Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
File: ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft (raw, json)
Hash identifier: lAaWVQg2BhV4VBWPblx6abkjfNM4vluM8yxeY01KfaI=
Subject key identifier: 1A:97:C1:C5:28:7A:4A:D0:89:B5:38:8B:96:45:74:81:70:BA:D5:6A
Authority key identifier: 89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
Certificate issuer: /CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Certificate serial: 019A71B783C24209E513B9265DBF5579D9CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
Manifest number: 16D9
Signing time: Tue 11 Nov 2025 07:00:43 +0000
Manifest this update: Tue 11 Nov 2025 07:00:43 +0000
Manifest next update: Wed 12 Nov 2025 07:00:43 +0000
Files and hashes: 1: TuA6dq5RUfQK0g-nhGPwelxAp8s.roa (hash: A068hT4+Hwiukpw4NAI0ekcWki3f2qgAy0smH/qbl44=)
2: ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl (hash: k7AhRP6vfurPAtKLuUBbVqCKgH0oytstYbdhL7R2TPs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:83:c2:42:09:e5:13:b9:26:5d:bf:55:79:d9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Validity
Not Before: Nov 11 07:00:43 2025 GMT
Not After : Nov 12 07:00:43 2025 GMT
Subject: CN=1a97c1c5287a4ad089b5388b9645748170bad56a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:3c:ce:97:77:44:43:ff:90:65:5e:43:9c:
fc:74:bf:be:5e:e1:48:b4:7b:fd:71:45:3d:5e:06:
64:1d:fb:52:b9:96:02:7a:1d:1a:ed:ed:eb:0f:24:
31:29:29:39:99:9c:40:c3:f4:44:da:c3:8e:3d:43:
26:2e:82:4f:9c:8f:68:0f:af:a3:45:1c:e0:c0:74:
b4:12:af:e9:76:d5:f0:ce:5f:eb:34:81:15:dd:e4:
c5:c0:da:8d:33:57:4d:b7:b8:49:f0:7d:6d:df:af:
b1:4c:58:c3:b1:d0:76:e7:2f:2a:8b:d8:9f:66:26:
a4:a6:ba:67:11:fc:a2:1e:9f:e2:78:2b:a9:90:d6:
f4:1d:91:ad:b7:65:1d:44:00:a2:a7:e1:c0:d7:b1:
c6:ba:e9:f7:99:b1:c2:9e:42:12:99:6b:01:0d:b9:
e7:3c:c3:42:ad:0c:83:4c:e5:5c:f2:48:36:db:d5:
4a:16:b0:1e:c0:73:2d:2a:02:fa:ab:2f:15:fc:31:
7a:0c:14:e8:f6:93:ff:a8:d3:a2:88:b2:13:35:28:
fc:b7:d9:d6:c3:08:da:e2:ca:e6:a8:ac:bf:a2:96:
0c:2f:47:f4:6f:e2:ea:2c:ce:80:e8:4b:f6:14:dd:
a4:16:13:57:fe:ea:50:5d:9c:d9:7c:b8:9d:f7:e6:
ae:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:97:C1:C5:28:7A:4A:D0:89:B5:38:8B:96:45:74:81:70:BA:D5:6A
X509v3 Authority Key Identifier:
keyid:89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:01:23:d8:4a:8e:fa:96:67:9a:33:ed:ee:1a:67:9b:0d:43:
91:9c:7a:55:e9:2f:ef:1a:21:78:d1:e5:70:5b:e9:ae:db:d8:
bf:5c:01:77:bf:03:2d:eb:a6:4e:10:fb:5a:4b:49:d3:69:b7:
f7:07:36:7f:19:8f:24:59:75:f4:b1:6b:ac:06:49:3c:4a:e2:
5c:a5:14:a2:b8:c0:c5:2e:ae:0a:34:d2:43:39:99:8d:6e:5c:
e7:dc:3f:27:a3:39:ef:46:df:aa:d8:c6:b0:46:51:9f:38:b1:
47:13:d2:09:cd:2f:37:02:85:61:82:4a:e7:74:aa:ae:00:81:
e6:eb:4e:4b:16:64:03:f9:4b:75:bf:d8:d1:d2:b6:c4:5a:0e:
b2:47:ca:d3:58:11:99:07:ce:2b:28:41:93:75:b0:b1:70:14:
97:9b:a8:39:b0:0a:45:7f:0f:b2:f6:9b:b0:f8:90:07:c0:51:
f2:05:96:cc:df:17:d4:d0:85:83:a4:a8:7a:de:cc:87:16:3f:
56:7b:29:72:88:9b:1f:ee:38:68:f6:f4:c7:08:74:c5:fb:3d:
95:48:9d:cb:ff:d8:33:0a:e4:16:9b:a4:60:de:8c:2c:9b:24:
c3:a7:70:f4:00:4c:b5:76:39:4d:22:2a:bf:e1:4b:cf:86:87:
bf:9e:47:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4PCQgnlE7kmXb9VednOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWVkMmNmZjhjZTMxYjMzNGY4M2EwYjMwNWZlZWYwMWQ3
MWRhNzUwHhcNMjUxMTExMDcwMDQzWhcNMjUxMTEyMDcwMDQzWjAzMTEwLwYDVQQD
EygxYTk3YzFjNTI4N2E0YWQwODliNTM4OGI5NjQ1NzQ4MTcwYmFkNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEU8zpd3REP/kGVeQ5z8dL++XuFI
tHv9cUU9XgZkHftSuZYCeh0a7e3rDyQxKSk5mZxAw/RE2sOOPUMmLoJPnI9oD6+j
RRzgwHS0Eq/pdtXwzl/rNIEV3eTFwNqNM1dNt7hJ8H1t36+xTFjDsdB25y8qi9if
ZiakprpnEfyiHp/ieCupkNb0HZGtt2UdRACip+HA17HGuun3mbHCnkISmWsBDbnn
PMNCrQyDTOVc8kg229VKFrAewHMtKgL6qy8V/DF6DBTo9pP/qNOiiLITNSj8t9nW
wwja4srmqKy/opYML0f0b+LqLM6A6Ev2FN2kFhNX/upQXZzZfLid9+aukwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqXwcUoekrQibU4i5ZFdIFwutVqMB8GA1UdIwQY
MBaAFImu0s/4zjGzNPg6CzBf7vAdcdp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYt
ZmJlOGJjNWEyOWZhLzEvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYtZmJlOGJjNWEyOWZh
LzEvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwEj2EqO
+pZnmjPt7hpnmw1DkZx6Vekv7xoheNHlcFvprtvYv1wBd78DLeumThD7WktJ02m3
9wc2fxmPJFl19LFrrAZJPEriXKUUorjAxS6uCjTSQzmZjW5c59w/J6M570bfqtjG
sEZRnzixRxPSCc0vNwKFYYJK53SqrgCB5utOSxZkA/lLdb/Y0dK2xFoOskfK01gR
mQfOKyhBk3WwsXAUl5uoObAKRX8PsvabsPiQB8BR8gWWzN8X1NCFg6Soet7MhxY/
VnspcoibH+44aPb0xwh0xfs9lUidy//YMwrkFpukYN6MLJskw6dw9ABMtXY5TSIq
v+FLz4aHv55HkA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:31:23 2025 by rpki-client