Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft
File: iDa9j605PlExoCNykxWzVgFOZjc.mft (raw, json)
Hash identifier: IfD384pOGHuaHDIntUDdk4BXSncED6vNj+MmcNiCXnM=
Subject key identifier: 77:B5:D7:C2:1D:0E:3E:5F:6A:D6:0E:56:6E:09:5D:30:EE:21:8B:6B
Authority key identifier: 88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37
Certificate issuer: /CN=8836bd8fad393e5131a023729315b356014e6637
Certificate serial: 019A70DC2C0E6FEAD4481CCCCD47F2528B8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 03:01:08 +0000
Manifest this update: Tue 11 Nov 2025 03:01:08 +0000
Manifest next update: Wed 12 Nov 2025 03:01:08 +0000
Files and hashes: 1: UKX34TFCd0figIbF32wm6M0tdxE.roa (hash: BFLvjvBRECITaOdgL/U7OU6npGQVInzdalw4vhrK37A=)
2: iDa9j605PlExoCNykxWzVgFOZjc.crl (hash: gur2oQrpxdGP1AC/5O8IGlfJ6tN4D5VcqRpcwaRil+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:2c:0e:6f:ea:d4:48:1c:cc:cd:47:f2:52:8b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8836bd8fad393e5131a023729315b356014e6637
Validity
Not Before: Nov 11 03:01:08 2025 GMT
Not After : Nov 12 03:01:08 2025 GMT
Subject: CN=77b5d7c21d0e3e5f6ad60e566e095d30ee218b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bf:26:a8:45:cc:3c:8a:e4:90:2d:13:a9:87:
95:98:b8:07:d5:bf:b3:cb:e5:f7:86:94:3b:b1:1e:
d2:58:4f:25:c1:9f:ca:9b:91:2a:92:51:fe:8f:36:
03:4a:88:0a:05:f1:ca:bb:a9:45:44:bb:11:c8:e3:
9a:96:ab:67:8f:62:71:8c:5a:34:9a:2b:6c:a4:db:
32:87:88:62:b6:30:dc:2b:2f:ae:6f:1e:a4:0d:cc:
59:3b:d5:83:9b:78:9e:0e:42:6d:36:91:57:9d:5d:
b2:0e:68:fb:8d:15:f9:da:4a:e5:0b:ee:37:5e:b8:
ba:92:9d:e7:fc:f3:0f:35:7d:59:5f:d4:b8:4e:da:
18:f1:b3:32:db:41:bd:51:8c:44:1b:d5:a9:e9:fd:
04:00:1a:56:ad:1a:55:e3:19:fb:22:4c:ea:92:31:
51:b2:a0:04:c1:21:91:f7:b4:af:e9:05:3c:55:85:
65:c1:d0:fc:75:ec:03:4f:2c:88:7e:4d:e8:20:36:
60:87:05:02:a3:b6:42:72:85:d7:20:d7:57:7a:e0:
24:8f:5a:ea:55:4b:7e:e3:2d:fe:a0:43:50:cf:44:
d8:3a:1d:e1:6c:3e:de:eb:58:29:c0:a7:bf:b1:e9:
39:c5:4c:00:65:27:a4:93:cb:67:9a:45:0e:43:59:
6f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B5:D7:C2:1D:0E:3E:5F:6A:D6:0E:56:6E:09:5D:30:EE:21:8B:6B
X509v3 Authority Key Identifier:
keyid:88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:eb:28:8e:88:30:3d:ce:96:65:30:be:e4:de:98:ac:3d:05:
27:86:ca:41:62:ed:10:d9:a2:c1:fb:cb:70:07:e5:62:b7:da:
89:8a:05:09:95:3a:30:18:9b:7e:0e:06:89:cb:4a:eb:32:00:
c7:4c:3c:ad:c2:3f:ef:b4:d8:fa:8f:f6:b1:0a:27:74:a6:1c:
50:2b:37:1b:a2:02:e6:b0:c1:8f:31:bc:b2:ea:37:0e:ae:1f:
29:1b:dc:28:8d:03:22:ef:b7:89:c5:0d:97:76:f8:11:8e:60:
6e:7d:5f:40:4e:f2:3b:6c:4b:62:e0:22:09:90:06:c0:e3:03:
ae:38:5e:03:e4:81:28:4f:43:1e:53:80:e1:76:41:d5:b8:65:
69:56:f4:60:bf:52:82:4b:9c:ae:d6:85:7b:8a:c0:bc:c8:68:
61:2f:46:0c:13:27:78:be:fd:f1:c0:52:77:49:e3:b9:90:37:
af:a0:2b:13:55:2f:ed:28:61:81:94:6a:c5:ac:62:95:b6:76:
62:71:1c:ba:e6:1f:60:a4:0f:b8:a6:c9:27:40:eb:47:d6:5c:
a4:7d:7a:f0:ed:bb:3b:f9:4a:36:20:64:32:c8:e1:8b:3e:dc:
a1:62:a8:9b:bb:da:4b:f0:87:9a:2e:33:98:20:6c:ce:ee:94:
3e:6c:70:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3CwOb+rUSBzMzUfyUouKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MzZiZDhmYWQzOTNlNTEzMWEwMjM3MjkzMTViMzU2MDE0
ZTY2MzcwHhcNMjUxMTExMDMwMTA4WhcNMjUxMTEyMDMwMTA4WjAzMTEwLwYDVQQD
Eyg3N2I1ZDdjMjFkMGUzZTVmNmFkNjBlNTY2ZTA5NWQzMGVlMjE4YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr8mqEXMPIrkkC0TqYeVmLgH1b+z
y+X3hpQ7sR7SWE8lwZ/Km5EqklH+jzYDSogKBfHKu6lFRLsRyOOalqtnj2JxjFo0
mitspNsyh4hitjDcKy+ubx6kDcxZO9WDm3ieDkJtNpFXnV2yDmj7jRX52krlC+43
Xri6kp3n/PMPNX1ZX9S4TtoY8bMy20G9UYxEG9Wp6f0EABpWrRpV4xn7IkzqkjFR
sqAEwSGR97Sv6QU8VYVlwdD8dewDTyyIfk3oIDZghwUCo7ZCcoXXINdXeuAkj1rq
VUt+4y3+oENQz0TYOh3hbD7e61gpwKe/sek5xUwAZSekk8tnmkUOQ1lv7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHe118IdDj5fatYOVm4JXTDuIYtrMB8GA1UdIwQY
MBaAFIg2vY+tOT5RMaAjcpMVs1YBTmY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMjlhNWItYjdmNi00OWQwLTk1YzIt
MTJmOWNiMGEyMTE4LzEvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMjlhNWItYjdmNi00OWQwLTk1YzItMTJmOWNiMGEyMTE4
LzEvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhusojogw
Pc6WZTC+5N6YrD0FJ4bKQWLtENmiwfvLcAflYrfaiYoFCZU6MBibfg4GictK6zIA
x0w8rcI/77TY+o/2sQondKYcUCs3G6IC5rDBjzG8suo3Dq4fKRvcKI0DIu+3icUN
l3b4EY5gbn1fQE7yO2xLYuAiCZAGwOMDrjheA+SBKE9DHlOA4XZB1bhlaVb0YL9S
gkucrtaFe4rAvMhoYS9GDBMneL798cBSd0njuZA3r6ArE1Uv7ShhgZRqxaxilbZ2
YnEcuuYfYKQPuKbJJ0DrR9ZcpH168O27O/lKNiBkMsjhiz7coWKom7vaS/CHmi4z
mCBszu6UPmxwZg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:30 2025 by rpki-client