Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft
File: I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft (raw, json)
Hash identifier: ynp380xsVzs7TkCX7VmbOSgGUPckZsIbjhnXriBOTO0=
Subject key identifier: F3:3F:D6:71:51:9C:A9:3E:DD:47:EF:11:DF:16:51:C6:0D:EA:BA:59
Authority key identifier: 23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
Certificate issuer: /CN=235163d39db88816cddc597a5db5eae707d3de39
Certificate serial: 019A71B7826C2FC2BB9F9288D4060E7BCCD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft
Manifest number: 1725
Signing time: Tue 11 Nov 2025 07:00:43 +0000
Manifest this update: Tue 11 Nov 2025 07:00:43 +0000
Manifest next update: Wed 12 Nov 2025 07:00:43 +0000
Files and hashes: 1: 0w9FBc0vTYSPsjAWKJJCnffXw-k.roa (hash: jLDk0IcPs8Pb9A807RQu6H+l6FnV9GFyw8DjOzzYbaA=)
2: I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl (hash: xgkJsrfeo/Elua554bYsERYwyXOf4t4ldoLm4buLXqI=)
3: gKeAQqo6LHoqnf4Vl-8HYj5MieI.roa (hash: SOGNQLrBgWGkjZGYc/wKjLGsnvGnOrdebSHsTRsYQCw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:82:6c:2f:c2:bb:9f:92:88:d4:06:0e:7b:cc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=235163d39db88816cddc597a5db5eae707d3de39
Validity
Not Before: Nov 11 07:00:43 2025 GMT
Not After : Nov 12 07:00:43 2025 GMT
Subject: CN=f33fd671519ca93edd47ef11df1651c60deaba59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b6:a5:0e:49:68:05:8c:e8:94:0c:d9:0d:5a:
b5:8c:d8:2c:e9:c1:60:41:54:0e:5a:38:e9:22:41:
45:43:eb:00:5a:04:a3:54:41:c7:a6:ed:0b:22:58:
23:53:44:c5:c1:3f:e0:92:ae:f4:1a:03:a1:6b:b0:
40:0e:71:c7:ae:32:35:6d:15:7e:60:f5:e6:4e:f7:
f4:92:87:18:09:d5:1c:34:60:c1:e5:3c:6d:d6:9a:
65:d7:86:ed:95:1c:2f:ee:24:37:d1:32:9b:58:78:
7e:98:b1:0f:5b:5d:c4:16:27:23:0f:52:7c:20:5d:
b2:ba:ff:8c:63:7e:99:7d:de:b9:d3:38:71:65:b0:
ca:1f:b7:1b:e7:ac:b3:01:e2:7f:80:08:3a:84:13:
1d:85:b1:9c:f1:ec:40:4c:86:c0:4e:56:a4:0c:3b:
24:fe:a5:14:56:2c:f2:50:f5:66:f9:b2:22:55:ee:
e4:10:cc:3b:9f:e3:62:30:ef:5d:0b:ab:2a:bd:39:
4f:dd:b4:eb:f6:35:cd:a4:e6:da:ec:9c:57:fd:ac:
7c:dd:67:0a:73:c0:db:d1:4f:47:43:c7:44:48:40:
65:71:3e:48:de:c9:87:8f:b2:54:4b:35:77:ce:8d:
06:55:be:8e:ff:b7:70:7d:e3:49:96:6b:79:23:51:
a8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3F:D6:71:51:9C:A9:3E:DD:47:EF:11:DF:16:51:C6:0D:EA:BA:59
X509v3 Authority Key Identifier:
keyid:23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:43:65:de:e1:54:b5:18:9d:6c:7f:b5:03:3f:b0:ab:d9:24:
72:8c:0e:c7:b9:2d:1e:05:b5:39:b7:e6:84:ec:d9:fb:b5:7e:
2c:4d:7c:8d:99:0c:26:f9:fe:f3:4b:b1:d7:cf:81:a7:b0:1a:
39:19:6f:ac:56:96:51:c0:39:fd:69:e1:cc:18:eb:78:2c:80:
34:29:6b:9a:3c:87:c9:e0:fa:cd:f7:5e:2d:39:b3:dd:22:53:
31:14:86:58:0f:3a:4b:e9:29:b0:c4:c5:24:34:bd:91:dd:15:
2f:3a:b9:98:7b:7d:5f:3d:7b:94:ce:f0:60:49:fd:92:ad:04:
d9:11:e3:fc:fa:92:29:fb:fe:8a:5b:f6:a7:d1:be:5a:72:e8:
e3:be:17:29:fd:bc:2c:4d:3a:00:d3:d3:bc:4d:6f:95:08:b0:
ac:a6:f8:99:74:13:0e:22:73:82:5d:f3:d6:9c:ee:ed:46:c8:
7a:ec:4e:11:83:0e:5c:67:20:91:eb:99:76:18:8f:b8:3a:59:
cb:d5:79:94:2b:d2:41:f0:c7:43:a6:58:44:a9:33:6d:13:2a:
51:aa:a0:bb:02:a1:ef:81:ac:92:5f:39:df:cf:cd:1f:60:96:
89:55:7a:1f:53:76:89:ae:77:20:70:f5:a0:6b:86:e3:99:98:
af:0b:23:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4JsL8K7n5KI1AYOe8zXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTE2M2QzOWRiODg4MTZjZGRjNTk3YTVkYjVlYWU3MDdk
M2RlMzkwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
EyhmMzNmZDY3MTUxOWNhOTNlZGQ0N2VmMTFkZjE2NTFjNjBkZWFiYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6balDkloBYzolAzZDVq1jNgs6cFg
QVQOWjjpIkFFQ+sAWgSjVEHHpu0LIlgjU0TFwT/gkq70GgOha7BADnHHrjI1bRV+
YPXmTvf0kocYCdUcNGDB5Txt1ppl14btlRwv7iQ30TKbWHh+mLEPW13EFicjD1J8
IF2yuv+MY36Zfd650zhxZbDKH7cb56yzAeJ/gAg6hBMdhbGc8exATIbATlakDDsk
/qUUVizyUPVm+bIiVe7kEMw7n+NiMO9dC6sqvTlP3bTr9jXNpOba7JxX/ax83WcK
c8Db0U9HQ8dESEBlcT5I3smHj7JUSzV3zo0GVb6O/7dwfeNJlmt5I1Go5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPM/1nFRnKk+3UfvEd8WUcYN6rpZMB8GA1UdIwQY
MBaAFCNRY9OduIgWzdxZel216ucH0945MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgt
OTE1MDI5NmRhYTBhLzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgtOTE1MDI5NmRhYTBh
LzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARENl3uFU
tRidbH+1Az+wq9kkcowOx7ktHgW1ObfmhOzZ+7V+LE18jZkMJvn+80ux18+Bp7Aa
ORlvrFaWUcA5/WnhzBjreCyANClrmjyHyeD6zfdeLTmz3SJTMRSGWA86S+kpsMTF
JDS9kd0VLzq5mHt9Xz17lM7wYEn9kq0E2RHj/PqSKfv+ilv2p9G+WnLo474XKf28
LE06ANPTvE1vlQiwrKb4mXQTDiJzgl3z1pzu7UbIeuxOEYMOXGcgkeuZdhiPuDpZ
y9V5lCvSQfDHQ6ZYRKkzbRMqUaqguwKh74Gskl8538/NH2CWiVV6H1N2ia53IHD1
oGuG45mYrwsjNg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:46 2025 by rpki-client