Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft
File: I8Aq9PWPETIK8xlpRuH86dBQyQY.mft (raw, json)
Hash identifier: KGEYJa9HWEvZ+yLBLitgztiqnQQqe2QQqDX3p/gM9EU=
Subject key identifier: 67:92:3D:A0:84:DA:6D:61:4A:00:73:FC:7A:03:EB:D9:E5:B1:0B:BB
Authority key identifier: 23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06
Certificate issuer: /CN=23c02af4f58f11320af3196946e1fce9d050c906
Certificate serial: 019A3233C210FBED4FE45AE0B94078D4B4B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft
Manifest number: 16FB
Signing time: Wed 29 Oct 2025 23:00:43 +0000
Manifest this update: Wed 29 Oct 2025 23:00:43 +0000
Manifest next update: Thu 30 Oct 2025 23:00:43 +0000
Files and hashes: 1: I8Aq9PWPETIK8xlpRuH86dBQyQY.crl (hash: QffIsckZalv1QJpd3CnIx7Y2OHD9cNAMLjc6Gky863w=)
2: L1nx6g959I4u5e_n7rqsUK0vG74.roa (hash: X8LU286M1DCtu5IfhCO2jJJ+1Cy+WsVLYYIMMfE/G4I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 17:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:32:33:c2:10:fb:ed:4f:e4:5a:e0:b9:40:78:d4:b4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23c02af4f58f11320af3196946e1fce9d050c906
Validity
Not Before: Oct 29 23:00:43 2025 GMT
Not After : Oct 30 23:00:43 2025 GMT
Subject: CN=67923da084da6d614a0073fc7a03ebd9e5b10bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:9a:1c:77:a3:e5:89:2b:75:e3:e9:73:88:
d8:c4:ad:95:fc:35:90:dc:cc:4e:11:a9:fa:ba:be:
a8:69:e5:b6:d8:df:b0:7e:ec:cd:ec:15:08:b9:0e:
9a:60:7f:f2:06:aa:ed:db:62:5f:3f:98:22:c9:c2:
16:b6:d1:44:6c:48:28:16:d5:13:dc:2c:40:4d:68:
cd:a3:4a:95:77:16:83:0d:c4:0b:e0:b8:2c:38:e6:
85:d0:d8:54:43:33:ad:74:8c:5b:73:20:79:68:ff:
5b:bd:a6:b5:e1:23:db:6c:0f:3b:f5:23:2c:ab:67:
1e:83:c9:2b:e9:f8:ac:ad:d8:c7:c0:4e:3b:25:c2:
f6:11:89:6c:8b:8b:6a:5d:3c:a3:04:ad:61:f8:6d:
cc:a6:9d:40:46:ef:5f:cc:43:85:17:72:fd:b0:2e:
f4:e0:a5:2b:a3:58:49:b3:29:41:3a:96:c2:31:db:
44:97:03:18:6a:2d:c1:85:51:02:ae:5a:fb:63:1c:
5b:06:6c:0d:ed:c0:85:d6:d8:64:17:5d:dd:f9:20:
78:b4:8e:57:15:48:e8:c4:8f:42:10:af:fb:03:53:
af:f0:86:34:bd:3a:aa:48:36:fa:c6:d1:c6:c8:80:
bd:b0:27:bc:86:66:87:87:a3:f2:15:d2:6b:ae:f9:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:92:3D:A0:84:DA:6D:61:4A:00:73:FC:7A:03:EB:D9:E5:B1:0B:BB
X509v3 Authority Key Identifier:
keyid:23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:99:23:44:05:da:42:7a:8d:9e:a8:04:dd:af:fd:18:e6:90:
e5:93:40:72:63:89:31:6d:8e:1d:14:72:f4:0b:6d:52:06:f1:
33:13:33:e8:f5:4d:e4:a3:89:b6:c4:6d:76:20:81:bd:74:10:
86:54:02:b1:e0:97:fa:88:22:9b:cc:3c:d4:89:5f:71:00:a4:
ec:73:de:c7:ec:e2:e1:52:48:2d:bd:ce:7f:9b:5c:43:b1:96:
7d:a2:c4:a0:49:f4:7d:c6:a0:91:a0:ec:ef:b2:64:a8:b4:3d:
ad:b1:5a:56:f8:43:36:51:a5:59:12:73:1e:f5:0e:d5:46:0a:
a8:a5:f0:f6:79:e6:54:50:66:bb:d8:89:24:87:49:7f:2c:c1:
cb:c6:19:bb:e1:91:33:23:29:72:f5:5d:48:46:e7:0c:11:68:
3a:76:eb:67:39:4a:8f:a0:63:23:11:2b:22:98:eb:56:3b:5d:
81:44:ac:af:ec:b5:80:53:66:be:89:0d:21:e5:24:99:08:57:
19:e8:79:86:8a:a1:22:c8:0e:ca:b0:45:4c:2f:06:60:31:69:
08:d7:74:f2:ea:69:d9:cd:21:7a:a6:f5:c4:78:a5:f9:c3:55:
bc:62:49:68:45:68:9c:98:bd:de:cd:4e:77:7b:8e:78:59:fb:
b0:1a:49:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoyM8IQ++1P5FrguUB41LSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYzAyYWY0ZjU4ZjExMzIwYWYzMTk2OTQ2ZTFmY2U5ZDA1
MGM5MDYwHhcNMjUxMDI5MjMwMDQzWhcNMjUxMDMwMjMwMDQzWjAzMTEwLwYDVQQD
Eyg2NzkyM2RhMDg0ZGE2ZDYxNGEwMDczZmM3YTAzZWJkOWU1YjEwYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTWaHHej5YkrdePpc4jYxK2V/DWQ
3MxOEan6ur6oaeW22N+wfuzN7BUIuQ6aYH/yBqrt22JfP5giycIWttFEbEgoFtUT
3CxATWjNo0qVdxaDDcQL4LgsOOaF0NhUQzOtdIxbcyB5aP9bvaa14SPbbA879SMs
q2ceg8kr6fisrdjHwE47JcL2EYlsi4tqXTyjBK1h+G3Mpp1ARu9fzEOFF3L9sC70
4KUro1hJsylBOpbCMdtElwMYai3BhVECrlr7YxxbBmwN7cCF1thkF13d+SB4tI5X
FUjoxI9CEK/7A1Ov8IY0vTqqSDb6xtHGyIC9sCe8hmaHh6PyFdJrrvnyowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeSPaCE2m1hSgBz/HoD69nlsQu7MB8GA1UdIwQY
MBaAFCPAKvT1jxEyCvMZaUbh/OnQUMkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQt
NjJjYjhhY2E5NjE4LzEvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQtNjJjYjhhY2E5NjE4
LzEvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABpkjRAXa
QnqNnqgE3a/9GOaQ5ZNAcmOJMW2OHRRy9AttUgbxMxMz6PVN5KOJtsRtdiCBvXQQ
hlQCseCX+ogim8w81IlfcQCk7HPex+zi4VJILb3Of5tcQ7GWfaLEoEn0fcagkaDs
77JkqLQ9rbFaVvhDNlGlWRJzHvUO1UYKqKXw9nnmVFBmu9iJJIdJfyzBy8YZu+GR
MyMpcvVdSEbnDBFoOnbrZzlKj6BjIxErIpjrVjtdgUSsr+y1gFNmvokNIeUkmQhX
Geh5hoqhIsgOyrBFTC8GYDFpCNd08upp2c0heqb1xHil+cNVvGJJaEVonJi93s1O
d3uOeFn7sBpJ5w==
-----END CERTIFICATE-----
Generated at Thu Oct 30 02:03:09 2025 by rpki-client