Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.mft
File: i7i2EnIdTUwtB8v-LklemGoPAm0.mft (raw, json)
Hash identifier: 0FovQ8MgkV4myVUopmZmipk67ecbqkTQ1xvnINTRYmg=
Subject key identifier: 91:3F:B2:18:70:E5:E8:F7:88:F8:C3:A9:D4:B0:61:21:A7:90:3F:97
Authority key identifier: 8B:B8:B6:12:72:1D:4D:4C:2D:07:CB:FE:2E:49:5E:98:6A:0F:02:6D
Certificate issuer: /CN=8bb8b612721d4d4c2d07cbfe2e495e986a0f026d
Certificate serial: 019A72263E45DFD3B4C8452B9F15207A9568
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7i2EnIdTUwtB8v-LklemGoPAm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.mft
Manifest number: 0700
Signing time: Tue 11 Nov 2025 09:01:40 +0000
Manifest this update: Tue 11 Nov 2025 09:01:40 +0000
Manifest next update: Wed 12 Nov 2025 09:01:40 +0000
Files and hashes: 1: i2xjHboexoRTpg38Qi-okoPsUcQ.roa (hash: x9dOoFm67St5fPryA+wWNLVDwzCG4EBSO5jTeQtPIqE=)
2: i7i2EnIdTUwtB8v-LklemGoPAm0.crl (hash: pX+EWlM/N9UhKZC4mX7PNDyZA8VPEMCeYfJsYXqx/qA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.mft
rsync://rpki.ripe.net/repository/DEFAULT/i7i2EnIdTUwtB8v-LklemGoPAm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:3e:45:df:d3:b4:c8:45:2b:9f:15:20:7a:95:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb8b612721d4d4c2d07cbfe2e495e986a0f026d
Validity
Not Before: Nov 11 09:01:40 2025 GMT
Not After : Nov 12 09:01:40 2025 GMT
Subject: CN=913fb21870e5e8f788f8c3a9d4b06121a7903f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d6:4f:9c:cf:0a:0d:c1:a0:19:23:72:da:c2:
7c:eb:24:d3:fa:d3:e3:c4:69:00:53:40:c8:01:0b:
6e:57:30:a5:55:34:e9:01:9d:ea:d4:00:40:09:83:
ce:a9:16:0b:2d:ac:74:ec:c1:4a:9a:ca:42:a8:04:
5f:0b:81:2e:f3:6c:c6:f0:a9:6b:fa:89:96:47:07:
65:b8:c2:f8:77:20:dd:37:5c:71:b6:a3:2e:34:b5:
3a:76:45:a0:bc:28:c3:61:ae:47:5f:95:6e:8b:60:
d4:c4:d5:a2:51:92:97:99:b5:d2:e7:c1:95:a7:c0:
c0:0e:aa:04:e8:40:c2:a5:1b:bc:8f:27:c3:9b:cd:
93:c6:84:24:3b:f3:a6:5a:e3:40:fa:07:d1:96:9c:
25:bc:3a:95:91:aa:32:aa:5d:bc:7b:c3:01:31:a0:
0e:3f:da:3c:6d:cc:01:11:86:ff:00:32:88:e8:41:
fe:42:f4:d6:92:be:7f:b7:6d:41:d8:cc:cc:30:4b:
ef:6b:f2:82:d0:9a:c4:d1:01:5d:a0:aa:96:80:1e:
df:9a:40:88:ff:51:7e:33:f7:c4:aa:df:2c:13:94:
36:dc:a0:30:85:8b:e3:78:26:ef:33:5f:35:84:5f:
18:ff:c8:46:36:9f:d4:5b:d1:d7:c2:03:57:2e:3d:
38:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3F:B2:18:70:E5:E8:F7:88:F8:C3:A9:D4:B0:61:21:A7:90:3F:97
X509v3 Authority Key Identifier:
keyid:8B:B8:B6:12:72:1D:4D:4C:2D:07:CB:FE:2E:49:5E:98:6A:0F:02:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7i2EnIdTUwtB8v-LklemGoPAm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:48:30:f8:c2:ec:eb:6f:b1:f5:65:7e:93:d1:58:d3:63:0d:
8d:22:8c:ed:03:37:d9:fb:51:a2:65:d8:fe:df:b6:06:f6:40:
41:7e:d5:77:e6:17:2a:13:8b:d1:2f:2e:6f:92:60:01:02:e4:
9b:b8:74:13:5c:f3:bf:e1:89:71:57:a8:04:25:f8:fe:82:ea:
08:98:7f:eb:25:ac:0f:96:05:ba:bc:31:e4:a7:09:8e:ef:fb:
63:5c:2b:a6:99:b0:2c:f2:ed:22:5a:3c:a0:3a:32:1f:4d:b1:
75:35:f9:89:4b:5e:c6:1c:bd:b2:ae:11:88:b4:18:f7:f5:73:
a4:b2:f2:a0:0f:1b:a9:ce:a9:df:78:0a:7e:2a:50:25:cd:82:
f6:94:b7:48:cc:e6:a1:24:44:a8:ca:77:05:80:44:5b:31:37:
12:96:4f:9b:68:b8:57:84:fb:c3:d7:a0:f5:bf:29:9c:80:9c:
37:b2:dd:82:ce:cd:db:db:96:31:fa:36:7d:b4:8c:c5:06:7a:
96:b3:d9:93:9d:a9:c1:df:23:ab:a0:7e:b2:b2:83:f4:45:c4:
ff:5c:39:9e:00:8d:47:66:a8:1f:b2:08:de:4a:92:e9:3c:7b:
c6:13:00:a6:e2:be:b2:1a:f1:1d:67:3b:8c:12:c3:99:40:a9:
70:81:71:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJj5F39O0yEUrnxUgepVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjhiNjEyNzIxZDRkNGMyZDA3Y2JmZTJlNDk1ZTk4NmEw
ZjAyNmQwHhcNMjUxMTExMDkwMTQwWhcNMjUxMTEyMDkwMTQwWjAzMTEwLwYDVQQD
Eyg5MTNmYjIxODcwZTVlOGY3ODhmOGMzYTlkNGIwNjEyMWE3OTAzZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdZPnM8KDcGgGSNy2sJ86yTT+tPj
xGkAU0DIAQtuVzClVTTpAZ3q1ABACYPOqRYLLax07MFKmspCqARfC4Eu82zG8Klr
+omWRwdluML4dyDdN1xxtqMuNLU6dkWgvCjDYa5HX5Vui2DUxNWiUZKXmbXS58GV
p8DADqoE6EDCpRu8jyfDm82TxoQkO/OmWuNA+gfRlpwlvDqVkaoyql28e8MBMaAO
P9o8bcwBEYb/ADKI6EH+QvTWkr5/t21B2MzMMEvva/KC0JrE0QFdoKqWgB7fmkCI
/1F+M/fEqt8sE5Q23KAwhYvjeCbvM181hF8Y/8hGNp/UW9HXwgNXLj043wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJE/shhw5ej3iPjDqdSwYSGnkD+XMB8GA1UdIwQY
MBaAFIu4thJyHU1MLQfL/i5JXphqDwJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdpMkVuSWRUVXd0Qjh2LUxrbGVtR29QQW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83MTkyYzItYTc4OC00ZjU2LWJlNmIt
YmI0OTNjNDZkZjNlLzEvaTdpMkVuSWRUVXd0Qjh2LUxrbGVtR29QQW0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83MTkyYzItYTc4OC00ZjU2LWJlNmItYmI0OTNjNDZkZjNl
LzEvaTdpMkVuSWRUVXd0Qjh2LUxrbGVtR29QQW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkgw+MLs
62+x9WV+k9FY02MNjSKM7QM32ftRomXY/t+2BvZAQX7Vd+YXKhOL0S8ub5JgAQLk
m7h0E1zzv+GJcVeoBCX4/oLqCJh/6yWsD5YFurwx5KcJju/7Y1wrppmwLPLtIlo8
oDoyH02xdTX5iUtexhy9sq4RiLQY9/VzpLLyoA8bqc6p33gKfipQJc2C9pS3SMzm
oSREqMp3BYBEWzE3EpZPm2i4V4T7w9eg9b8pnICcN7Ldgs7N29uWMfo2fbSMxQZ6
lrPZk52pwd8jq6B+srKD9EXE/1w5ngCNR2aoH7II3kqS6Tx7xhMApuK+shrxHWc7
jBLDmUCpcIFxyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:11:37 2025 by rpki-client