Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
File: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft (raw, json)
Hash identifier: 7j1KHDITA8CTwic+E2filFaoOhC7wRVCJJntQi1WIRg=
Subject key identifier: 89:25:E2:BC:73:55:DD:15:0A:3A:C0:AC:8E:F6:4F:1C:08:28:48:4D
Authority key identifier: D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72
Certificate issuer: /CN=d422367433765b541a37390a998997b737c46472
Certificate serial: 019A72CAC4C96754ED92AA01084A78D4DA86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
Manifest number: 16B2
Signing time: Tue 11 Nov 2025 12:01:22 +0000
Manifest this update: Tue 11 Nov 2025 12:01:22 +0000
Manifest next update: Wed 12 Nov 2025 12:01:22 +0000
Files and hashes: 1: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl (hash: UVAjWot0RAom9WXosehmtEgJHTjd+K9KqtM9FEEYdQM=)
2: dO1sDlUm4GNT1NLwZmfUYJ1pPqA.roa (hash: JWs3QU5N8u442ANJ16//ujHqSWgzP2/558mG+17RvNo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:c4:c9:67:54:ed:92:aa:01:08:4a:78:d4:da:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d422367433765b541a37390a998997b737c46472
Validity
Not Before: Nov 11 12:01:22 2025 GMT
Not After : Nov 12 12:01:22 2025 GMT
Subject: CN=8925e2bc7355dd150a3ac0ac8ef64f1c0828484d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:82:16:82:67:fd:40:3b:0b:84:a1:f8:a4:f6:
90:ea:9a:ad:9d:85:d8:1d:29:01:ae:9a:3d:de:db:
4b:04:48:4f:64:cf:e5:04:55:f0:d0:b8:56:e1:e1:
7e:c9:26:df:ac:ed:28:a3:b4:f6:2f:2a:c0:07:35:
08:49:f7:49:47:c0:69:31:29:84:87:9f:f9:79:ca:
59:90:d1:78:30:06:45:e1:63:41:d6:22:0f:56:ac:
cb:5c:c3:eb:2e:5a:87:b9:47:f5:13:87:fd:5a:7f:
3e:7c:be:88:b0:7e:38:0c:13:d8:0c:f7:98:b6:03:
92:c3:58:e2:97:98:4c:15:eb:1b:a5:03:5c:70:fe:
55:44:98:14:c8:5e:37:1c:cd:41:88:e6:d3:fe:e0:
20:a7:59:17:70:6e:ca:ed:04:2f:ee:db:c6:64:bc:
35:ec:b0:ec:4d:a6:3e:ab:aa:de:5a:7b:5e:92:2f:
50:16:52:aa:11:fd:40:33:7a:6b:58:42:13:55:8c:
fe:3a:47:b2:d4:de:d8:e4:d3:15:11:65:0b:b8:cd:
6e:a5:55:76:68:47:1d:67:30:f0:9c:f3:59:dc:8a:
36:2e:b7:56:54:05:b5:cf:da:53:3b:d8:2e:c0:7f:
03:30:e9:70:70:10:17:0e:e6:a0:1c:eb:fb:16:83:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:25:E2:BC:73:55:DD:15:0A:3A:C0:AC:8E:F6:4F:1C:08:28:48:4D
X509v3 Authority Key Identifier:
keyid:D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:2d:7d:53:ef:cf:fb:5d:7c:26:3e:1b:1b:5e:b0:16:16:de:
78:a1:b0:9e:b3:b8:b6:67:46:7f:9d:50:10:b7:1d:33:c6:fb:
97:c3:0e:fc:9b:8d:e7:38:06:15:85:ff:63:f1:c2:fc:03:a7:
5b:00:79:39:b7:85:a5:92:25:19:82:aa:62:7c:25:62:13:46:
1a:29:20:5b:5b:5c:67:b3:e2:b5:e4:f3:92:f9:ec:68:c5:ea:
44:f3:6f:4b:2a:d9:73:df:8a:e0:bc:79:58:d2:01:ad:a4:6c:
80:d9:21:99:4c:77:21:47:bb:9d:90:05:07:2d:95:05:a6:82:
82:7b:98:62:47:a3:79:cb:73:c5:37:c0:a9:08:83:70:30:c8:
a3:bb:24:3d:a6:97:90:1b:c4:7a:97:bd:c2:0e:b2:45:01:8c:
73:1f:93:a9:4b:07:3c:60:24:b6:e3:41:f7:e1:02:23:41:e1:
0e:98:2e:83:87:36:c0:3e:2c:e9:6b:b2:a1:16:0a:1a:53:0a:
26:5c:e8:76:f9:15:47:e2:4d:fc:2f:ce:70:93:ad:fe:4f:5d:
ab:ce:c8:6d:82:32:9d:45:fb:77:d6:f6:9f:4b:06:34:98:de:
ad:c1:d1:cb:37:0a:79:12:57:a9:0f:de:5f:47:e7:54:d1:40:
3c:f1:58:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyysTJZ1TtkqoBCEp41NqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjIzNjc0MzM3NjViNTQxYTM3MzkwYTk5ODk5N2I3Mzdj
NDY0NzIwHhcNMjUxMTExMTIwMTIyWhcNMjUxMTEyMTIwMTIyWjAzMTEwLwYDVQQD
Eyg4OTI1ZTJiYzczNTVkZDE1MGEzYWMwYWM4ZWY2NGYxYzA4Mjg0ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoIWgmf9QDsLhKH4pPaQ6pqtnYXY
HSkBrpo93ttLBEhPZM/lBFXw0LhW4eF+ySbfrO0oo7T2LyrABzUISfdJR8BpMSmE
h5/5ecpZkNF4MAZF4WNB1iIPVqzLXMPrLlqHuUf1E4f9Wn8+fL6IsH44DBPYDPeY
tgOSw1jil5hMFesbpQNccP5VRJgUyF43HM1BiObT/uAgp1kXcG7K7QQv7tvGZLw1
7LDsTaY+q6reWnteki9QFlKqEf1AM3prWEITVYz+Okey1N7Y5NMVEWULuM1upVV2
aEcdZzDwnPNZ3Io2LrdWVAW1z9pTO9guwH8DMOlwcBAXDuagHOv7FoPcVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkl4rxzVd0VCjrArI72TxwIKEhNMB8GA1UdIwQY
MBaAFNQiNnQzdltUGjc5CpmJl7c3xGRyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEt
YmM3NTQ2NjA0N2M5LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEtYmM3NTQ2NjA0N2M5
LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAS19U+/P
+118Jj4bG16wFhbeeKGwnrO4tmdGf51QELcdM8b7l8MO/JuN5zgGFYX/Y/HC/AOn
WwB5ObeFpZIlGYKqYnwlYhNGGikgW1tcZ7PiteTzkvnsaMXqRPNvSyrZc9+K4Lx5
WNIBraRsgNkhmUx3IUe7nZAFBy2VBaaCgnuYYkejectzxTfAqQiDcDDIo7skPaaX
kBvEepe9wg6yRQGMcx+TqUsHPGAktuNB9+ECI0HhDpgug4c2wD4s6WuyoRYKGlMK
JlzodvkVR+JN/C/OcJOt/k9dq87IbYIynUX7d9b2n0sGNJjercHRyzcKeRJXqQ/e
X0fnVNFAPPFYFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:44 2025 by rpki-client