Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft
File: I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft (raw, json)
Hash identifier: NwJ37LMz4nVHeHo2LuHhJo2lG2DYzBnT3ROW7eJgFv8=
Subject key identifier: 9B:BC:0A:BE:87:40:35:3D:97:DB:DC:3B:17:72:96:E8:7C:6A:07:E5
Authority key identifier: 23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
Certificate issuer: /CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Certificate serial: 019A722602852444BEDAB6F5787D6BA1178E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:24 +0000
Manifest this update: Tue 11 Nov 2025 09:01:24 +0000
Manifest next update: Wed 12 Nov 2025 09:01:24 +0000
Files and hashes: 1: I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl (hash: itXqzsUdq8H8eQ92xVxjeAbK8lCWtUpllZGEvse2odI=)
2: MTT1Ia9LOAm3voF-tKlGjmgFAPI.roa (hash: 4bP/TTzv7AEu1D5qKcmPGabc7tnqcf7nz+XM5tO/PTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:02:85:24:44:be:da:b6:f5:78:7d:6b:a1:17:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Validity
Not Before: Nov 11 09:01:24 2025 GMT
Not After : Nov 12 09:01:24 2025 GMT
Subject: CN=9bbc0abe8740353d97dbdc3b177296e87c6a07e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:9b:a7:c2:19:77:2b:b2:21:6d:51:d1:e3:
18:4c:a4:8a:6f:7f:c5:df:2e:c3:9b:68:fa:6a:8a:
93:af:d8:60:61:cb:84:b7:50:b5:43:5e:77:95:f1:
e5:2b:f9:4b:7b:d8:db:ce:c4:96:16:79:dc:e3:11:
de:83:1a:98:5e:5d:ad:51:44:da:84:e0:8d:d1:ce:
d0:ca:a8:a1:6f:77:8a:c6:99:f7:ba:a9:d4:fb:4d:
7b:32:b1:6b:dc:6a:e0:46:5a:ac:1a:2f:eb:d7:5e:
8f:d9:ae:2b:29:0e:70:4f:ba:5d:e8:87:f4:f9:2d:
71:ee:a9:2b:9b:77:fb:fa:35:56:8b:96:44:60:ed:
cb:6f:b2:7e:fd:a2:86:c8:44:ed:7b:2e:73:69:ea:
a7:dc:63:51:52:df:8a:a8:5b:55:64:4b:c9:89:31:
4a:9e:a9:11:06:ce:f4:07:87:49:4e:06:3e:2c:46:
47:38:ba:e2:a5:ed:ff:56:e9:4b:4d:41:43:2d:d6:
ef:d0:0e:97:6b:72:20:5c:02:2d:52:8f:33:fa:c9:
cd:ff:ab:f3:4b:84:15:92:61:83:32:c5:e6:d1:7d:
3a:7d:a5:4d:2f:26:a0:d2:31:02:27:0e:69:28:b0:
18:55:8b:d1:1b:31:fe:1c:48:5c:ed:10:31:f1:7c:
bb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BC:0A:BE:87:40:35:3D:97:DB:DC:3B:17:72:96:E8:7C:6A:07:E5
X509v3 Authority Key Identifier:
keyid:23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:54:4c:7e:5f:81:da:d4:66:27:ff:9f:e7:e3:e7:d4:8f:17:
31:b3:23:22:fb:55:c5:ef:92:db:be:ca:c6:b4:0e:f5:b0:02:
74:68:bc:81:53:6f:a2:21:3e:ae:7a:36:1b:fb:ee:40:2d:fd:
67:2b:4b:d8:0a:6c:00:8b:1a:6c:16:ca:3e:ab:d9:39:5c:ee:
29:c3:ce:94:8b:72:ad:f9:fb:1b:82:df:45:19:60:b4:c5:a7:
27:ae:22:32:c0:3e:be:52:ff:96:99:ff:77:bd:7d:82:15:a3:
2a:8f:28:f5:6a:cd:4d:02:a8:a6:36:a1:dd:c0:f6:dc:9e:b6:
26:ac:fd:c4:13:6a:88:cb:63:fb:b0:1a:e7:85:c1:a1:f8:ae:
a1:0b:f7:56:b7:43:51:06:0f:b1:ad:d7:c1:03:ab:f8:93:2a:
79:b3:02:5c:f7:bd:c2:16:6b:6f:1c:60:05:0d:f7:02:80:4b:
33:12:bb:7f:83:1b:70:29:b8:db:a0:a9:fe:d7:e8:ef:22:66:
de:4e:67:35:65:50:6a:f1:cb:b3:ec:3f:7f:f3:d1:fc:7b:c9:
4e:a6:6b:cb:57:5f:4d:f0:09:bf:0d:b1:3a:28:fe:55:b7:4f:
9b:aa:70:6b:ab:32:d2:26:b4:77:ec:62:2a:5e:e9:bd:9b:f7:
0b:f3:4e:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgKFJES+2rb1eH1roReOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTQyNDk3OTcwZDY1NTQxZGRiMTU5NjU4ZTNiMGE2ZTJm
NTE2YjcwHhcNMjUxMTExMDkwMTI0WhcNMjUxMTEyMDkwMTI0WjAzMTEwLwYDVQQD
Eyg5YmJjMGFiZTg3NDAzNTNkOTdkYmRjM2IxNzcyOTZlODdjNmEwN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kybp8IZdyuyIW1R0eMYTKSKb3/F
3y7Dm2j6aoqTr9hgYcuEt1C1Q153lfHlK/lLe9jbzsSWFnnc4xHegxqYXl2tUUTa
hOCN0c7Qyqihb3eKxpn3uqnU+017MrFr3GrgRlqsGi/r116P2a4rKQ5wT7pd6If0
+S1x7qkrm3f7+jVWi5ZEYO3Lb7J+/aKGyETtey5zaeqn3GNRUt+KqFtVZEvJiTFK
nqkRBs70B4dJTgY+LEZHOLripe3/VulLTUFDLdbv0A6Xa3IgXAItUo8z+snN/6vz
S4QVkmGDMsXm0X06faVNLyag0jECJw5pKLAYVYvRGzH+HEhc7RAx8Xy74wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJu8Cr6HQDU9l9vcOxdyluh8agflMB8GA1UdIwQY
MBaAFCOkJJeXDWVUHdsVlljjsKbi9Ra3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEt
ZTcyMGZlYjEwMTAzLzEvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEtZTcyMGZlYjEwMTAz
LzEvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG1RMfl+B
2tRmJ/+f5+Pn1I8XMbMjIvtVxe+S277KxrQO9bACdGi8gVNvoiE+rno2G/vuQC39
ZytL2ApsAIsabBbKPqvZOVzuKcPOlItyrfn7G4LfRRlgtMWnJ64iMsA+vlL/lpn/
d719ghWjKo8o9WrNTQKopjah3cD23J62Jqz9xBNqiMtj+7Aa54XBofiuoQv3VrdD
UQYPsa3XwQOr+JMqebMCXPe9whZrbxxgBQ33AoBLMxK7f4MbcCm426Cp/tfo7yJm
3k5nNWVQavHLs+w/f/PR/HvJTqZry1dfTfAJvw2xOij+VbdPm6pwa6sy0ia0d+xi
Kl7pvZv3C/NOkQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:22:10 2025 by rpki-client