Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.mft
File: iKVZ3N1bxLZssklvLm-w6PlUqus.mft (raw, json)
Hash identifier: P+/9V4z2TzaNUNfcEXq7czMNFXfi+J8eOZ1xSGDYMXU=
Subject key identifier: 2F:90:44:6F:A7:7A:10:EF:D5:EE:D3:B6:B7:14:4A:25:61:03:B3:E6
Authority key identifier: 88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
Certificate issuer: /CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Certificate serial: 019A71EEAE6DBA6C60F1599BB09BA04A77F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.mft
Manifest number: 1087
Signing time: Tue 11 Nov 2025 08:00:58 +0000
Manifest this update: Tue 11 Nov 2025 08:00:58 +0000
Manifest next update: Wed 12 Nov 2025 08:00:58 +0000
Files and hashes: 1: iKVZ3N1bxLZssklvLm-w6PlUqus.crl (hash: T75o4iWmy9rLj7eRxKsIkosvmrLQyZ9AhwpnDcrJQvE=)
2: oGUzs3HriURmMyvP-1mM3ixvd88.roa (hash: U9dJ3cn9/4GeEgNWQhNTsFuWjpySklwjtb60dseGPO4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ae:6d:ba:6c:60:f1:59:9b:b0:9b:a0:4a:77:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Validity
Not Before: Nov 11 08:00:58 2025 GMT
Not After : Nov 12 08:00:58 2025 GMT
Subject: CN=2f90446fa77a10efd5eed3b6b7144a256103b3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2b:08:aa:ee:30:d4:b6:6d:28:3f:cb:2a:39:
ca:3a:a9:72:32:7d:43:29:da:c6:52:c0:5f:85:be:
51:ab:fd:90:40:f0:62:7f:bc:48:5f:8e:ea:31:89:
58:40:4d:96:08:2f:01:80:a5:4d:fc:fb:a3:ca:03:
ea:f4:57:91:e7:f2:78:af:98:a1:0d:25:73:0c:ac:
3b:70:ef:7d:d3:b3:53:cc:b6:ce:a1:78:6a:1f:a5:
e4:60:c1:70:bc:51:b8:db:69:dc:bf:39:9b:db:6a:
c8:0c:e3:7d:40:d7:83:4e:88:15:7f:c2:0b:30:30:
7e:c1:be:c0:3e:1d:a3:2e:ec:56:16:5a:39:e2:f8:
88:26:3e:4d:77:de:c8:af:86:82:da:74:62:1b:e2:
46:fc:be:f3:ef:bf:cb:7f:c3:f4:2a:c7:a0:3d:78:
d8:4b:03:e5:30:01:88:71:8e:bb:61:3b:18:1f:95:
1f:67:d7:c2:97:62:f5:cb:10:75:5f:08:9f:31:42:
af:5f:20:94:02:57:d0:a9:c8:cc:08:62:d3:d0:a8:
ed:a3:71:c8:48:9a:cb:f6:01:2e:57:4c:bb:aa:4c:
69:77:ce:37:fb:fa:32:68:77:23:e0:72:f2:4f:32:
23:17:75:92:d5:68:09:19:22:e2:7d:ed:9c:e4:fe:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:90:44:6F:A7:7A:10:EF:D5:EE:D3:B6:B7:14:4A:25:61:03:B3:E6
X509v3 Authority Key Identifier:
keyid:88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:80:09:80:b5:08:4d:51:4c:bf:74:d6:92:66:a9:e5:41:86:
b6:ee:34:bd:80:4d:28:30:06:7d:1e:93:5c:61:23:e5:2b:d2:
0e:5c:df:d5:ba:4b:63:55:4e:3c:57:cb:da:1e:12:0d:59:3e:
39:fb:0e:1c:88:32:f7:c8:ef:4f:f4:24:68:b2:b1:7d:2b:e6:
d1:2f:c7:14:69:5d:8a:33:49:e2:58:90:52:f1:80:03:26:22:
de:a5:aa:ad:a1:63:ec:5a:bd:14:50:66:eb:6e:47:d5:be:76:
73:d4:36:92:ec:e9:d5:b4:82:06:79:f8:1a:3c:80:68:89:0e:
24:a9:79:9b:ee:df:c9:c0:a2:e4:f7:27:ea:01:aa:e2:e1:6e:
21:2d:9c:4b:fe:1b:74:d9:8d:9f:bf:44:4f:8f:fd:20:51:45:
e4:9a:d0:dd:1c:08:55:38:3c:04:b2:54:57:8a:a6:e7:30:73:
54:4d:a7:80:97:31:22:85:b9:89:ae:65:0e:2a:6e:df:36:f5:
bb:39:0b:63:8c:50:65:f0:01:18:35:35:42:23:14:82:1c:0a:
ec:e2:4b:9b:4d:f5:4a:7f:6e:1d:b1:56:0f:a8:f7:9a:e6:98:
63:f4:d0:7f:0d:3e:02:e4:06:a9:75:b8:7e:10:53:e3:62:41:
92:3c:c5:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q5tumxg8VmbsJugSnfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTU1OWRjZGQ1YmM0YjY2Y2IyNDk2ZjJlNmZiMGU4Zjk1
NGFhZWIwHhcNMjUxMTExMDgwMDU4WhcNMjUxMTEyMDgwMDU4WjAzMTEwLwYDVQQD
EygyZjkwNDQ2ZmE3N2ExMGVmZDVlZWQzYjZiNzE0NGEyNTYxMDNiM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSsIqu4w1LZtKD/LKjnKOqlyMn1D
KdrGUsBfhb5Rq/2QQPBif7xIX47qMYlYQE2WCC8BgKVN/PujygPq9FeR5/J4r5ih
DSVzDKw7cO9907NTzLbOoXhqH6XkYMFwvFG422ncvzmb22rIDON9QNeDTogVf8IL
MDB+wb7APh2jLuxWFlo54viIJj5Nd97Ir4aC2nRiG+JG/L7z77/Lf8P0KsegPXjY
SwPlMAGIcY67YTsYH5UfZ9fCl2L1yxB1XwifMUKvXyCUAlfQqcjMCGLT0Kjto3HI
SJrL9gEuV0y7qkxpd843+/oyaHcj4HLyTzIjF3WS1WgJGSLife2c5P7WMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+QRG+nehDv1e7TtrcUSiVhA7PmMB8GA1UdIwQY
MBaAFIilWdzdW8S2bLJJby5vsOj5VKrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTct
OTIwZDJhNjIwN2E0LzEvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTctOTIwZDJhNjIwN2E0
LzEvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAroAJgLUI
TVFMv3TWkmap5UGGtu40vYBNKDAGfR6TXGEj5SvSDlzf1bpLY1VOPFfL2h4SDVk+
OfsOHIgy98jvT/QkaLKxfSvm0S/HFGldijNJ4liQUvGAAyYi3qWqraFj7Fq9FFBm
625H1b52c9Q2kuzp1bSCBnn4GjyAaIkOJKl5m+7fycCi5Pcn6gGq4uFuIS2cS/4b
dNmNn79ET4/9IFFF5JrQ3RwIVTg8BLJUV4qm5zBzVE2ngJcxIoW5ia5lDipu3zb1
uzkLY4xQZfABGDU1QiMUghwK7OJLm031Sn9uHbFWD6j3muaYY/TQfw0+AuQGqXW4
fhBT42JBkjzFoA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:41 2025 by rpki-client