Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.mft
File: IiT9ZQA8OUkKvqqeHv5fICRtx3s.mft (raw, json)
Hash identifier: JjMTE8jYEa6uU1lSnGSZnBLzkMHeI3i/dktJfuJZI+c=
Subject key identifier: 15:1B:FD:79:B6:2C:FC:0D:CB:63:75:EF:4D:1B:A8:24:7D:C4:53:B9
Authority key identifier: 22:24:FD:65:00:3C:39:49:0A:BE:AA:9E:1E:FE:5F:20:24:6D:C7:7B
Certificate issuer: /CN=2224fd65003c39490abeaa9e1efe5f20246dc77b
Certificate serial: 019A71B813A7E30FF0CFB0F777CF30AF66A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IiT9ZQA8OUkKvqqeHv5fICRtx3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.mft
Manifest number: 0D9B
Signing time: Tue 11 Nov 2025 07:01:20 +0000
Manifest this update: Tue 11 Nov 2025 07:01:20 +0000
Manifest next update: Wed 12 Nov 2025 07:01:20 +0000
Files and hashes: 1: IiT9ZQA8OUkKvqqeHv5fICRtx3s.crl (hash: ke5sBTKihwxrbMV9r5Rfgjv4ThD2vY6vKClW0lKY3Bk=)
2: gJhF5evxe8g-iDe3hBXACq-nKPk.roa (hash: qM5+n5uw27ndltKhnl7N0lO0fW10CmbET7TyhvcxHok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/IiT9ZQA8OUkKvqqeHv5fICRtx3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:13:a7:e3:0f:f0:cf:b0:f7:77:cf:30:af:66:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2224fd65003c39490abeaa9e1efe5f20246dc77b
Validity
Not Before: Nov 11 07:01:20 2025 GMT
Not After : Nov 12 07:01:20 2025 GMT
Subject: CN=151bfd79b62cfc0dcb6375ef4d1ba8247dc453b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8e:d2:ec:1e:ca:c3:b5:db:05:fb:39:f5:a8:
20:49:21:42:89:7d:2b:49:11:06:50:52:2d:79:bd:
5b:e3:f2:d4:2c:51:38:45:cb:08:16:6c:1b:81:8d:
fd:e2:33:df:87:31:89:d5:78:f0:79:7a:7f:c6:ce:
a2:19:75:d2:23:a9:22:fd:a4:c1:96:2f:1d:86:3b:
44:1c:31:6f:3c:43:7e:70:ff:b1:51:6a:d0:f4:a8:
c0:85:fc:7b:99:9a:cb:9b:ea:b2:a7:da:37:9b:33:
25:72:cb:01:cb:68:75:72:19:77:09:0c:91:26:69:
d8:e3:ac:01:29:3c:7d:bc:9e:7e:29:55:cc:e4:f7:
84:5a:36:1c:84:95:16:64:7a:a0:e1:27:7c:d6:6c:
65:05:81:71:4b:5f:32:ea:6f:96:70:a9:57:e1:9e:
e2:8b:13:fd:9b:81:6c:45:e4:a9:80:34:17:6f:cb:
ed:55:dd:1a:4b:7f:5a:dd:a1:fd:e3:fb:2b:10:fe:
b3:d3:2d:7b:02:5a:4f:1d:f8:9d:dc:72:7d:18:82:
14:23:5f:50:a8:e5:17:51:bb:6d:8a:f0:c9:45:53:
89:a0:c0:d4:07:97:5e:4d:7f:23:23:3f:9e:54:a7:
85:d7:0c:e6:1c:69:aa:e6:33:ce:29:9c:90:1e:96:
49:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1B:FD:79:B6:2C:FC:0D:CB:63:75:EF:4D:1B:A8:24:7D:C4:53:B9
X509v3 Authority Key Identifier:
keyid:22:24:FD:65:00:3C:39:49:0A:BE:AA:9E:1E:FE:5F:20:24:6D:C7:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IiT9ZQA8OUkKvqqeHv5fICRtx3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9b4900-085a-4a0e-a98f-c6db34c2f7e9/1/IiT9ZQA8OUkKvqqeHv5fICRtx3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:42:a8:45:15:21:6f:e4:2d:54:60:fb:00:cb:45:d6:06:65:
d0:d8:8a:38:98:1e:7a:6a:99:5a:90:ea:d9:9b:e8:3f:a3:9d:
58:67:a6:f1:f3:16:95:34:d4:42:4e:43:5f:e7:b6:92:05:bf:
a5:cd:ce:43:e7:44:97:3e:eb:4f:a0:70:87:d8:29:4f:e9:e2:
fd:61:50:02:37:0f:5c:49:fc:ab:f6:1b:d5:b6:a5:b2:2f:80:
e8:fc:d6:7a:eb:2c:bb:36:67:21:8d:2c:33:fc:8a:2e:ae:5f:
66:da:5f:b1:22:21:54:45:45:b7:91:26:37:f5:83:83:dc:30:
6a:5c:9c:56:ab:2b:5d:88:6a:50:e2:41:af:c9:9c:ac:aa:e4:
48:cf:97:95:34:dd:5b:d8:05:4a:a0:63:93:ff:af:29:da:a9:
bf:08:02:fd:76:f4:a6:c9:69:b2:2d:91:e1:df:a3:cc:94:55:
2e:ce:b2:0d:26:ad:f6:ee:7e:34:05:e6:0e:ef:f4:14:fe:85:
d2:40:68:1f:d5:f8:ae:3d:a1:2e:5d:d1:4c:1b:10:11:2e:3e:
6c:91:ee:25:fc:73:5a:10:b2:b5:cf:06:75:c4:14:3b:3f:75:
85:1e:a2:8c:de:6d:c5:00:df:00:e4:e9:83:98:a8:d1:3b:47:
fb:1f:eb:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBOn4w/wz7D3d88wr2aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMjRmZDY1MDAzYzM5NDkwYWJlYWE5ZTFlZmU1ZjIwMjQ2
ZGM3N2IwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
EygxNTFiZmQ3OWI2MmNmYzBkY2I2Mzc1ZWY0ZDFiYTgyNDdkYzQ1M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY7S7B7Kw7XbBfs59aggSSFCiX0r
SREGUFIteb1b4/LULFE4RcsIFmwbgY394jPfhzGJ1XjweXp/xs6iGXXSI6ki/aTB
li8dhjtEHDFvPEN+cP+xUWrQ9KjAhfx7mZrLm+qyp9o3mzMlcssBy2h1chl3CQyR
JmnY46wBKTx9vJ5+KVXM5PeEWjYchJUWZHqg4Sd81mxlBYFxS18y6m+WcKlX4Z7i
ixP9m4FsReSpgDQXb8vtVd0aS39a3aH94/srEP6z0y17AlpPHfid3HJ9GIIUI19Q
qOUXUbttivDJRVOJoMDUB5deTX8jIz+eVKeF1wzmHGmq5jPOKZyQHpZJ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUb/Xm2LPwNy2N1700bqCR9xFO5MB8GA1UdIwQY
MBaAFCIk/WUAPDlJCr6qnh7+XyAkbcd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWlUOVpRQThPVWtLdnFxZUh2NWZJQ1J0eDNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85YjQ5MDAtMDg1YS00YTBlLWE5OGYt
YzZkYjM0YzJmN2U5LzEvSWlUOVpRQThPVWtLdnFxZUh2NWZJQ1J0eDNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85YjQ5MDAtMDg1YS00YTBlLWE5OGYtYzZkYjM0YzJmN2U5
LzEvSWlUOVpRQThPVWtLdnFxZUh2NWZJQ1J0eDNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUKoRRUh
b+QtVGD7AMtF1gZl0NiKOJgeemqZWpDq2ZvoP6OdWGem8fMWlTTUQk5DX+e2kgW/
pc3OQ+dElz7rT6Bwh9gpT+ni/WFQAjcPXEn8q/Yb1balsi+A6PzWeussuzZnIY0s
M/yKLq5fZtpfsSIhVEVFt5EmN/WDg9wwalycVqsrXYhqUOJBr8mcrKrkSM+XlTTd
W9gFSqBjk/+vKdqpvwgC/Xb0pslpsi2R4d+jzJRVLs6yDSat9u5+NAXmDu/0FP6F
0kBoH9X4rj2hLl3RTBsQES4+bJHuJfxzWhCytc8GdcQUOz91hR6ijN5txQDfAOTp
g5io0TtH+x/rqg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:57 2025 by rpki-client