Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
File: IkCgcYD88zY191fMFEng1dvU_bg.mft (raw, json)
Hash identifier: BT/9QhQ67hbRK0QqSRPs7RWqF1/aAhzv/N8vMi1DoX4=
Subject key identifier: 11:23:FC:58:91:4C:C3:F2:43:5F:15:AC:F3:9D:C4:E6:C9:5A:41:8D
Authority key identifier: 22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
Certificate issuer: /CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Certificate serial: 019A70DC59924F4AB0703E5BD8E0FA2CE559
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
Manifest number: 0306
Signing time: Tue 11 Nov 2025 03:01:20 +0000
Manifest this update: Tue 11 Nov 2025 03:01:20 +0000
Manifest next update: Wed 12 Nov 2025 03:01:20 +0000
Files and hashes: 1: IkCgcYD88zY191fMFEng1dvU_bg.crl (hash: F3s2kmsJGucLym2RziMqspOPAjAI8E3zhRIyk7MCrfg=)
2: nvx0QRZQO1QzuvMN00Bva6hTGZw.roa (hash: Gw59i4bicuVuHEY8V6dHsuW9MPHvsYhnw1rq0LLdv8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:59:92:4f:4a:b0:70:3e:5b:d8:e0:fa:2c:e5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Validity
Not Before: Nov 11 03:01:20 2025 GMT
Not After : Nov 12 03:01:20 2025 GMT
Subject: CN=1123fc58914cc3f2435f15acf39dc4e6c95a418d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:86:7b:3b:d9:8e:64:35:c8:1a:50:c5:04:d5:
90:7d:1b:0f:9a:9b:07:c9:c5:80:35:88:64:7c:30:
a3:6c:26:f1:7d:e7:91:38:5d:fe:db:1f:c2:ad:13:
16:aa:aa:3a:c6:18:ab:41:b9:59:82:5d:03:9c:24:
1c:2d:b4:2a:63:45:d8:85:50:b9:7d:ab:27:75:4e:
01:43:9b:71:ce:27:1b:4b:c3:cc:3a:56:4d:1e:5f:
73:06:49:e1:f4:df:dc:de:74:1b:4c:c4:e6:cd:8b:
50:1b:66:76:81:c4:46:4c:04:39:33:d6:0b:aa:a6:
aa:40:64:8a:86:de:ef:87:61:18:f5:e5:41:22:0b:
96:40:a2:f3:a1:b7:a7:db:9b:75:5a:92:e5:8b:2f:
a3:9e:68:b5:18:e4:7b:d7:27:a5:08:be:9c:a0:92:
68:3f:ab:cb:9f:9f:62:7c:fc:94:ac:cb:86:9b:e6:
bb:44:16:d7:0f:69:76:5a:6b:89:aa:52:5d:1e:0f:
56:60:4c:8b:4a:4c:a3:b5:24:84:8e:dc:ae:22:79:
6a:74:86:ac:f7:cb:de:13:d6:d1:f1:64:b4:60:05:
9a:d8:d7:7f:26:05:c9:8f:4b:a5:e9:ed:2a:f2:51:
5d:69:7a:20:00:43:81:2f:4b:4d:ae:62:04:5f:51:
86:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:23:FC:58:91:4C:C3:F2:43:5F:15:AC:F3:9D:C4:E6:C9:5A:41:8D
X509v3 Authority Key Identifier:
keyid:22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:e0:cf:f6:cb:c1:80:87:4f:87:16:a3:63:67:ec:b2:2d:d9:
e8:ca:ac:3e:fe:12:6a:20:7d:0d:31:fa:e0:42:9b:a5:bc:8b:
95:eb:0a:6f:cb:76:3f:bb:54:38:26:b2:bf:d3:c1:f0:a8:5f:
6c:05:6b:dd:87:8c:dc:f3:77:3f:f0:df:34:23:32:29:4a:47:
f7:96:95:c1:72:cf:22:aa:b0:55:bf:d0:4f:2e:d2:68:5e:dd:
94:99:a4:66:66:7d:ee:23:60:15:9d:f3:19:65:60:b1:e4:f2:
10:22:62:52:b4:73:4e:5b:be:6c:a8:2c:9f:4a:88:be:91:16:
f6:ba:0a:62:94:33:da:13:f7:67:89:61:98:61:eb:d7:42:39:
6a:b3:7a:1e:25:0a:5b:de:64:5b:ff:63:a0:6c:c5:fd:2a:62:
38:58:6c:f1:d9:55:20:79:45:1a:e5:4a:2f:74:34:ac:60:bc:
8d:40:0f:66:6d:75:c6:60:f7:74:10:d9:f5:ef:67:58:51:ce:
4a:2f:65:80:32:47:d0:7e:4b:b1:3f:ae:c2:8d:43:2b:c6:b6:
26:d6:be:be:78:6c:19:d1:8a:59:d7:4b:b7:28:eb:44:77:33:
d2:0e:8d:56:0e:d3:0b:84:ea:a3:55:0f:6a:97:05:b2:3d:6f:
8a:b1:d6:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3FmST0qwcD5b2OD6LOVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNDBhMDcxODBmY2YzMzYzNWY3NTdjYzE0NDllMGQ1ZGJk
NGZkYjgwHhcNMjUxMTExMDMwMTIwWhcNMjUxMTEyMDMwMTIwWjAzMTEwLwYDVQQD
EygxMTIzZmM1ODkxNGNjM2YyNDM1ZjE1YWNmMzlkYzRlNmM5NWE0MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Z7O9mOZDXIGlDFBNWQfRsPmpsH
ycWANYhkfDCjbCbxfeeROF3+2x/CrRMWqqo6xhirQblZgl0DnCQcLbQqY0XYhVC5
fasndU4BQ5txzicbS8PMOlZNHl9zBknh9N/c3nQbTMTmzYtQG2Z2gcRGTAQ5M9YL
qqaqQGSKht7vh2EY9eVBIguWQKLzoben25t1WpLliy+jnmi1GOR71yelCL6coJJo
P6vLn59ifPyUrMuGm+a7RBbXD2l2WmuJqlJdHg9WYEyLSkyjtSSEjtyuInlqdIas
98veE9bR8WS0YAWa2Nd/JgXJj0ul6e0q8lFdaXogAEOBL0tNrmIEX1GGcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEj/FiRTMPyQ18VrPOdxObJWkGNMB8GA1UdIwQY
MBaAFCJAoHGA/PM2NfdXzBRJ4NXb1P24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEt
ZDBiZDBlODAzZmQxLzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEtZDBiZDBlODAzZmQx
LzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+DP9svB
gIdPhxajY2fssi3Z6MqsPv4SaiB9DTH64EKbpbyLlesKb8t2P7tUOCayv9PB8Khf
bAVr3YeM3PN3P/DfNCMyKUpH95aVwXLPIqqwVb/QTy7SaF7dlJmkZmZ97iNgFZ3z
GWVgseTyECJiUrRzTlu+bKgsn0qIvpEW9roKYpQz2hP3Z4lhmGHr10I5arN6HiUK
W95kW/9joGzF/SpiOFhs8dlVIHlFGuVKL3Q0rGC8jUAPZm11xmD3dBDZ9e9nWFHO
Si9lgDJH0H5LsT+uwo1DK8a2Jta+vnhsGdGKWddLtyjrRHcz0g6NVg7TC4Tqo1UP
apcFsj1virHWAw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:38:14 2025 by rpki-client