Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.mft
File: mnRIG4fez2ODfiaXRiyeRHANS90.mft (raw, json)
Hash identifier: lhdWqhornr65zCADs4RW2ZJWHculDQDfiVvkGRRY/qw=
Subject key identifier: 36:CB:03:65:27:9F:E6:CA:CC:AD:84:EC:B3:13:E4:9E:36:5C:4B:91
Authority key identifier: 9A:74:48:1B:87:DE:CF:63:83:7E:26:97:46:2C:9E:44:70:0D:4B:DD
Certificate issuer: /CN=9a74481b87decf63837e2697462c9e44700d4bdd
Certificate serial: 019A71B7C4A9DF99D20E13F50CB4BD774926
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnRIG4fez2ODfiaXRiyeRHANS90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.mft
Manifest number: 06D7
Signing time: Tue 11 Nov 2025 07:01:00 +0000
Manifest this update: Tue 11 Nov 2025 07:01:00 +0000
Manifest next update: Wed 12 Nov 2025 07:01:00 +0000
Files and hashes: 1: CK4siPWBYfHEvMudVxcsDQPxAR4.roa (hash: YhDnpIVqIiFTzSv32iL9GB9Nu0H7+HMcl1R+Eah/CyM=)
2: mnRIG4fez2ODfiaXRiyeRHANS90.crl (hash: ii38alC0FdrtheBXiSDkzuEC4l6pUsBCTbQBvNf+zNU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnRIG4fez2ODfiaXRiyeRHANS90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:c4:a9:df:99:d2:0e:13:f5:0c:b4:bd:77:49:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a74481b87decf63837e2697462c9e44700d4bdd
Validity
Not Before: Nov 11 07:01:00 2025 GMT
Not After : Nov 12 07:01:00 2025 GMT
Subject: CN=36cb0365279fe6caccad84ecb313e49e365c4b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cd:ac:a5:76:c4:1c:28:dc:3a:48:a3:3f:a5:
a9:fa:e0:62:34:fe:0b:39:18:ad:fe:34:d4:94:5d:
34:75:c9:40:30:14:b0:3f:96:4f:20:b2:52:8b:b0:
9a:e2:14:04:50:bf:16:6d:6b:ac:12:d9:3d:76:c3:
df:f0:f6:2e:db:70:0c:5b:b2:55:8c:c6:fa:b4:19:
27:30:ae:ff:f6:11:78:b6:73:02:d5:1b:3e:5b:7e:
af:96:91:79:13:d4:5b:41:b6:3b:a0:86:50:76:80:
87:6a:25:73:d8:f7:be:99:c4:57:4a:5a:fb:2e:52:
e2:e5:ce:6e:5c:77:cf:e1:56:5f:0d:b3:6a:3c:f1:
d1:3f:18:c7:3a:f3:8d:b4:6a:d1:7f:58:7b:97:89:
13:16:41:37:7e:54:30:09:d7:16:cd:ca:e1:7c:6f:
b7:dc:a5:dc:97:1c:6d:ea:a5:91:73:11:86:b7:d7:
f8:f4:b8:1d:c5:e0:6d:54:dd:d6:d7:92:96:b5:c6:
ae:ec:a8:3b:3a:de:21:19:c4:f4:6b:5d:4d:25:e7:
ca:90:f3:41:e7:46:e1:6b:58:b5:d1:22:75:2e:18:
50:49:11:d0:2c:e5:ab:a4:35:b2:3d:72:46:8c:5b:
d7:70:a3:f0:7f:c3:e0:90:d7:a0:a6:9d:d0:a8:ff:
54:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CB:03:65:27:9F:E6:CA:CC:AD:84:EC:B3:13:E4:9E:36:5C:4B:91
X509v3 Authority Key Identifier:
keyid:9A:74:48:1B:87:DE:CF:63:83:7E:26:97:46:2C:9E:44:70:0D:4B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnRIG4fez2ODfiaXRiyeRHANS90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/df79c1-b802-4419-8ec0-cf447009e349/1/mnRIG4fez2ODfiaXRiyeRHANS90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:e5:03:96:ca:fc:00:b7:c5:a9:b0:0c:d8:f2:3d:0a:76:0a:
19:bd:e9:1c:66:3e:d2:08:d1:a4:c7:9c:04:91:05:8d:8a:db:
48:8c:e5:20:e3:71:3c:98:00:07:73:29:94:9c:4d:79:74:44:
c6:2b:8d:5b:62:23:a6:27:d6:eb:3d:8b:13:58:c5:bd:81:d6:
5b:5a:ae:21:58:f5:e7:72:7c:86:95:c4:78:6e:5d:01:6d:90:
c2:0d:d4:11:47:8a:3e:1e:ff:6e:a2:d1:6c:6c:1c:49:a3:d0:
14:0d:8e:cf:c6:76:5a:b3:77:71:52:75:4b:35:3f:30:53:c6:
4f:4f:8e:d7:2c:46:16:c5:30:4c:1b:29:d0:99:93:e3:58:dc:
4a:a1:85:dc:71:55:5b:26:0e:4d:17:0c:0e:da:3e:af:c6:a9:
a8:20:a2:80:c9:ef:0e:97:94:76:23:f6:78:7b:a1:11:9d:9c:
48:38:06:73:ba:7c:17:82:0d:8c:2c:46:b0:e1:b2:8e:71:12:
08:35:02:1a:3a:c6:c9:ae:36:f7:88:a0:57:36:c6:3e:06:3c:
2a:b4:03:b8:08:8b:8d:5d:1c:11:bd:11:76:b5:02:c9:1f:fa:
b1:b7:f3:23:50:b4:76:75:23:d1:6c:23:c6:0c:fb:ad:16:af:
8a:82:27:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8Sp35nSDhP1DLS9d0kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzQ0ODFiODdkZWNmNjM4MzdlMjY5NzQ2MmM5ZTQ0NzAw
ZDRiZGQwHhcNMjUxMTExMDcwMTAwWhcNMjUxMTEyMDcwMTAwWjAzMTEwLwYDVQQD
EygzNmNiMDM2NTI3OWZlNmNhY2NhZDg0ZWNiMzEzZTQ5ZTM2NWM0YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc2spXbEHCjcOkijP6Wp+uBiNP4L
ORit/jTUlF00dclAMBSwP5ZPILJSi7Ca4hQEUL8WbWusEtk9dsPf8PYu23AMW7JV
jMb6tBknMK7/9hF4tnMC1Rs+W36vlpF5E9RbQbY7oIZQdoCHaiVz2Pe+mcRXSlr7
LlLi5c5uXHfP4VZfDbNqPPHRPxjHOvONtGrRf1h7l4kTFkE3flQwCdcWzcrhfG+3
3KXclxxt6qWRcxGGt9f49LgdxeBtVN3W15KWtcau7Kg7Ot4hGcT0a11NJefKkPNB
50bha1i10SJ1LhhQSRHQLOWrpDWyPXJGjFvXcKPwf8PgkNegpp3QqP9U0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbLA2Unn+bKzK2E7LMT5J42XEuRMB8GA1UdIwQY
MBaAFJp0SBuH3s9jg34ml0YsnkRwDUvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5SSUc0ZmV6Mk9EZmlhWFJpeWVSSEFOUzkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kZjc5YzEtYjgwMi00NDE5LThlYzAt
Y2Y0NDcwMDllMzQ5LzEvbW5SSUc0ZmV6Mk9EZmlhWFJpeWVSSEFOUzkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kZjc5YzEtYjgwMi00NDE5LThlYzAtY2Y0NDcwMDllMzQ5
LzEvbW5SSUc0ZmV6Mk9EZmlhWFJpeWVSSEFOUzkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuUDlsr8
ALfFqbAM2PI9CnYKGb3pHGY+0gjRpMecBJEFjYrbSIzlIONxPJgAB3MplJxNeXRE
xiuNW2IjpifW6z2LE1jFvYHWW1quIVj153J8hpXEeG5dAW2Qwg3UEUeKPh7/bqLR
bGwcSaPQFA2Oz8Z2WrN3cVJ1SzU/MFPGT0+O1yxGFsUwTBsp0JmT41jcSqGF3HFV
WyYOTRcMDto+r8apqCCigMnvDpeUdiP2eHuhEZ2cSDgGc7p8F4INjCxGsOGyjnES
CDUCGjrGya4294igVzbGPgY8KrQDuAiLjV0cEb0RdrUCyR/6sbfzI1C0dnUj0Wwj
xgz7rRavioIngw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:01 2025 by rpki-client