Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.mft
File: i8EWjaFgICh-6h_eygVBkwqdNok.mft (raw, json)
Hash identifier: eId8BBN9sp6HgIkC7ak9+T01zI2NyhfZSMZXYFReW5o=
Subject key identifier: 21:C3:D1:C7:88:13:86:76:69:56:8F:B9:E4:A2:41:6B:9E:3D:C5:23
Authority key identifier: 8B:C1:16:8D:A1:60:20:28:7E:EA:1F:DE:CA:05:41:93:0A:9D:36:89
Certificate issuer: /CN=8bc1168da16020287eea1fdeca0541930a9d3689
Certificate serial: 019A72CA38471A948711F07547F5BE0EB570
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i8EWjaFgICh-6h_eygVBkwqdNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.mft
Manifest number: 03A3
Signing time: Tue 11 Nov 2025 12:00:46 +0000
Manifest this update: Tue 11 Nov 2025 12:00:46 +0000
Manifest next update: Wed 12 Nov 2025 12:00:46 +0000
Files and hashes: 1: M8dNAav4bGEdssIavf8xkWsYnhg.roa (hash: XQuy4W50mLmkvV791/MW+gWfWSh1bhqASgHVJ90pFyY=)
2: i8EWjaFgICh-6h_eygVBkwqdNok.crl (hash: iqdrx7hcnDNnfHQPWqiyyON/fyzObxILX6zlbcgylOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.mft
rsync://rpki.ripe.net/repository/DEFAULT/i8EWjaFgICh-6h_eygVBkwqdNok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:38:47:1a:94:87:11:f0:75:47:f5:be:0e:b5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bc1168da16020287eea1fdeca0541930a9d3689
Validity
Not Before: Nov 11 12:00:46 2025 GMT
Not After : Nov 12 12:00:46 2025 GMT
Subject: CN=21c3d1c78813867669568fb9e4a2416b9e3dc523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:d4:d0:8a:d8:14:6d:6c:67:56:70:cb:66:
59:24:ff:67:89:da:de:21:16:3a:37:fb:85:cf:fe:
47:26:2e:76:78:db:74:be:d7:8c:f4:66:06:4b:6a:
35:73:21:56:b3:09:a3:f5:40:28:50:ac:42:3f:21:
4f:7d:67:bd:ea:83:3f:9d:ea:66:05:a1:ef:bf:94:
3d:29:fd:4a:17:96:db:92:c6:82:d0:59:94:03:d0:
12:2b:28:45:42:1d:f0:7e:10:64:a8:f4:27:c1:a8:
02:cf:4c:2c:44:68:5f:c5:e9:fb:fc:a2:ff:9c:6a:
cd:58:b8:0a:f0:11:3e:0d:eb:a3:fe:cb:e5:2c:8c:
26:7d:5c:62:3b:80:aa:3c:87:b0:2a:4b:34:39:04:
c7:0a:19:a4:a9:7c:65:ab:fe:84:a0:40:e0:d7:62:
9c:f2:c8:21:0d:00:08:7d:c6:a9:a8:09:3d:2e:8b:
b6:7d:99:5a:b4:ed:ee:08:b3:87:5f:33:51:d4:8d:
2b:52:6c:75:01:4e:55:d4:d1:8a:5d:88:61:6a:b4:
9a:6b:1a:b9:6f:10:4a:35:ba:0b:45:5a:d9:f9:e0:
81:a7:df:d7:52:b1:c8:c0:53:9b:40:95:75:66:1f:
9b:58:93:d7:1e:6f:16:bb:5a:80:70:7c:41:df:b4:
09:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C3:D1:C7:88:13:86:76:69:56:8F:B9:E4:A2:41:6B:9E:3D:C5:23
X509v3 Authority Key Identifier:
keyid:8B:C1:16:8D:A1:60:20:28:7E:EA:1F:DE:CA:05:41:93:0A:9D:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i8EWjaFgICh-6h_eygVBkwqdNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/18bc60-eca6-48dd-ae99-26ce071b0c36/1/i8EWjaFgICh-6h_eygVBkwqdNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:2d:87:18:f7:59:2b:76:c4:8c:15:59:49:c7:74:a9:9c:1d:
67:cd:b6:75:28:5f:eb:9d:16:b0:ea:07:dc:33:ae:e1:80:01:
da:5e:ab:4c:1f:91:0a:a8:3a:30:49:76:94:48:f7:65:47:fe:
05:75:7a:f5:64:29:d4:33:94:f9:22:f0:14:d1:c1:1d:0f:41:
b3:bc:90:01:fc:86:cd:0f:28:fd:55:f9:aa:ae:27:76:97:9f:
21:03:8a:bd:41:0e:8d:2c:a8:54:73:49:64:5f:eb:10:31:b4:
62:1b:1c:92:65:72:54:a1:fb:33:1b:23:a6:bb:64:90:06:4e:
0a:47:56:c3:38:bb:7b:c9:20:9e:05:6e:6d:a3:6f:d9:32:a6:
b0:c2:3d:ea:8a:6b:1b:98:89:0f:8b:6f:d3:13:2e:c6:d0:22:
56:97:20:87:b0:88:19:9b:68:04:3b:dc:3f:90:f3:25:42:53:
4a:b1:2e:23:f1:4f:1c:20:36:e1:fa:6d:35:35:76:ed:6e:96:
1e:ec:f9:66:47:c9:80:86:cc:35:d5:da:a0:e3:4e:5c:67:46:
a9:4d:a7:4e:01:04:7f:53:ab:24:08:aa:11:1b:85:e8:f4:d0:
6f:4f:c9:82:d4:f5:81:85:68:10:ab:a3:e8:ca:e9:a4:88:2e:
86:6a:f5:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyjhHGpSHEfB1R/W+DrVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYzExNjhkYTE2MDIwMjg3ZWVhMWZkZWNhMDU0MTkzMGE5
ZDM2ODkwHhcNMjUxMTExMTIwMDQ2WhcNMjUxMTEyMTIwMDQ2WjAzMTEwLwYDVQQD
EygyMWMzZDFjNzg4MTM4Njc2Njk1NjhmYjllNGEyNDE2YjllM2RjNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshzU0IrYFG1sZ1Zwy2ZZJP9nidre
IRY6N/uFz/5HJi52eNt0vteM9GYGS2o1cyFWswmj9UAoUKxCPyFPfWe96oM/nepm
BaHvv5Q9Kf1KF5bbksaC0FmUA9ASKyhFQh3wfhBkqPQnwagCz0wsRGhfxen7/KL/
nGrNWLgK8BE+Deuj/svlLIwmfVxiO4CqPIewKks0OQTHChmkqXxlq/6EoEDg12Kc
8sghDQAIfcapqAk9Lou2fZlatO3uCLOHXzNR1I0rUmx1AU5V1NGKXYhharSaaxq5
bxBKNboLRVrZ+eCBp9/XUrHIwFObQJV1Zh+bWJPXHm8Wu1qAcHxB37QJ6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHD0ceIE4Z2aVaPueSiQWuePcUjMB8GA1UdIwQY
MBaAFIvBFo2hYCAofuof3soFQZMKnTaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaThFV2phRmdJQ2gtNmhfZXlnVkJrd3FkTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xOGJjNjAtZWNhNi00OGRkLWFlOTkt
MjZjZTA3MWIwYzM2LzEvaThFV2phRmdJQ2gtNmhfZXlnVkJrd3FkTm9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xOGJjNjAtZWNhNi00OGRkLWFlOTktMjZjZTA3MWIwYzM2
LzEvaThFV2phRmdJQ2gtNmhfZXlnVkJrd3FkTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQy2HGPdZ
K3bEjBVZScd0qZwdZ822dShf650WsOoH3DOu4YAB2l6rTB+RCqg6MEl2lEj3ZUf+
BXV69WQp1DOU+SLwFNHBHQ9Bs7yQAfyGzQ8o/VX5qq4ndpefIQOKvUEOjSyoVHNJ
ZF/rEDG0YhsckmVyVKH7MxsjprtkkAZOCkdWwzi7e8kgngVubaNv2TKmsMI96opr
G5iJD4tv0xMuxtAiVpcgh7CIGZtoBDvcP5DzJUJTSrEuI/FPHCA24fptNTV27W6W
Huz5ZkfJgIbMNdXaoONOXGdGqU2nTgEEf1OrJAiqERuF6PTQb0/JgtT1gYVoEKuj
6MrppIguhmr11w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:37:55 2025 by rpki-client