Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: QtYU5LVW/l/lN1Dxb76SFOybRLYT6VLLf9FFCVlAo6s=
Subject key identifier: 50:8B:23:41:4F:8A:96:9A:8D:D1:0B:75:67:40:20:72:5B:0B:AC:16
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019A72257EAFA7A1B8C6CE83635FA534F6CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 05AF
Signing time: Tue 11 Nov 2025 09:00:51 +0000
Manifest this update: Tue 11 Nov 2025 09:00:51 +0000
Manifest next update: Wed 12 Nov 2025 09:00:51 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: 7j23W8O1KsAv8Btl7QNtUP2iwKPOaG9GIhJ4xChHWV8=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7e:af:a7:a1:b8:c6:ce:83:63:5f:a5:34:f6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Nov 11 09:00:51 2025 GMT
Not After : Nov 12 09:00:51 2025 GMT
Subject: CN=508b23414f8a969a8dd10b75674020725b0bac16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:df:1e:ca:bf:4b:aa:5d:30:51:47:ae:86:
9b:fa:ee:b7:11:16:2c:c8:95:d3:bb:38:31:a8:38:
d0:d9:c3:b2:60:b2:f8:b0:6c:b2:7c:12:85:f7:df:
84:d7:a4:87:8d:9f:57:b6:c9:ba:8c:b7:1b:3a:a4:
57:82:ce:f7:54:0a:98:2d:1f:cb:57:f8:f2:b7:b1:
e5:44:fe:a5:c2:f0:69:df:32:ed:3a:69:c2:1e:3b:
c9:c6:ef:86:35:ba:9a:31:76:9d:92:4c:04:43:67:
cb:41:5e:94:bf:1c:03:cd:9b:2e:b3:c3:9a:54:76:
45:91:99:e3:fc:e9:3d:28:21:6d:34:a7:4a:01:55:
57:7d:f4:88:2b:77:d7:44:e4:4a:c0:33:7c:5a:a6:
d1:3d:20:d3:05:f6:bf:b1:63:7f:15:e1:12:0f:dc:
17:05:df:5d:1f:d3:a9:80:32:fd:ec:bd:d4:64:36:
8c:1d:22:a9:88:08:cf:15:df:9b:c1:82:82:99:0a:
35:6a:94:08:31:0e:2f:ea:74:5f:67:b9:e3:ad:ee:
d2:8e:7d:f7:e2:36:f4:9c:8e:d3:5d:65:fb:a6:48:
b7:dc:c3:7f:60:ab:c5:66:f2:69:ff:af:50:9f:64:
5c:62:d0:39:55:e2:d6:2c:97:7e:4e:08:8d:3d:a9:
d1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8B:23:41:4F:8A:96:9A:8D:D1:0B:75:67:40:20:72:5B:0B:AC:16
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:4e:1c:1e:00:23:b9:bc:b4:ed:6e:e0:98:97:27:f8:19:b5:
22:72:32:aa:90:17:8b:c4:70:b9:6b:96:c8:c0:9d:af:f3:a8:
75:a6:d2:9b:8a:55:a8:2a:31:5b:5e:b4:00:0c:ce:a2:0f:29:
3c:e7:8d:ac:20:3d:36:ba:12:8d:27:c5:ea:ea:1a:ee:36:fa:
75:51:06:4d:ed:41:6e:36:5a:06:71:3b:07:78:f9:27:ac:2b:
66:79:a5:1f:6c:93:57:83:60:2a:15:61:13:aa:ef:12:7f:11:
c2:a5:f2:0c:b9:8c:f1:09:1a:e7:92:e1:4f:3f:a0:fe:80:93:
d0:f0:69:ae:7a:a5:82:96:02:9b:88:3d:50:65:a8:b1:29:17:
d0:6f:8f:07:52:5e:10:c1:71:df:14:bc:de:81:45:b3:b1:e6:
34:cb:d2:52:93:ef:e1:61:9f:f8:19:23:0a:ac:c4:f5:fb:27:
f7:50:7c:39:58:53:e7:8d:52:9b:f2:7c:a4:1c:1e:1d:4b:88:
7c:15:99:f3:af:31:a5:c0:a2:dc:e0:f5:16:9a:b9:c7:5a:68:
7b:9c:e9:f7:67:a0:5f:f5:29:e2:cc:34:72:85:aa:bd:08:9f:
af:82:f2:c1:55:13:a0:3f:e4:5b:05:5a:6e:66:ec:07:e1:db:
ca:7c:08:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJX6vp6G4xs6DY1+lNPbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUxMTExMDkwMDUxWhcNMjUxMTEyMDkwMDUxWjAzMTEwLwYDVQQD
Eyg1MDhiMjM0MTRmOGE5NjlhOGRkMTBiNzU2NzQwMjA3MjViMGJhYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yzfHsq/S6pdMFFHroab+u63ERYs
yJXTuzgxqDjQ2cOyYLL4sGyyfBKF99+E16SHjZ9Xtsm6jLcbOqRXgs73VAqYLR/L
V/jyt7HlRP6lwvBp3zLtOmnCHjvJxu+GNbqaMXadkkwEQ2fLQV6UvxwDzZsus8Oa
VHZFkZnj/Ok9KCFtNKdKAVVXffSIK3fXRORKwDN8WqbRPSDTBfa/sWN/FeESD9wX
Bd9dH9OpgDL97L3UZDaMHSKpiAjPFd+bwYKCmQo1apQIMQ4v6nRfZ7njre7Sjn33
4jb0nI7TXWX7pki33MN/YKvFZvJp/69Qn2RcYtA5VeLWLJd+TgiNPanRAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCLI0FPipaajdELdWdAIHJbC6wWMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAok4cHgAj
uby07W7gmJcn+Bm1InIyqpAXi8RwuWuWyMCdr/OodabSm4pVqCoxW160AAzOog8p
POeNrCA9NroSjSfF6uoa7jb6dVEGTe1BbjZaBnE7B3j5J6wrZnmlH2yTV4NgKhVh
E6rvEn8RwqXyDLmM8Qka55LhTz+g/oCT0PBprnqlgpYCm4g9UGWosSkX0G+PB1Je
EMFx3xS83oFFs7HmNMvSUpPv4WGf+BkjCqzE9fsn91B8OVhT541Sm/J8pBweHUuI
fBWZ868xpcCi3OD1Fpq5x1poe5zp92egX/Up4sw0coWqvQifr4LywVUToD/kWwVa
bmbsB+HbynwIGg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:17:31 2025 by rpki-client