Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: NrxQKOsQgaG9lG/cnUDuVLv+h7w0Nn0WjXOwyltJbfM=
Subject key identifier: E3:65:11:EA:05:84:30:5D:7F:DB:EE:3C:CB:32:5A:BE:31:42:AC:F7
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019A722592FC4E754BD327AEDB718320D8DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: ZIZ2oCMi7BL29iINIEJCSosZ8gYaUon2PASymLvk8Yc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:92:fc:4e:75:4b:d3:27:ae:db:71:83:20:d8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=e36511ea0584305d7fdbee3ccb325abe3142acf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:34:65:c9:45:e2:a8:6f:ac:dd:a4:47:e5:
a5:55:60:92:eb:8c:4d:a0:e2:52:2f:ac:c0:e4:3a:
b9:93:33:f3:32:4f:5f:da:a9:d4:8b:57:c1:6b:73:
8d:0d:ef:45:2f:9b:de:cb:c4:0c:30:db:48:57:4b:
ec:0d:ee:62:96:e4:25:82:33:1e:02:46:98:ff:7d:
f1:85:41:d1:9b:08:95:bc:62:a5:4e:3b:45:7a:78:
54:3d:05:b1:44:da:87:19:5f:38:db:d1:9c:ff:bd:
db:52:4a:ac:9b:90:1c:17:87:f1:7e:44:83:b5:4f:
94:be:35:e3:0e:95:2f:70:17:73:97:4d:44:04:07:
13:fc:48:03:4a:f6:e8:a4:bf:1e:a2:e5:1a:ff:f3:
43:2a:7a:b5:ff:d9:6e:db:ab:a7:3c:5e:79:98:08:
01:a7:b4:a9:be:aa:de:eb:35:2c:9c:ab:3d:ac:85:
a5:56:b1:57:e3:59:44:94:c7:61:b0:ef:57:6c:f6:
f9:5d:c2:4b:7d:7d:d5:05:2b:34:8c:91:c3:78:68:
e0:7a:b4:b9:b9:cf:67:53:3b:bc:72:1c:17:66:b1:
3e:72:a1:67:3d:f1:6e:f1:ab:d8:9b:cf:9c:36:23:
96:b0:03:d0:ca:e4:ef:97:9e:b9:e4:35:f6:91:b3:
b2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:65:11:EA:05:84:30:5D:7F:DB:EE:3C:CB:32:5A:BE:31:42:AC:F7
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:4c:23:e5:13:be:75:54:a3:4f:34:8e:99:7c:4d:bc:e6:15:
e1:41:91:8d:96:5c:d3:20:6d:e5:8c:ba:61:7b:cc:f4:e5:ea:
9a:64:49:fa:d4:e1:66:b8:f7:9a:c5:a9:e1:c0:09:de:93:4b:
7b:67:01:55:29:34:0f:ef:db:63:94:23:aa:e1:5a:03:1e:ff:
99:a4:4f:91:75:48:04:ab:3e:ad:6c:6b:6e:e7:67:ea:9b:83:
cd:25:24:9d:a3:5e:9c:11:01:26:44:97:ff:08:ec:4b:d4:24:
4e:ea:08:22:01:51:98:f7:4f:d9:0a:0f:cc:93:80:36:6a:7f:
aa:5b:23:f6:0d:02:7a:e1:72:60:f7:87:06:63:9a:e5:ff:b5:
dd:75:d5:a2:c6:a0:44:65:da:97:51:38:bc:d6:2e:b0:7a:c4:
b8:69:dc:bf:b7:4a:d1:41:b7:bb:c7:24:2c:7b:32:77:4c:b2:
7f:87:62:0a:c0:92:2a:c5:47:c0:78:94:b0:8d:8c:27:dd:90:
77:90:cc:2d:51:da:87:ac:88:f0:5a:3a:a3:20:c9:0f:ac:28:
02:05:44:ab:2a:be:3d:21:c3:dc:b8:6b:7f:e3:d5:38:b9:e5:
23:b2:b0:b7:73:ec:7c:df:db:de:5d:f8:e9:2b:8d:a7:ef:33:
06:d6:b0:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZL8TnVL0yeu23GDINjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhlMzY1MTFlYTA1ODQzMDVkN2ZkYmVlM2NjYjMyNWFiZTMxNDJhY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVs0ZclF4qhvrN2kR+WlVWCS64xN
oOJSL6zA5Dq5kzPzMk9f2qnUi1fBa3ONDe9FL5vey8QMMNtIV0vsDe5iluQlgjMe
AkaY/33xhUHRmwiVvGKlTjtFenhUPQWxRNqHGV8429Gc/73bUkqsm5AcF4fxfkSD
tU+UvjXjDpUvcBdzl01EBAcT/EgDSvbopL8eouUa//NDKnq1/9lu26unPF55mAgB
p7Spvqre6zUsnKs9rIWlVrFX41lElMdhsO9XbPb5XcJLfX3VBSs0jJHDeGjgerS5
uc9nUzu8chwXZrE+cqFnPfFu8avYm8+cNiOWsAPQyuTvl5655DX2kbOyGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONlEeoFhDBdf9vuPMsyWr4xQqz3MB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUwj5RO+
dVSjTzSOmXxNvOYV4UGRjZZc0yBt5Yy6YXvM9OXqmmRJ+tThZrj3msWp4cAJ3pNL
e2cBVSk0D+/bY5QjquFaAx7/maRPkXVIBKs+rWxrbudn6puDzSUknaNenBEBJkSX
/wjsS9QkTuoIIgFRmPdP2QoPzJOANmp/qlsj9g0CeuFyYPeHBmOa5f+13XXVosag
RGXal1E4vNYusHrEuGncv7dK0UG3u8ckLHsyd0yyf4diCsCSKsVHwHiUsI2MJ92Q
d5DMLVHah6yI8Fo6oyDJD6woAgVEqyq+PSHD3Lhrf+PVOLnlI7Kwt3PsfN/b3l34
6SuNp+8zBtawwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:39 2025 by rpki-client