Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
File: ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft (raw, json)
Hash identifier: Eh/g1h5+XBkCyBuHhULgBBxit4GoNuZXpIrHWcE79Y4=
Subject key identifier: 87:4A:D6:97:30:C7:0C:9A:90:15:A3:50:59:2D:4E:F0:7A:8C:03:FD
Authority key identifier: 89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
Certificate issuer: /CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Certificate serial: 019A725C69C96B640BD53077E713A49BEAEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
Manifest number: 0ED4
Signing time: Tue 11 Nov 2025 10:00:50 +0000
Manifest this update: Tue 11 Nov 2025 10:00:50 +0000
Manifest next update: Wed 12 Nov 2025 10:00:50 +0000
Files and hashes: 1: ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl (hash: rnwIueWDTtjpE/8jGTmMYDoN48TbnzheQyqeVpx7pn8=)
2: qmO8Fiuuh9KuRm81yMzephu_U-o.roa (hash: JTX7Cj1zPyi8sR8Cn5QR+pzD+tvVds3MwvVGO5fjdhw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:69:c9:6b:64:0b:d5:30:77:e7:13:a4:9b:ea:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Validity
Not Before: Nov 11 10:00:50 2025 GMT
Not After : Nov 12 10:00:50 2025 GMT
Subject: CN=874ad69730c70c9a9015a350592d4ef07a8c03fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:42:97:a2:19:8e:a6:45:f9:fe:2e:d4:a3:
79:73:4f:70:c9:cb:1f:d2:69:3d:48:b0:a7:a8:af:
a2:6d:41:5e:e9:ed:2c:d2:5e:24:85:08:36:9b:b7:
ab:52:14:64:a1:45:b5:f4:d8:d9:84:12:d9:9f:be:
83:25:e4:71:46:41:2f:60:e3:b0:19:42:aa:67:96:
80:f1:65:06:64:28:79:af:6f:51:df:5c:a5:64:01:
dd:d7:ae:52:ec:56:b4:5c:3f:f0:2b:d5:f7:23:1f:
ce:f0:0f:eb:08:73:5f:ce:50:9d:59:cc:1b:ea:37:
9b:4a:07:23:c1:3b:db:a2:05:50:bf:3d:97:da:13:
c2:c3:a1:18:e3:fa:15:ba:62:6a:62:3d:cd:9c:dc:
c4:87:0b:d6:cd:16:7d:55:e6:d7:63:4f:b6:64:44:
46:d7:ee:9f:f4:c4:85:d2:8d:a6:3c:2f:39:30:b6:
56:52:71:d9:12:9b:b9:11:88:4d:6e:e8:6e:1e:2c:
71:62:35:a8:61:0e:ae:32:45:ba:9e:71:a6:9a:46:
c0:37:31:82:67:b0:03:69:73:57:0b:63:ff:fe:ee:
6c:ff:89:9a:f9:69:d4:05:42:c7:2c:3d:87:c7:f2:
0c:fb:00:e3:ba:49:bc:2b:35:a2:e5:00:76:39:6e:
67:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4A:D6:97:30:C7:0C:9A:90:15:A3:50:59:2D:4E:F0:7A:8C:03:FD
X509v3 Authority Key Identifier:
keyid:89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:b0:9c:85:db:8b:ea:1d:fb:d5:4a:b8:b6:c0:3e:90:f4:51:
dc:12:a3:10:28:0b:ca:ca:47:af:f6:da:57:ff:28:70:45:61:
51:8b:24:18:e2:62:3b:8f:b3:fc:30:23:31:d4:6a:c7:17:e1:
16:9a:f4:01:7e:dd:3f:92:9f:21:4b:2d:cb:ca:18:cd:ce:9b:
0f:e1:2e:68:7a:b9:76:0c:83:77:02:cd:32:60:c9:8e:ef:a9:
52:22:c9:94:cf:a2:7c:1b:9d:ed:d6:47:37:c2:08:1b:7a:74:
97:10:0b:1d:4e:49:aa:89:ec:86:66:43:60:19:72:ae:86:64:
6b:40:fa:d4:c8:e3:19:0a:78:aa:99:52:70:c8:45:e7:12:51:
1b:f1:6f:24:8b:ff:a4:4c:49:1b:eb:60:68:cb:f1:35:84:57:
32:f0:94:c9:ac:ff:04:fe:4a:4c:de:da:79:1b:7b:e0:05:f8:
3c:ad:e9:c2:70:c2:62:1c:fb:af:02:71:31:0a:51:07:97:a0:
1f:43:f4:f1:f5:ee:b4:b7:36:ee:6b:b0:8c:09:ac:cf:78:63:
4d:dc:2e:19:13:f1:7b:46:2f:9b:f8:b2:96:16:a8:87:17:02:
31:e1:d0:02:ea:e2:d1:ed:4e:72:c0:c9:ff:10:3c:38:c1:30:
dc:2e:1b:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGnJa2QL1TB35xOkm+rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWUyMjBiNDc2OGRhNmUyNzZlNmE2MmVkZDY3NDZkOGZj
M2MxZmIwHhcNMjUxMTExMTAwMDUwWhcNMjUxMTEyMTAwMDUwWjAzMTEwLwYDVQQD
Eyg4NzRhZDY5NzMwYzcwYzlhOTAxNWEzNTA1OTJkNGVmMDdhOGMwM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR1Cl6IZjqZF+f4u1KN5c09wycsf
0mk9SLCnqK+ibUFe6e0s0l4khQg2m7erUhRkoUW19NjZhBLZn76DJeRxRkEvYOOw
GUKqZ5aA8WUGZCh5r29R31ylZAHd165S7Fa0XD/wK9X3Ix/O8A/rCHNfzlCdWcwb
6jebSgcjwTvbogVQvz2X2hPCw6EY4/oVumJqYj3NnNzEhwvWzRZ9VebXY0+2ZERG
1+6f9MSF0o2mPC85MLZWUnHZEpu5EYhNbuhuHixxYjWoYQ6uMkW6nnGmmkbANzGC
Z7ADaXNXC2P//u5s/4ma+WnUBULHLD2Hx/IM+wDjukm8KzWi5QB2OW5n5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdK1pcwxwyakBWjUFktTvB6jAP9MB8GA1UdIwQY
MBaAFImuIgtHaNpuJ25qYu3WdG2Pw8H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzct
NzQxZmE0ZTEwZTM2LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzctNzQxZmE0ZTEwZTM2
LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgrCchduL
6h371Uq4tsA+kPRR3BKjECgLyspHr/baV/8ocEVhUYskGOJiO4+z/DAjMdRqxxfh
Fpr0AX7dP5KfIUsty8oYzc6bD+EuaHq5dgyDdwLNMmDJju+pUiLJlM+ifBud7dZH
N8IIG3p0lxALHU5JqonshmZDYBlyroZka0D61MjjGQp4qplScMhF5xJRG/FvJIv/
pExJG+tgaMvxNYRXMvCUyaz/BP5KTN7aeRt74AX4PK3pwnDCYhz7rwJxMQpRB5eg
H0P08fXutLc27muwjAmsz3hjTdwuGRPxe0Yvm/iylhaohxcCMeHQAuri0e1OcsDJ
/xA8OMEw3C4bZA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:46 2025 by rpki-client