Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: HB/LF6gezjvv3LZcGnZFifLqRJkz2To+eDHHVmJrPRs=
Subject key identifier: D8:E2:75:CC:BC:1B:94:C2:03:8F:12:8A:E2:BE:FF:4D:A7:F1:09:EE
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019A17985A4C76562166FF948E103C7E47E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 0ED1
Signing time: Fri 24 Oct 2025 19:00:51 +0000
Manifest this update: Fri 24 Oct 2025 19:00:51 +0000
Manifest next update: Sat 25 Oct 2025 19:00:51 +0000
Files and hashes: 1: hi3FrnF-3jLI3lIxcnrMYtC-4ow.roa (hash: Hon+3addqQMzwZi2hE3IgLssZw3bA0MMDqOLsP3ZK0E=)
2: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: RzT1CJl/wM0nCxCeTxr8qmk93Dwgf0oIDGeQvzF2SIs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:98:5a:4c:76:56:21:66:ff:94:8e:10:3c:7e:47:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Oct 24 19:00:51 2025 GMT
Not After : Oct 25 19:00:51 2025 GMT
Subject: CN=d8e275ccbc1b94c2038f128ae2beff4da7f109ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c0:cf:f4:03:8a:63:42:f6:8b:a8:46:48:71:
d1:f8:4d:c1:d0:66:29:6e:19:34:c0:6a:8d:f4:58:
2d:20:df:11:7c:43:a9:d3:f5:5a:4f:78:53:1e:72:
fd:ed:5c:a1:ff:c2:23:2e:bb:54:72:5c:e4:46:b4:
6b:fc:fd:0b:c9:93:94:2f:6a:3c:aa:f5:1c:d2:e5:
a6:1a:d7:cf:c4:1c:c1:f1:0f:fc:85:ed:e0:dc:e4:
32:94:35:13:9e:62:b2:34:18:24:78:63:a4:5c:e6:
1c:1b:56:74:30:29:91:4c:55:37:64:3f:f4:d6:e0:
50:43:60:a0:f2:15:f9:28:44:4a:c9:75:f2:29:9f:
80:9b:38:43:25:1c:a4:fe:28:d0:dc:33:9b:f4:91:
35:a6:fd:9d:6e:da:42:16:52:4a:fb:12:33:54:87:
f6:e6:f1:f9:87:57:bc:44:9c:0f:06:2d:7d:c3:8b:
07:87:c7:35:5c:27:ca:16:34:6c:2d:f9:24:dc:32:
3f:8f:ed:15:38:e3:95:16:43:d4:3f:57:32:db:8f:
09:5b:44:1b:ed:6c:44:71:35:d7:7d:b2:bf:ec:a7:
eb:7c:24:3f:81:55:2c:91:b2:10:46:7c:59:ec:6a:
f0:46:2d:a1:fa:3a:29:37:9b:17:de:df:d4:fa:87:
9a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E2:75:CC:BC:1B:94:C2:03:8F:12:8A:E2:BE:FF:4D:A7:F1:09:EE
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:b7:99:c8:2c:f1:ec:c4:1b:6f:0b:3a:25:5d:8d:38:fe:bb:
f8:ca:55:56:6b:14:55:8c:47:07:03:1c:8d:01:a8:58:c0:3a:
b3:ae:67:2c:c6:9a:b9:41:e1:b9:a2:ec:81:76:92:35:4c:77:
42:03:32:fb:fc:45:38:ec:06:36:cf:a3:97:ce:ab:5e:e8:bd:
5d:56:e1:91:0a:3f:d5:1b:b6:54:53:b0:ed:2c:3e:55:45:0c:
1d:1a:b5:7c:32:bc:a6:a1:3d:d4:f9:07:4b:c9:14:05:ad:14:
6d:61:c7:3f:3c:b2:af:e9:8b:11:87:b6:ae:ab:6a:77:ee:73:
0e:ab:f9:5d:16:01:d5:e4:9c:e6:18:6b:0b:a3:d5:cd:32:32:
f6:64:22:83:06:38:ec:2c:18:a7:24:96:a5:80:26:b3:aa:97:
44:72:fc:13:b7:38:14:d8:98:b0:ba:8f:8c:c7:8f:a9:73:6c:
47:12:34:0b:2d:e3:a9:4a:ec:fe:bf:a4:2e:9d:2a:c6:60:4b:
5e:82:a5:c9:6f:7e:3e:13:1d:16:f2:58:df:36:bc:bf:70:7a:
68:88:8a:92:c9:78:8a:c2:54:0e:b3:8c:45:e2:1a:db:32:7d:
6c:97:e4:a6:45:8f:8c:40:dc:7c:82:d5:80:fc:65:ba:ab:da:
18:ef:a1:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoXmFpMdlYhZv+UjhA8fkfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjUxMDI0MTkwMDUxWhcNMjUxMDI1MTkwMDUxWjAzMTEwLwYDVQQD
EyhkOGUyNzVjY2JjMWI5NGMyMDM4ZjEyOGFlMmJlZmY0ZGE3ZjEwOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8DP9AOKY0L2i6hGSHHR+E3B0GYp
bhk0wGqN9FgtIN8RfEOp0/VaT3hTHnL97Vyh/8IjLrtUclzkRrRr/P0LyZOUL2o8
qvUc0uWmGtfPxBzB8Q/8he3g3OQylDUTnmKyNBgkeGOkXOYcG1Z0MCmRTFU3ZD/0
1uBQQ2Cg8hX5KERKyXXyKZ+AmzhDJRyk/ijQ3DOb9JE1pv2dbtpCFlJK+xIzVIf2
5vH5h1e8RJwPBi19w4sHh8c1XCfKFjRsLfkk3DI/j+0VOOOVFkPUP1cy248JW0Qb
7WxEcTXXfbK/7KfrfCQ/gVUskbIQRnxZ7GrwRi2h+jopN5sX3t/U+oeaEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjidcy8G5TCA48SiuK+/02n8QnuMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbeZyCzx
7MQbbws6JV2NOP67+MpVVmsUVYxHBwMcjQGoWMA6s65nLMaauUHhuaLsgXaSNUx3
QgMy+/xFOOwGNs+jl86rXui9XVbhkQo/1Ru2VFOw7Sw+VUUMHRq1fDK8pqE91PkH
S8kUBa0UbWHHPzyyr+mLEYe2rqtqd+5zDqv5XRYB1eSc5hhrC6PVzTIy9mQigwY4
7CwYpySWpYAms6qXRHL8E7c4FNiYsLqPjMePqXNsRxI0Cy3jqUrs/r+kLp0qxmBL
XoKlyW9+PhMdFvJY3za8v3B6aIiKksl4isJUDrOMReIa2zJ9bJfkpkWPjEDcfILV
gPxluqvaGO+hwQ==
-----END CERTIFICATE-----
Generated at Sat Oct 25 04:19:06 2025 by rpki-client