Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
File: IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft (raw, json)
Hash identifier: enziPMW4wSxCBSSYm9iswDhDjZ3Ph7UkMYXL55xOqAs=
Subject key identifier: AB:34:61:24:61:98:0D:B0:B0:81:B3:7C:AB:B1:B2:D1:F6:2E:24:5D
Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
Certificate issuer: /CN=229a038176c796ea4f2769f6be3cace1a3597634
Certificate serial: 019A70DC004AC5DB9A05D1BBD434AEFD5F75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 03:00:57 +0000
Manifest this update: Tue 11 Nov 2025 03:00:57 +0000
Manifest next update: Wed 12 Nov 2025 03:00:57 +0000
Files and hashes: 1: Hix749q65sYikumyIiO2w3pF6Ac.roa (hash: N0R4AArriY/KzHOEs+CuI34MlSMnkBHaO9k0W7jdIBQ=)
2: IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl (hash: mmhawL0K/TeLtJPVmSAmtmACnVTqQLVUWALOW0htWbI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:00:4a:c5:db:9a:05:d1:bb:d4:34:ae:fd:5f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634
Validity
Not Before: Nov 11 03:00:57 2025 GMT
Not After : Nov 12 03:00:57 2025 GMT
Subject: CN=ab34612461980db0b081b37cabb1b2d1f62e245d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bd:8e:95:11:36:4b:b1:e1:19:2c:78:87:54:
cd:b9:83:77:f3:a3:dd:e9:eb:f3:b9:c8:2d:2f:da:
02:8f:d6:d0:77:a0:6c:ef:c5:02:5f:15:6a:65:ed:
f8:ae:30:7f:48:6b:df:07:2f:dc:00:2d:12:89:52:
00:dc:68:3a:48:99:a9:71:28:4f:a5:80:34:e5:4f:
af:3d:48:74:7b:00:cb:d2:d5:c1:b4:54:68:fd:45:
2d:7e:07:5b:23:99:01:1e:d3:98:7c:2c:d8:61:28:
4a:63:d0:32:19:08:05:2a:65:e5:ce:71:50:3e:41:
cf:7d:ad:80:ae:6e:06:df:23:56:8a:88:a8:ef:6b:
1d:59:72:2e:1e:c9:60:56:aa:62:02:be:82:76:7b:
da:95:4c:69:c2:78:71:28:d2:ae:47:62:36:7e:6e:
d0:71:8e:3a:e4:7f:a2:88:9a:d1:b9:d2:5e:3e:11:
36:8f:dc:0c:cb:d2:b2:40:4a:f1:ec:27:f7:5b:74:
64:63:6e:7d:a6:e7:8b:b5:7d:80:9e:6f:69:f5:00:
79:be:f5:26:95:df:eb:51:07:b1:0b:d6:72:f3:43:
69:b3:df:bd:ab:57:40:50:44:07:55:f7:06:c9:4d:
5b:1d:46:41:f9:6c:4c:e0:ff:df:5a:85:88:f1:cd:
11:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:34:61:24:61:98:0D:B0:B0:81:B3:7C:AB:B1:B2:D1:F6:2E:24:5D
X509v3 Authority Key Identifier:
keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:77:f1:85:00:3f:2a:d6:d4:7e:38:8b:0b:b5:79:ec:be:e0:
52:3c:7f:ea:bb:a4:6b:9b:f6:04:7c:c3:e4:61:b6:1c:f2:c0:
16:3a:74:db:9c:ca:c2:83:b2:08:35:12:45:6d:fb:0f:ca:89:
88:bc:34:37:60:3b:ef:eb:87:e9:65:ac:cc:df:7c:9c:c5:d0:
b8:cc:1c:03:75:eb:57:f4:97:1d:29:8c:a0:5e:ea:44:3a:27:
3e:05:50:ec:32:da:ae:38:02:a7:88:a5:ac:46:a1:88:b3:55:
d1:d2:0e:07:1c:22:14:10:53:e2:1e:ba:54:88:89:78:07:f6:
1b:2c:06:60:cc:5f:dd:be:45:8e:c6:54:af:13:d3:40:c0:6f:
8b:a1:db:b4:12:69:c4:c7:21:46:5e:3f:77:20:64:23:be:2f:
36:9c:2a:5b:25:92:27:22:94:86:a4:a3:0e:de:ef:bc:51:5c:
37:d4:c6:2e:cb:62:70:4f:0b:d5:0d:5e:55:06:84:79:60:fe:
e9:6c:c0:a3:6c:b6:a9:3b:e7:63:2b:93:46:b9:dd:ba:4e:68:
1c:0a:f3:90:b7:35:b3:9c:59:41:7e:e8:09:4b:b3:71:b4:0d:
41:aa:e2:e1:1f:ff:ae:63:9a:51:82:80:0f:aa:d1:1b:4d:e1:
9b:ba:05:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3ABKxduaBdG71DSu/V91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1
OTc2MzQwHhcNMjUxMTExMDMwMDU3WhcNMjUxMTEyMDMwMDU3WjAzMTEwLwYDVQQD
EyhhYjM0NjEyNDYxOTgwZGIwYjA4MWIzN2NhYmIxYjJkMWY2MmUyNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b2OlRE2S7HhGSx4h1TNuYN386Pd
6evzucgtL9oCj9bQd6Bs78UCXxVqZe34rjB/SGvfBy/cAC0SiVIA3Gg6SJmpcShP
pYA05U+vPUh0ewDL0tXBtFRo/UUtfgdbI5kBHtOYfCzYYShKY9AyGQgFKmXlznFQ
PkHPfa2Arm4G3yNWioio72sdWXIuHslgVqpiAr6CdnvalUxpwnhxKNKuR2I2fm7Q
cY465H+iiJrRudJePhE2j9wMy9KyQErx7Cf3W3RkY259pueLtX2Anm9p9QB5vvUm
ld/rUQexC9Zy80Nps9+9q1dAUEQHVfcGyU1bHUZB+WxM4P/fWoWI8c0RJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKs0YSRhmA2wsIGzfKuxstH2LiRdMB8GA1UdIwQY
MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt
ZGMyMzAxZmJiYjdjLzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj
LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG3fxhQA/
KtbUfjiLC7V57L7gUjx/6ruka5v2BHzD5GG2HPLAFjp025zKwoOyCDUSRW37D8qJ
iLw0N2A77+uH6WWszN98nMXQuMwcA3XrV/SXHSmMoF7qRDonPgVQ7DLarjgCp4il
rEahiLNV0dIOBxwiFBBT4h66VIiJeAf2GywGYMxf3b5FjsZUrxPTQMBvi6HbtBJp
xMchRl4/dyBkI74vNpwqWyWSJyKUhqSjDt7vvFFcN9TGLsticE8L1Q1eVQaEeWD+
6WzAo2y2qTvnYyuTRrnduk5oHArzkLc1s5xZQX7oCUuzcbQNQari4R//rmOaUYKA
D6rRG03hm7oFlQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:25 2025 by rpki-client