxuViRkP/eCe/MrAyouF9muiZbeFPFa2zcRERiqzTXdQfswrLus
dVB7moeSRAI58CdFAaeM8ZM5OgtAH+FB3wNoGBxALJ0/cdd6Y3kiqgYgmvfahAwI
z/xb3xfCSOGTvg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:51:38 2025 by rpki-client