Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: EHdalOhDrdBaF481pnG4DVYfLNHUbcjOZwm+qF9qpf8=
Subject key identifier: B7:AB:51:A6:9D:86:18:A0:6E:F9:BA:D1:07:09:CC:2E:44:07:9F:E6
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 019A2AB134492814707A88856962BFB1F107
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 168D
Signing time: Tue 28 Oct 2025 12:00:47 +0000
Manifest this update: Tue 28 Oct 2025 12:00:47 +0000
Manifest next update: Wed 29 Oct 2025 12:00:47 +0000
Files and hashes: 1: FXy87TSnS3zZKpD3cubdEzL9JTI.roa (hash: ev8YOzfcP94Okj6loLdeokLYKFfF9CSd4o8ZPprNj7U=)
2: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: HqeTXVMxmHcW1w80ouGeSLRCKFhASftI6XUEm3e1p6g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:b1:34:49:28:14:70:7a:88:85:69:62:bf:b1:f1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Oct 28 12:00:47 2025 GMT
Not After : Oct 29 12:00:47 2025 GMT
Subject: CN=b7ab51a69d8618a06ef9bad10709cc2e44079fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:62:c0:e7:0d:f0:f3:67:79:70:ee:aa:6c:
1b:bc:72:2a:d8:85:45:cf:85:32:0e:c4:96:38:9f:
63:cd:ea:65:04:e8:47:64:bd:95:36:74:d1:4a:6a:
8b:aa:e5:c8:f9:cf:31:a0:ad:51:3e:53:cf:6b:5f:
0e:7b:76:e8:52:5e:b0:17:5b:02:87:c7:f8:ce:e2:
21:f4:75:11:ea:9d:fc:e2:3c:9f:d4:49:a9:87:9b:
12:68:7c:22:ab:90:90:68:cf:3d:6e:64:82:45:16:
66:9b:b4:3e:b1:22:fc:a6:d6:72:8e:6a:90:93:39:
2b:3e:75:c2:8d:fb:97:ff:3d:9e:23:ee:d6:97:63:
ba:7d:82:f4:e2:af:4f:67:cf:31:7d:00:4f:7a:be:
99:fc:b8:f9:1d:22:76:a7:54:b0:d8:b4:b6:6d:51:
29:e7:56:4d:8d:e2:a1:cf:16:f0:65:00:52:4f:14:
6b:5e:5f:d4:26:fb:9d:08:18:ee:d6:a3:30:7a:6c:
d9:9f:d5:b4:95:68:17:7d:b3:f0:a9:ca:ed:2a:12:
16:cc:3d:47:3b:94:1b:a6:93:2c:3d:06:36:d9:9f:
7f:5e:5e:be:d6:9e:59:18:9c:61:88:3a:d2:3f:5d:
e8:55:f7:b1:05:24:59:90:47:6f:b3:4e:d4:7e:79:
e5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AB:51:A6:9D:86:18:A0:6E:F9:BA:D1:07:09:CC:2E:44:07:9F:E6
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:06:a4:06:f1:53:0f:9d:4a:4f:d1:32:70:75:4a:e5:7d:19:
f1:c0:7a:39:ab:cd:13:f2:83:d0:bf:24:7d:14:72:ea:43:cb:
c1:dd:b0:24:84:ff:3c:3d:91:60:69:14:6f:d8:95:8e:fc:e5:
c3:21:ab:9d:31:1e:46:0c:d5:96:56:dc:1a:44:a9:24:7e:59:
d3:3a:19:79:f4:2c:2d:42:12:68:9a:0b:fb:95:67:c1:fb:61:
16:d6:f1:7f:38:31:c6:39:fc:67:db:1c:f9:5f:62:56:81:34:
5f:7a:5e:b1:22:72:9e:2a:6b:76:aa:5e:f4:f9:b0:bb:27:6b:
10:12:d2:b7:f0:b2:7a:d2:dc:ba:81:79:1f:e1:75:7f:c6:2a:
ce:eb:72:01:31:d2:9a:96:2b:0d:95:7e:39:c1:e9:ce:d2:ab:
91:bd:07:cc:fb:b4:0a:39:d9:3b:91:04:c1:1a:be:81:ce:60:
b5:56:f4:7c:ef:47:b6:79:90:c8:b0:fe:ac:18:4e:97:42:33:
9f:2d:7e:d1:a2:95:2f:7c:f9:e1:80:41:7c:0e:86:29:ab:b3:
58:a0:4c:b6:ee:32:a8:0f:f4:a3:82:29:35:45:e7:e3:7b:fe:
31:e7:48:5b:df:d6:39:a8:f0:b8:64:c8:d6:42:2a:cd:81:72:
e4:cc:d0:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqsTRJKBRweoiFaWK/sfEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjUxMDI4MTIwMDQ3WhcNMjUxMDI5MTIwMDQ3WjAzMTEwLwYDVQQD
EyhiN2FiNTFhNjlkODYxOGEwNmVmOWJhZDEwNzA5Y2MyZTQ0MDc5ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc5iwOcN8PNneXDuqmwbvHIq2IVF
z4UyDsSWOJ9jzeplBOhHZL2VNnTRSmqLquXI+c8xoK1RPlPPa18Oe3boUl6wF1sC
h8f4zuIh9HUR6p384jyf1Emph5sSaHwiq5CQaM89bmSCRRZmm7Q+sSL8ptZyjmqQ
kzkrPnXCjfuX/z2eI+7Wl2O6fYL04q9PZ88xfQBPer6Z/Lj5HSJ2p1Sw2LS2bVEp
51ZNjeKhzxbwZQBSTxRrXl/UJvudCBju1qMwemzZn9W0lWgXfbPwqcrtKhIWzD1H
O5QbppMsPQY22Z9/Xl6+1p5ZGJxhiDrSP13oVfexBSRZkEdvs07UfnnltQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLerUaadhhigbvm60QcJzC5EB5/mMB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwakBvFT
D51KT9EycHVK5X0Z8cB6OavNE/KD0L8kfRRy6kPLwd2wJIT/PD2RYGkUb9iVjvzl
wyGrnTEeRgzVllbcGkSpJH5Z0zoZefQsLUISaJoL+5VnwfthFtbxfzgxxjn8Z9sc
+V9iVoE0X3pesSJyniprdqpe9PmwuydrEBLSt/CyetLcuoF5H+F1f8YqzutyATHS
mpYrDZV+OcHpztKrkb0HzPu0CjnZO5EEwRq+gc5gtVb0fO9HtnmQyLD+rBhOl0Iz
ny1+0aKVL3z54YBBfA6GKauzWKBMtu4yqA/0o4IpNUXn43v+MedIW9/WOajwuGTI
1kIqzYFy5MzQXw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 13:17:53 2025 by rpki-client