Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: AP7+jLyvlbDTR3uTLDQDO7D0u3tX0y8yOzbAdGvX60k=
Subject key identifier: 0C:97:0A:7A:D7:93:F6:33:0B:60:30:88:26:B5:76:4D:47:8F:3C:D3
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019A70DC06618BD18888FE9316837B68B909
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 1725
Signing time: Tue 11 Nov 2025 03:00:58 +0000
Manifest this update: Tue 11 Nov 2025 03:00:58 +0000
Manifest next update: Wed 12 Nov 2025 03:00:58 +0000
Files and hashes: 1: ExfUqNEW3Lyq9Nl7Jq22WcfJ1rw.roa (hash: 6SjZfPEMGV4QZNr6XzSlmm+VNkfjjPfYSSMSKKIpL5E=)
2: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: vNVwKm0n8vGUcqpvILjPR7gnKURLZ3eTUs85eGKMSyQ=)
3: vuckuXbmedLIJWITtJ1gJzQY8X0.roa (hash: BujWwxtiu31OcVkERDwp6qXjCF/qZpedTzNgbY+R4ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:06:61:8b:d1:88:88:fe:93:16:83:7b:68:b9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Nov 11 03:00:58 2025 GMT
Not After : Nov 12 03:00:58 2025 GMT
Subject: CN=0c970a7ad793f6330b60308826b5764d478f3cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:60:e1:29:57:96:f4:01:7e:5b:8a:fe:ac:
3c:29:f7:89:b2:64:0c:98:5b:9d:f8:20:8e:7a:e1:
01:c6:99:0c:b4:03:e3:90:94:bc:ed:70:a8:cc:8c:
03:72:24:ed:ba:69:e9:90:8f:f6:49:73:07:b1:72:
40:24:36:f0:11:06:87:ac:38:5c:1c:7e:0e:1b:1e:
c2:1d:55:84:00:71:a8:b2:d1:cb:ca:b4:df:0a:1e:
d1:72:1f:1d:bd:24:f8:be:1d:6d:ef:89:92:1b:7d:
85:af:eb:3a:6b:f8:fb:54:b6:80:59:9f:65:db:d8:
05:42:1e:ba:b1:cc:b9:f4:dc:9c:1c:57:9f:10:f9:
dd:55:0f:40:38:60:21:8f:b0:12:80:a0:14:5f:56:
bb:bf:75:c3:01:90:b1:7c:46:1e:09:2e:d8:92:10:
34:d7:b4:dd:e2:f0:4e:c3:79:79:ba:90:af:c1:1a:
21:9b:be:8f:86:59:74:aa:f7:54:f9:f6:5b:f2:d9:
5a:eb:1f:54:cb:9c:96:68:b3:2f:3b:02:3e:bc:96:
0f:2a:d1:fa:f5:b2:f4:7e:2f:33:14:79:69:9f:42:
7e:f7:24:26:34:8d:b9:a1:ee:e8:83:10:cd:32:b2:
bb:ec:1f:bc:f3:fb:cb:fa:ea:0c:6a:b8:85:bf:aa:
55:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:97:0A:7A:D7:93:F6:33:0B:60:30:88:26:B5:76:4D:47:8F:3C:D3
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:85:44:c1:eb:25:a3:2c:f9:60:6b:e6:04:58:37:0e:d9:f1:
1c:f8:af:8f:a5:c2:33:7c:2b:54:2c:e1:0a:67:8f:d4:31:c9:
3d:03:fc:58:3f:2a:a4:73:f6:7e:1b:af:ae:80:a3:3a:4a:da:
e5:f7:1d:28:35:16:0a:c0:95:64:eb:14:54:01:46:ac:42:90:
5e:bd:72:92:d0:e8:00:ec:ae:f2:7a:df:0d:87:61:3a:fb:e6:
57:4f:68:82:81:27:c1:f8:6b:2e:53:12:cf:61:0d:f7:5b:64:
b8:ee:75:96:23:95:a3:fb:05:1b:78:0c:1e:c3:b8:64:82:cf:
0d:ec:62:5b:f5:e0:a4:3b:33:98:80:8e:b1:8e:13:aa:6d:f4:
e3:d9:48:25:b2:47:4f:f7:6d:1d:39:82:89:51:86:1a:d9:83:
b9:f6:18:ef:2a:78:01:7c:39:23:bc:44:68:50:91:f3:07:30:
7b:fc:f0:7c:eb:c3:95:ac:25:ea:ba:04:c1:e7:17:13:19:9b:
10:25:ef:97:fb:e7:44:d5:bf:4e:28:c2:01:3d:c7:bd:da:7f:
6b:6c:05:83:b7:33:0f:42:58:6c:d4:f2:7e:f3:38:ed:34:83:
03:9b:e7:f3:03:1e:97:08:8d:c9:20:2e:9c:0d:ba:b1:19:46:
2e:7b:74:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3AZhi9GIiP6TFoN7aLkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjUxMTExMDMwMDU4WhcNMjUxMTEyMDMwMDU4WjAzMTEwLwYDVQQD
EygwYzk3MGE3YWQ3OTNmNjMzMGI2MDMwODgyNmI1NzY0ZDQ3OGYzY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd9g4SlXlvQBfluK/qw8KfeJsmQM
mFud+CCOeuEBxpkMtAPjkJS87XCozIwDciTtumnpkI/2SXMHsXJAJDbwEQaHrDhc
HH4OGx7CHVWEAHGostHLyrTfCh7Rch8dvST4vh1t74mSG32Fr+s6a/j7VLaAWZ9l
29gFQh66scy59NycHFefEPndVQ9AOGAhj7ASgKAUX1a7v3XDAZCxfEYeCS7YkhA0
17Td4vBOw3l5upCvwRohm76Phll0qvdU+fZb8tla6x9Uy5yWaLMvOwI+vJYPKtH6
9bL0fi8zFHlpn0J+9yQmNI25oe7ogxDNMrK77B+88/vL+uoMariFv6pV0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyXCnrXk/YzC2AwiCa1dk1HjzzTMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhYVEwesl
oyz5YGvmBFg3DtnxHPivj6XCM3wrVCzhCmeP1DHJPQP8WD8qpHP2fhuvroCjOkra
5fcdKDUWCsCVZOsUVAFGrEKQXr1yktDoAOyu8nrfDYdhOvvmV09ogoEnwfhrLlMS
z2EN91tkuO51liOVo/sFG3gMHsO4ZILPDexiW/XgpDszmICOsY4Tqm3049lIJbJH
T/dtHTmCiVGGGtmDufYY7yp4AXw5I7xEaFCR8wcwe/zwfOvDlawl6roEwecXExmb
ECXvl/vnRNW/TijCAT3Hvdp/a2wFg7czD0JYbNTyfvM47TSDA5vn8wMelwiNySAu
nA26sRlGLnt0eg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:58:57 2025 by rpki-client