Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json)
Hash identifier: LB1DB02LOlzNVPcS0e/WbaPGQi+FQ7HV8ZaY3SqZH7E=
Subject key identifier: 2F:4F:04:D6:63:90:BC:6B:21:08:6C:B7:7C:AC:33:04:08:95:12:A9
Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Certificate serial: 01993191AA561D1D27450D94B2F6E5A8EB43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
Manifest number: 0505
Signing time: Wed 10 Sep 2025 03:00:53 +0000
Manifest this update: Wed 10 Sep 2025 03:00:53 +0000
Manifest next update: Thu 11 Sep 2025 03:00:53 +0000
Files and hashes: 1: AgvVH_Z5ZikBFIUyEGB_f4ftLfg.roa (hash: Ii6l1o1UjR6zsFk/Ik5xPFxEIQrzvV/YcOC6UeUTh7g=)
2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: UMsk0uGDJa/MnFCBzhmPn2Y9wmh0sJ6vARAuVQHxPfE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:31:91:aa:56:1d:1d:27:45:0d:94:b2:f6:e5:a8:eb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Validity
Not Before: Sep 10 03:00:53 2025 GMT
Not After : Sep 11 03:00:53 2025 GMT
Subject: CN=2f4f04d66390bc6b21086cb77cac3304089512a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:db:0d:68:3e:7d:0c:36:b2:63:3a:7b:70:
33:c1:33:40:e4:b4:b0:6a:17:3e:0f:bd:f0:13:9c:
aa:6b:53:16:34:e0:32:15:60:1f:26:6d:ea:31:75:
c4:4f:6a:cd:34:0c:72:a9:dc:28:9b:1d:c0:40:c0:
c2:2b:35:95:f2:67:e5:bb:b5:c9:e4:30:bf:bf:97:
73:34:16:64:c7:56:79:4c:5c:21:42:29:6b:b6:54:
c6:81:ab:72:84:5c:99:0e:ba:5f:59:2e:ef:56:2c:
45:3b:50:fd:3a:25:dd:b8:04:3a:82:5a:78:87:a8:
d0:21:de:a5:1b:59:b8:32:28:62:c4:72:cc:5e:06:
d9:d3:e2:c0:d4:9b:d9:a8:ab:bc:35:60:80:2e:5a:
87:2d:b1:8b:e1:9e:5c:65:5d:23:21:97:85:46:e3:
cd:13:8a:73:23:79:b4:40:1e:cc:9d:2a:5d:61:0f:
8d:8f:27:c6:1c:f2:47:19:50:e2:1f:b5:53:34:a2:
2e:eb:67:da:51:7a:bd:28:52:eb:d7:2e:85:18:ed:
a7:67:85:39:d0:ba:69:29:6e:4b:cb:ed:b0:25:e8:
ce:10:e6:a4:6a:8c:a5:41:5f:73:49:34:24:c8:be:
e0:16:cd:84:aa:d6:7d:43:3f:b8:2e:af:d0:65:c2:
8a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4F:04:D6:63:90:BC:6B:21:08:6C:B7:7C:AC:33:04:08:95:12:A9
X509v3 Authority Key Identifier:
keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:9c:61:a9:d8:92:3f:a2:df:e9:7b:f5:4e:8a:01:3f:1d:49:
2d:52:0a:55:b1:03:6d:82:08:8a:a1:0f:30:25:db:2d:9a:48:
80:12:90:89:92:57:41:5e:4f:21:2d:3a:c4:94:01:9b:45:be:
c5:fd:bf:df:f6:80:3a:a1:5a:2a:e8:9f:d3:c3:86:05:ab:f7:
08:b6:ae:2c:5d:8a:fc:74:b0:94:3a:2d:00:c3:1b:64:b3:e6:
05:33:42:f5:89:1f:27:a8:b1:22:4a:d6:42:a7:9e:49:0d:41:
d8:13:b1:5a:ac:7f:8a:37:eb:1a:e1:ee:5c:7d:2c:5a:62:36:
4d:7e:8e:20:ea:bf:1a:f6:56:0c:ad:60:0a:9c:41:ee:c4:65:
45:31:55:ac:d6:05:0c:e6:12:3f:80:03:31:9e:d4:2d:b7:a5:
22:26:9b:10:12:05:36:ab:1b:14:34:96:4b:0e:b1:c5:63:59:
03:ad:75:19:9c:ab:32:b4:09:04:25:4e:c0:5c:0e:7d:90:08:
6f:bf:a8:12:a1:ff:02:b1:bf:3c:fd:7c:17:e6:96:e3:7c:f0:
53:b3:ac:e8:62:48:eb:d5:bf:14:8f:21:cb:3c:36:11:86:c7:
e0:81:db:d2:12:07:95:70:c3:32:6f:1d:0f:7d:01:67:e4:81:
a8:ae:b7:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkxkapWHR0nRQ2UsvblqOtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx
ZWY1MTAwHhcNMjUwOTEwMDMwMDUzWhcNMjUwOTExMDMwMDUzWjAzMTEwLwYDVQQD
EygyZjRmMDRkNjYzOTBiYzZiMjEwODZjYjc3Y2FjMzMwNDA4OTUxMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHbbDWg+fQw2smM6e3AzwTNA5LSw
ahc+D73wE5yqa1MWNOAyFWAfJm3qMXXET2rNNAxyqdwomx3AQMDCKzWV8mflu7XJ
5DC/v5dzNBZkx1Z5TFwhQilrtlTGgatyhFyZDrpfWS7vVixFO1D9OiXduAQ6glp4
h6jQId6lG1m4MihixHLMXgbZ0+LA1JvZqKu8NWCALlqHLbGL4Z5cZV0jIZeFRuPN
E4pzI3m0QB7MnSpdYQ+NjyfGHPJHGVDiH7VTNKIu62faUXq9KFLr1y6FGO2nZ4U5
0LppKW5Ly+2wJejOEOakaoylQV9zSTQkyL7gFs2EqtZ9Qz+4Lq/QZcKKiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9PBNZjkLxrIQhst3ysMwQIlRKpMB8GA1UdIwQY
MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt
NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl
LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJxhqdiS
P6Lf6Xv1TooBPx1JLVIKVbEDbYIIiqEPMCXbLZpIgBKQiZJXQV5PIS06xJQBm0W+
xf2/3/aAOqFaKuif08OGBav3CLauLF2K/HSwlDotAMMbZLPmBTNC9YkfJ6ixIkrW
QqeeSQ1B2BOxWqx/ijfrGuHuXH0sWmI2TX6OIOq/GvZWDK1gCpxB7sRlRTFVrNYF
DOYSP4ADMZ7ULbelIiabEBIFNqsbFDSWSw6xxWNZA611GZyrMrQJBCVOwFwOfZAI
b7+oEqH/ArG/PP18F+aW43zwU7Os6GJI69W/FI8hyzw2EYbH4IHb0hIHlXDDMm8d
D30BZ+SBqK63Pw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 13:28:06 2025 by rpki-client