Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft
File: IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft (raw, json)
Hash identifier: s0ouxinJA85TP86zSoHLQCpU62qr2RddAa+kR+m0Jsc=
Subject key identifier: CE:36:D9:B3:B8:52:86:14:61:26:64:D7:8D:3F:31:74:5A:2F:D7:1E
Authority key identifier: 21:9B:7C:14:5E:0A:CF:81:48:41:8D:54:24:7D:FD:DF:FC:19:FA:4C
Certificate issuer: /CN=219b7c145e0acf8148418d54247dfddffc19fa4c
Certificate serial: 019A71EE5B52B5B7A322C225F856B1EB29CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft
Manifest number: 02D2
Signing time: Tue 11 Nov 2025 08:00:37 +0000
Manifest this update: Tue 11 Nov 2025 08:00:37 +0000
Manifest next update: Wed 12 Nov 2025 08:00:37 +0000
Files and hashes: 1: IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl (hash: LFkmR3L47Qs25PH5d5axHqfIwjFLEHOfP/RzNWHDD44=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft
rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:5b:52:b5:b7:a3:22:c2:25:f8:56:b1:eb:29:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219b7c145e0acf8148418d54247dfddffc19fa4c
Validity
Not Before: Nov 11 08:00:37 2025 GMT
Not After : Nov 12 08:00:37 2025 GMT
Subject: CN=ce36d9b3b8528614612664d78d3f31745a2fd71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3e:54:67:45:d4:e3:c7:e0:e7:a4:19:e3:a5:
17:cb:44:15:ad:49:41:00:64:cc:e4:79:ec:0f:f2:
33:71:8c:1d:c6:9c:1a:47:6f:4b:46:e5:24:10:1e:
79:76:86:55:a9:aa:15:1d:e7:08:94:8b:f9:34:0f:
80:20:dc:7a:67:2d:9c:56:d1:be:38:13:e1:e3:0a:
29:0f:e0:fd:76:d6:04:d1:87:da:8e:50:67:b5:f7:
e8:d3:d8:9d:d7:c1:73:48:ef:88:85:b2:44:86:fb:
f6:e2:af:7b:ba:93:39:77:a1:88:9a:f5:22:73:5d:
38:51:01:e4:b5:a3:94:41:18:47:5f:f3:79:5d:34:
97:3e:72:f5:65:ef:ca:62:95:e8:25:53:78:c4:12:
55:d5:e7:d6:ed:b0:52:f4:0b:f2:d1:a6:c1:3a:61:
54:e5:00:af:c2:27:0c:5b:78:71:d6:7e:6f:87:a9:
42:59:13:03:3f:3a:f7:8f:67:a0:97:63:52:ee:b7:
59:65:56:8f:19:32:ee:64:62:45:a7:c6:28:25:27:
5f:1d:f1:59:ed:cc:cf:12:1c:72:01:99:26:70:85:
aa:93:bd:2b:93:42:44:48:cd:7d:78:5b:c8:34:af:
f8:78:92:02:5b:e4:de:e4:4f:8d:eb:23:93:49:3a:
16:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:36:D9:B3:B8:52:86:14:61:26:64:D7:8D:3F:31:74:5A:2F:D7:1E
X509v3 Authority Key Identifier:
keyid:21:9B:7C:14:5E:0A:CF:81:48:41:8D:54:24:7D:FD:DF:FC:19:FA:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:c6:8e:e2:0e:83:c1:06:19:76:21:7a:8f:11:99:56:f8:22:
ee:5a:cb:d1:c3:2f:37:d9:d8:0e:b3:a4:53:55:9e:0a:ce:e5:
ec:3e:33:a1:7a:2d:31:94:7f:82:24:f6:25:4e:3f:00:a1:d8:
59:0f:1f:0f:14:d2:a8:31:6f:15:bc:38:b8:14:a5:b3:19:31:
b7:20:d8:ae:b6:80:89:b3:7d:20:30:6e:b0:b7:15:cf:af:4a:
5b:56:53:05:00:08:3e:37:22:63:d7:d3:cc:4b:0d:5d:28:84:
19:b0:bc:dd:ac:34:5d:3e:eb:e4:db:22:4a:b0:55:19:8e:82:
65:2a:ab:b6:2d:81:8d:b0:26:bb:6f:3d:cb:de:02:fc:75:17:
1a:c7:7e:63:33:3f:b5:0a:cd:9a:71:16:d6:10:48:36:8d:0a:
5b:58:79:8f:3a:6d:e6:53:b6:55:dc:3c:df:90:d7:a6:23:58:
f8:dd:65:fb:24:f1:63:46:b1:ae:f5:e3:91:d4:16:bf:ad:14:
9e:82:5c:bc:90:a1:a2:33:cf:68:31:4d:8e:d8:85:68:e4:f7:
31:8d:4a:b9:3e:c5:67:6b:14:e6:41:b0:fe:b5:36:39:2f:af:
c1:ac:13:21:70:4c:a6:e5:a6:27:3b:52:fd:4d:c9:ef:db:d7:
8e:12:75:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7ltStbejIsIl+Fax6ynNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOWI3YzE0NWUwYWNmODE0ODQxOGQ1NDI0N2RmZGRmZmMx
OWZhNGMwHhcNMjUxMTExMDgwMDM3WhcNMjUxMTEyMDgwMDM3WjAzMTEwLwYDVQQD
EyhjZTM2ZDliM2I4NTI4NjE0NjEyNjY0ZDc4ZDNmMzE3NDVhMmZkNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj5UZ0XU48fg56QZ46UXy0QVrUlB
AGTM5HnsD/IzcYwdxpwaR29LRuUkEB55doZVqaoVHecIlIv5NA+AINx6Zy2cVtG+
OBPh4wopD+D9dtYE0YfajlBntffo09id18FzSO+IhbJEhvv24q97upM5d6GImvUi
c104UQHktaOUQRhHX/N5XTSXPnL1Ze/KYpXoJVN4xBJV1efW7bBS9Avy0abBOmFU
5QCvwicMW3hx1n5vh6lCWRMDPzr3j2egl2NS7rdZZVaPGTLuZGJFp8YoJSdfHfFZ
7czPEhxyAZkmcIWqk70rk0JESM19eFvINK/4eJICW+Te5E+N6yOTSToWMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM422bO4UoYUYSZk140/MXRaL9ceMB8GA1UdIwQY
MBaAFCGbfBReCs+BSEGNVCR9/d/8GfpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9mYTEwMDQtZTQ1MC00MWVjLTlkNWUt
NGExZjdjMWJkZjc4LzEvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9mYTEwMDQtZTQ1MC00MWVjLTlkNWUtNGExZjdjMWJkZjc4
LzEvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYMaO4g6D
wQYZdiF6jxGZVvgi7lrL0cMvN9nYDrOkU1WeCs7l7D4zoXotMZR/giT2JU4/AKHY
WQ8fDxTSqDFvFbw4uBSlsxkxtyDYrraAibN9IDBusLcVz69KW1ZTBQAIPjciY9fT
zEsNXSiEGbC83aw0XT7r5NsiSrBVGY6CZSqrti2BjbAmu289y94C/HUXGsd+YzM/
tQrNmnEW1hBINo0KW1h5jzpt5lO2Vdw835DXpiNY+N1l+yTxY0axrvXjkdQWv60U
noJcvJChojPPaDFNjtiFaOT3MY1KuT7FZ2sU5kGw/rU2OS+vwawTIXBMpuWmJztS
/U3J79vXjhJ1hg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:13:53 2025 by rpki-client