Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
File: IuKOVQMUE4-dg6KLLWZum4dEtRA.mft (raw, json)
Hash identifier: JQmHtLZnPF5yvp86c6YlR6HJUKvI9jvtvSWioU7ELb0=
Subject key identifier: 09:4E:EA:1C:89:71:D5:FD:92:5D:94:EF:9F:DD:C6:D2:03:3E:C4:81
Authority key identifier: 22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
Certificate issuer: /CN=22e28e550314138f9d83a28b2d666e9b8744b510
Certificate serial: 019A730109573A8E159A9975CBC85D64EB45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 13:00:39 +0000
Manifest this update: Tue 11 Nov 2025 13:00:39 +0000
Manifest next update: Wed 12 Nov 2025 13:00:39 +0000
Files and hashes: 1: IuKOVQMUE4-dg6KLLWZum4dEtRA.crl (hash: LzX1L+SWtLQ7lS1niNbxJhKKsX13bWM+GW8U1g1AFY4=)
2: cFbXH5gO6qs06Nq1Ek6wrTAvxB0.roa (hash: c0tlMuDM/vPMybXrB0sIatVwyL/aO7RZmUvD1wZIObw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:09:57:3a:8e:15:9a:99:75:cb:c8:5d:64:eb:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22e28e550314138f9d83a28b2d666e9b8744b510
Validity
Not Before: Nov 11 13:00:39 2025 GMT
Not After : Nov 12 13:00:39 2025 GMT
Subject: CN=094eea1c8971d5fd925d94ef9fddc6d2033ec481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:25:8d:8e:bf:f4:e9:8f:aa:d6:fa:9d:f3:
5d:63:47:17:d5:54:f6:a7:a4:4e:d7:af:27:59:99:
8a:1f:f2:11:2f:ae:34:68:39:5b:93:85:29:e4:f0:
f7:d8:8e:8a:9e:c6:c4:eb:37:56:eb:98:ea:9a:f8:
81:31:8f:42:c2:d5:aa:39:7f:44:89:16:3c:da:ff:
13:6c:0e:18:f2:96:f3:b6:72:86:95:cb:cf:d6:1d:
43:77:d8:4d:17:cc:b0:6f:07:46:3a:86:14:a3:9d:
8e:fc:c4:c3:8f:db:6c:04:45:bf:bf:3e:52:f9:fe:
d2:9a:e2:de:e1:b3:84:ba:19:18:06:7d:04:d1:c1:
cf:4c:fb:31:de:84:40:90:f7:22:25:e5:5d:26:80:
08:bc:34:56:d8:53:2e:c6:70:f7:15:33:b0:58:5d:
5b:d0:ce:f7:c4:cf:00:64:8b:94:2b:25:1b:a5:cd:
36:6c:96:19:8a:13:34:e6:fc:1b:b4:a2:fa:1d:74:
99:e1:59:e9:81:da:ea:d4:5a:b7:e9:58:7e:7c:9c:
b4:6a:80:f0:9b:b3:e8:fc:d5:56:58:5e:c0:11:5a:
33:96:51:44:91:b8:48:5f:b8:b1:4f:34:6f:da:ab:
f4:7a:f6:f4:53:24:69:4c:b0:b2:72:ba:16:13:bd:
6b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4E:EA:1C:89:71:D5:FD:92:5D:94:EF:9F:DD:C6:D2:03:3E:C4:81
X509v3 Authority Key Identifier:
keyid:22:E2:8E:55:03:14:13:8F:9D:83:A2:8B:2D:66:6E:9B:87:44:B5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuKOVQMUE4-dg6KLLWZum4dEtRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/336a6f-2b89-4b32-89f6-4d209c3288ab/1/IuKOVQMUE4-dg6KLLWZum4dEtRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:70:2a:bf:cc:09:fe:a7:3d:e0:d2:d0:4d:17:09:5a:1c:0d:
9d:1a:78:70:ba:00:c1:6d:9d:12:8c:67:88:9c:2e:61:9e:fb:
69:99:96:20:ae:f1:c4:84:4a:51:70:ef:72:29:2e:de:5b:93:
f6:80:81:b6:24:44:06:f7:ff:1b:90:bc:48:4e:2c:4a:4e:ea:
5e:37:83:4a:df:5a:be:97:d3:f4:51:0a:1d:90:cd:b4:74:d0:
4d:3e:22:8b:4e:99:89:a5:d2:6f:f8:9e:b7:b9:37:65:81:5d:
cf:90:e1:30:b9:fd:38:05:8c:14:0a:e3:35:d7:ac:79:15:86:
83:8a:34:77:1e:8f:e9:ef:20:bf:a6:bb:77:62:39:82:08:64:
62:c1:c1:26:2f:08:54:f6:67:5b:66:09:bb:01:54:9b:aa:16:
07:50:11:f9:08:c7:9b:ba:36:a4:9d:4a:f0:96:6a:cf:bd:3a:
1d:43:94:6d:5d:6f:ed:45:f9:22:c7:7c:fa:11:15:c5:6a:b2:
72:fd:90:ba:ca:0b:41:c1:6e:39:8c:e6:1d:1c:fd:79:53:db:
b6:32:8a:00:2d:3d:28:5f:26:43:07:2b:1d:2b:c7:e6:f9:0d:
36:b6:07:87:2c:4b:d0:b3:cc:de:09:97:21:0c:88:77:0c:02:
67:e9:17:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAQlXOo4Vmpl1y8hdZOtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTI4ZTU1MDMxNDEzOGY5ZDgzYTI4YjJkNjY2ZTliODc0
NGI1MTAwHhcNMjUxMTExMTMwMDM5WhcNMjUxMTEyMTMwMDM5WjAzMTEwLwYDVQQD
EygwOTRlZWExYzg5NzFkNWZkOTI1ZDk0ZWY5ZmRkYzZkMjAzM2VjNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUMljY6/9OmPqtb6nfNdY0cX1VT2
p6RO168nWZmKH/IRL640aDlbk4Up5PD32I6KnsbE6zdW65jqmviBMY9CwtWqOX9E
iRY82v8TbA4Y8pbztnKGlcvP1h1Dd9hNF8ywbwdGOoYUo52O/MTDj9tsBEW/vz5S
+f7SmuLe4bOEuhkYBn0E0cHPTPsx3oRAkPciJeVdJoAIvDRW2FMuxnD3FTOwWF1b
0M73xM8AZIuUKyUbpc02bJYZihM05vwbtKL6HXSZ4Vnpgdrq1Fq36Vh+fJy0aoDw
m7Po/NVWWF7AEVozllFEkbhIX7ixTzRv2qv0evb0UyRpTLCycroWE71rzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlO6hyJcdX9kl2U75/dxtIDPsSBMB8GA1UdIwQY
MBaAFCLijlUDFBOPnYOiiy1mbpuHRLUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYt
NGQyMDljMzI4OGFiLzEvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMzZhNmYtMmI4OS00YjMyLTg5ZjYtNGQyMDljMzI4OGFi
LzEvSXVLT1ZRTVVFNC1kZzZLTExXWnVtNGRFdFJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnnAqv8wJ
/qc94NLQTRcJWhwNnRp4cLoAwW2dEoxniJwuYZ77aZmWIK7xxIRKUXDvciku3luT
9oCBtiREBvf/G5C8SE4sSk7qXjeDSt9avpfT9FEKHZDNtHTQTT4ii06ZiaXSb/ie
t7k3ZYFdz5DhMLn9OAWMFArjNdeseRWGg4o0dx6P6e8gv6a7d2I5gghkYsHBJi8I
VPZnW2YJuwFUm6oWB1AR+QjHm7o2pJ1K8JZqz706HUOUbV1v7UX5Isd8+hEVxWqy
cv2QusoLQcFuOYzmHRz9eVPbtjKKAC09KF8mQwcrHSvH5vkNNrYHhyxL0LPM3gmX
IQyIdwwCZ+kXMA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:58 2025 by rpki-client