Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
File: 1QibzgjFXapXtPOjyQcPs5GFPM8.mft (raw, json)
Hash identifier: p6cJyRkYbqRblljn8/RdZkDjsO3buVQ0TqdqxWGyWlE=
Subject key identifier: A6:2D:3C:E4:BD:C2:31:A4:4B:5A:68:2B:54:68:AE:51:B9:33:5A:D7
Authority key identifier: D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
Certificate issuer: /CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Certificate serial: 019A04B5EF9FBF0CF90AE4895A9B53634D0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
Manifest number: 0BBB
Signing time: Tue 21 Oct 2025 03:00:23 +0000
Manifest this update: Tue 21 Oct 2025 03:00:23 +0000
Manifest next update: Wed 22 Oct 2025 03:00:23 +0000
Files and hashes: 1: 1QibzgjFXapXtPOjyQcPs5GFPM8.crl (hash: hEXEpW3YuUktNzIhOqnTG+XTy8rLSQD4gnMhjmhHSEY=)
2: Vf8IRTOjd5EHRik_XU5SL231JR0.roa (hash: pdMIDPOwO8DUN6tctG8DJMO1R37Vl0PhbVyMv6IZEJE=)
3: x75CgHaNcNlIrskWea67UxRrM1c.roa (hash: xJt3cVolGlaYguNEQZsOwCLANVkSIZwIfqNsviXM16Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 03:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:b5:ef:9f:bf:0c:f9:0a:e4:89:5a:9b:53:63:4d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Validity
Not Before: Oct 21 03:00:23 2025 GMT
Not After : Oct 22 03:00:23 2025 GMT
Subject: CN=a62d3ce4bdc231a44b5a682b5468ae51b9335ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ec:27:3d:f0:ab:06:cd:1f:d0:0f:23:4f:71:
6d:d1:98:80:f1:b5:0c:f8:5f:15:4a:58:e1:29:12:
44:a7:74:5c:f1:08:dd:65:e1:ae:3f:b0:11:99:f6:
e0:6b:f1:e7:82:1c:2b:df:37:da:82:9c:26:71:95:
a2:26:08:5d:8a:23:fb:04:2d:9e:05:1a:52:bf:59:
0b:06:0b:d1:95:3b:a6:f9:ba:1a:b6:5b:15:34:c7:
e7:a9:e6:d4:d3:6e:17:35:45:43:a4:a7:e0:69:e9:
61:1b:ae:ca:65:17:54:86:df:49:c5:f4:b8:00:51:
ed:1c:7d:ff:e9:73:3e:29:c0:f2:4d:ad:51:dc:c1:
2d:f5:1b:86:f4:85:f5:ae:2f:4f:04:2d:24:67:0e:
ee:2f:33:30:54:70:ad:cf:16:49:13:5c:68:9f:ad:
a7:00:07:eb:b3:45:9f:34:a5:02:d5:4b:a2:e3:6d:
98:7f:c4:0e:59:2a:a6:e1:28:43:e3:12:57:03:b9:
7a:9f:da:b5:d7:dd:a3:44:69:ad:c7:47:71:4b:3d:
36:21:7c:bf:85:34:6d:fd:42:85:53:a8:08:0c:78:
a3:6b:ae:00:23:36:e1:a7:76:6c:43:36:ee:03:3b:
c5:da:f2:31:4f:28:e2:5b:0a:00:ce:a1:b9:a9:23:
23:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:3C:E4:BD:C2:31:A4:4B:5A:68:2B:54:68:AE:51:B9:33:5A:D7
X509v3 Authority Key Identifier:
keyid:D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:f0:d4:b3:53:48:37:f4:b6:88:31:41:60:11:45:cb:7d:0e:
be:6f:c6:c3:a5:c8:62:2c:06:66:fa:d2:27:84:d3:86:f6:0e:
d1:08:6b:b4:07:52:46:0d:19:38:12:7a:92:e1:49:a7:12:c8:
89:2d:5c:7a:44:23:01:50:09:28:0b:bf:e1:73:5e:be:df:2a:
6e:1a:c7:08:bc:c3:88:07:cd:4e:10:f1:7f:f8:31:de:04:09:
fa:7c:a7:3e:5f:4c:6f:98:f4:de:6c:45:50:f6:ae:7b:54:62:
8e:2a:77:7e:aa:51:45:83:e8:8b:10:d4:34:7c:6e:a9:92:52:
2d:53:95:84:5a:fc:6c:a4:49:35:5c:9a:7a:f4:4f:62:96:d9:
aa:b0:c7:25:99:40:36:6a:b5:6b:05:ce:30:42:5d:7a:a4:67:
8f:3a:0b:62:ca:24:c5:f3:e2:f4:8e:ba:3a:51:53:6c:96:ff:
fa:0f:a6:f0:33:d4:93:f9:d4:c2:d7:84:68:5e:db:2c:b5:d9:
32:96:e8:32:b6:8f:f0:8d:60:ab:9b:a3:a1:64:e9:15:29:66:
ca:20:50:9d:27:83:11:7b:ed:ba:96:7d:a1:13:2e:93:da:ed:
4f:26:99:db:1e:35:33:cb:3f:74:28:35:f9:78:08:f6:a4:89:
bb:ab:ee:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEte+fvwz5CuSJWptTY00LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDg5YmNlMDhjNTVkYWE1N2I0ZjNhM2M5MDcwZmIzOTE4
NTNjY2YwHhcNMjUxMDIxMDMwMDIzWhcNMjUxMDIyMDMwMDIzWjAzMTEwLwYDVQQD
EyhhNjJkM2NlNGJkYzIzMWE0NGI1YTY4MmI1NDY4YWU1MWI5MzM1YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhewnPfCrBs0f0A8jT3Ft0ZiA8bUM
+F8VSljhKRJEp3Rc8QjdZeGuP7ARmfbga/Hnghwr3zfagpwmcZWiJghdiiP7BC2e
BRpSv1kLBgvRlTum+boatlsVNMfnqebU024XNUVDpKfgaelhG67KZRdUht9JxfS4
AFHtHH3/6XM+KcDyTa1R3MEt9RuG9IX1ri9PBC0kZw7uLzMwVHCtzxZJE1xon62n
AAfrs0WfNKUC1Uui422Yf8QOWSqm4ShD4xJXA7l6n9q1192jRGmtx0dxSz02IXy/
hTRt/UKFU6gIDHija64AIzbhp3ZsQzbuAzvF2vIxTyjiWwoAzqG5qSMjgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYtPOS9wjGkS1poK1RorlG5M1rXMB8GA1UdIwQY
MBaAFNUIm84IxV2qV7Tzo8kHD7ORhTzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAt
NmQ3MWZlMTNkNjFkLzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAtNmQ3MWZlMTNkNjFk
LzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnfDUs1NI
N/S2iDFBYBFFy30Ovm/Gw6XIYiwGZvrSJ4TThvYO0QhrtAdSRg0ZOBJ6kuFJpxLI
iS1cekQjAVAJKAu/4XNevt8qbhrHCLzDiAfNThDxf/gx3gQJ+nynPl9Mb5j03mxF
UPaue1Rijip3fqpRRYPoixDUNHxuqZJSLVOVhFr8bKRJNVyaevRPYpbZqrDHJZlA
Nmq1awXOMEJdeqRnjzoLYsokxfPi9I66OlFTbJb/+g+m8DPUk/nUwteEaF7bLLXZ
MpboMraP8I1gq5ujoWTpFSlmyiBQnSeDEXvtupZ9oRMuk9rtTyaZ2x41M8s/dCg1
+XgI9qSJu6vu5g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 12:14:58 2025 by rpki-client