Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
File: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft (raw, json)
Hash identifier: ZJnu6tlPrg53OQdTf4MXGeY14kMRZAfqG05xb2j2jUg=
Subject key identifier: 3A:FB:CF:69:CB:B1:3B:2A:A8:BF:0C:21:73:4E:55:97:AB:F8:EB:A6
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 019A72935B239F82B24D889CAD4D1EAE431A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 11:00:50 +0000
Manifest this update: Tue 11 Nov 2025 11:00:50 +0000
Manifest next update: Wed 12 Nov 2025 11:00:50 +0000
Files and hashes: 1: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl (hash: 9rZe6ELOkn+2JDY2mS7QQen8YVo2PMzIW2RlE7IOXo4=)
2: ZUnY6DcgMFOkn5YPuY63h16XVew.roa (hash: j75VTgwm6ax4o8jG9UYWYEtlaoF5sYfNI7iKEcRNxJM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5b:23:9f:82:b2:4d:88:9c:ad:4d:1e:ae:43:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Nov 11 11:00:50 2025 GMT
Not After : Nov 12 11:00:50 2025 GMT
Subject: CN=3afbcf69cbb13b2aa8bf0c21734e5597abf8eba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ba:d7:f0:45:c8:34:42:b7:a4:bf:a7:01:32:
d4:16:e9:2f:40:6f:1d:d5:1a:a6:a9:f0:3f:84:19:
e2:17:2d:35:89:39:cf:01:b9:45:a4:b6:2f:bd:b6:
76:bd:aa:f7:78:9c:aa:59:cb:ab:e9:8a:92:d6:9d:
b9:3d:a3:40:b7:b4:7e:b1:d1:84:d6:a6:f2:f2:87:
5e:ff:b7:05:23:fd:84:a0:ab:47:e9:61:69:40:3c:
4b:f1:d0:9f:e8:70:ef:7f:fb:58:f1:69:8b:d6:20:
11:15:3a:b2:3e:99:cd:5f:29:93:d5:b8:f1:a1:b4:
90:fd:72:16:90:97:85:5e:9b:c8:82:cf:f8:36:ee:
38:c6:bb:15:f0:c2:3f:15:17:42:ad:dd:d2:1f:7f:
73:10:5f:08:36:ac:ff:c6:3b:ac:1d:bc:29:6c:ff:
c1:43:c8:a7:63:d3:4a:1d:7e:09:86:9e:bb:7d:62:
e8:dc:97:72:fe:68:17:5e:5a:86:c8:99:45:93:fd:
dd:80:68:58:b9:e3:fa:c8:41:86:77:6c:71:f7:4c:
99:8e:62:74:c7:61:79:6a:f1:42:68:39:eb:9c:f6:
d3:cc:62:55:35:ca:80:c6:20:ef:98:42:bb:45:8e:
77:4f:69:7d:ca:00:db:32:65:75:ca:5b:7f:ce:5f:
b5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FB:CF:69:CB:B1:3B:2A:A8:BF:0C:21:73:4E:55:97:AB:F8:EB:A6
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:eb:aa:fe:fe:8e:48:bf:af:33:a7:f2:75:b3:bb:96:28:ca:
68:90:00:6a:93:e5:db:d5:16:fa:ae:8b:32:77:f3:18:c1:29:
f0:76:4d:58:c2:0a:e8:b0:df:52:e8:dc:d1:38:9b:6f:a9:ab:
0a:ad:1d:ef:2f:a5:bc:ce:e6:7c:13:71:93:88:94:73:c1:6b:
1a:4e:3a:5c:e0:19:1a:23:52:f3:41:f2:1a:33:0d:a2:cd:71:
3e:1c:f8:94:64:b7:08:f7:ce:d5:12:fe:95:7e:f7:62:69:f2:
cc:00:59:2e:e1:2a:a7:8b:7b:5c:91:ff:8d:0c:c9:bf:33:5c:
0f:c8:0b:fe:df:c6:e9:91:80:79:a1:5d:0e:29:e9:8e:f1:6d:
64:2e:d1:48:7d:e0:3a:d8:1d:98:75:f7:39:50:cd:b3:07:62:
bf:f7:03:dd:ac:b5:37:df:ba:92:d5:8b:7f:89:81:ce:35:82:
1d:77:60:49:6b:41:1f:9d:5e:42:a7:c8:70:88:59:ad:e8:9f:
16:54:82:77:0d:0c:c4:b5:de:82:ec:b9:11:38:d0:f6:b7:9c:
73:79:8d:ed:3d:80:e7:17:3d:f9:e5:57:01:f3:fe:fc:07:c7:
b0:94:55:af:d9:b9:7e:34:c8:50:03:ba:1e:89:13:7f:39:1c:
f6:af:79:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1sjn4KyTYicrU0erkMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjUxMTExMTEwMDUwWhcNMjUxMTEyMTEwMDUwWjAzMTEwLwYDVQQD
EygzYWZiY2Y2OWNiYjEzYjJhYThiZjBjMjE3MzRlNTU5N2FiZjhlYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprrX8EXINEK3pL+nATLUFukvQG8d
1RqmqfA/hBniFy01iTnPAblFpLYvvbZ2var3eJyqWcur6YqS1p25PaNAt7R+sdGE
1qby8ode/7cFI/2EoKtH6WFpQDxL8dCf6HDvf/tY8WmL1iARFTqyPpnNXymT1bjx
obSQ/XIWkJeFXpvIgs/4Nu44xrsV8MI/FRdCrd3SH39zEF8INqz/xjusHbwpbP/B
Q8inY9NKHX4Jhp67fWLo3Jdy/mgXXlqGyJlFk/3dgGhYueP6yEGGd2xx90yZjmJ0
x2F5avFCaDnrnPbTzGJVNcqAxiDvmEK7RY53T2l9ygDbMmV1ylt/zl+1yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDr7z2nLsTsqqL8MIXNOVZer+OumMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc+uq/v6O
SL+vM6fydbO7lijKaJAAapPl29UW+q6LMnfzGMEp8HZNWMIK6LDfUujc0Tibb6mr
Cq0d7y+lvM7mfBNxk4iUc8FrGk46XOAZGiNS80HyGjMNos1xPhz4lGS3CPfO1RL+
lX73YmnyzABZLuEqp4t7XJH/jQzJvzNcD8gL/t/G6ZGAeaFdDinpjvFtZC7RSH3g
OtgdmHX3OVDNswdiv/cD3ay1N9+6ktWLf4mBzjWCHXdgSWtBH51eQqfIcIhZreif
FlSCdw0MxLXeguy5ETjQ9recc3mN7T2A5xc9+eVXAfP+/AfHsJRVr9m5fjTIUAO6
HokTfzkc9q95LQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:42 2025 by rpki-client