Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
File: iCGjmu2dpO46tmOdJEUI-h6NIPY.mft (raw, json)
Hash identifier: X2GV0p34+WhgUVO2llUgfHC22so5WpffjG82ky3v9u8=
Subject key identifier: 49:AC:F6:5E:C6:72:78:BB:8C:68:52:CF:6B:A0:AD:73:39:41:CF:86
Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
Certificate issuer: /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Certificate serial: 0199FD6B376538302EB5CCE48EDC198708FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
Manifest number: 1404
Signing time: Sun 19 Oct 2025 17:01:26 +0000
Manifest this update: Sun 19 Oct 2025 17:01:26 +0000
Manifest next update: Mon 20 Oct 2025 17:01:26 +0000
Files and hashes: 1: OIDmEPbDXYESb6L8W110fitW4aA.roa (hash: AIH3VvHzWUC8AtgPyCBt/ld6YdiGtY4TDL+tLd/3C+w=)
2: WYkwsfl1LrYxcZc4hOn_dwqrnKU.roa (hash: OFI3Jc8HI7chg6jym9Pd2h5sq7FHfkNT1WJbvujMSAY=)
3: iCGjmu2dpO46tmOdJEUI-h6NIPY.crl (hash: 7Neh1Ag+ZJbFVfTMHaryS9cVkq8reY3F1D3zSbFfAXI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:37:65:38:30:2e:b5:cc:e4:8e:dc:19:87:08:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Validity
Not Before: Oct 19 17:01:26 2025 GMT
Not After : Oct 20 17:01:26 2025 GMT
Subject: CN=49acf65ec67278bb8c6852cf6ba0ad733941cf86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1e:1e:7e:fd:f6:59:32:30:10:ae:46:3f:16:
da:aa:05:a1:89:c9:4a:ee:ca:d9:4d:d7:f8:a5:9a:
b3:31:40:aa:a3:e1:91:1c:86:4c:73:03:35:dd:08:
7b:82:16:97:88:87:18:78:50:21:98:c8:a5:c0:fe:
e1:13:07:5a:32:1e:92:66:9d:40:76:90:6e:df:0c:
05:7d:e2:29:5a:05:47:77:45:3a:47:bb:40:2f:8e:
68:b3:fa:41:db:6f:b1:c2:a3:40:78:e6:0b:b7:d5:
92:d9:e3:e1:13:eb:87:f4:b0:41:6f:b6:74:9f:4d:
48:17:7e:e8:ad:b4:7d:f4:b7:de:6e:a0:d4:31:d3:
e4:10:50:fc:4c:95:3b:06:04:f5:a9:7e:8d:02:b6:
65:63:bc:9a:04:01:fb:18:55:96:18:19:11:4c:36:
9a:fd:dd:49:1a:28:85:52:2d:67:64:1b:05:d0:d0:
3a:d4:83:05:bd:27:1a:c5:15:54:6a:8f:ed:0d:9c:
50:db:67:19:aa:11:01:55:1b:fc:8a:17:de:7a:8b:
ec:e3:02:48:4e:19:18:d1:6a:33:d5:df:14:ec:09:
a8:5e:ee:b9:e4:cd:2f:97:fd:83:4b:fc:7d:5a:f3:
5e:e0:51:49:39:05:c7:30:6f:4f:6b:77:da:1a:09:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AC:F6:5E:C6:72:78:BB:8C:68:52:CF:6B:A0:AD:73:39:41:CF:86
X509v3 Authority Key Identifier:
keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:97:d2:a4:a5:da:e1:20:68:2a:fc:a4:87:07:54:03:5f:82:
7a:4e:30:df:e8:4a:d6:ae:21:f9:d4:7b:0b:19:67:eb:c9:99:
bf:3c:f0:bf:6f:1d:ac:a5:a9:95:14:b2:9b:8f:e6:0b:0e:53:
a8:54:c8:6e:31:51:73:80:31:ee:36:8b:3c:82:4d:43:40:26:
9e:3b:4a:06:87:63:70:8b:26:44:51:97:3e:8a:93:e8:6d:ab:
54:7a:4e:ae:e3:a2:71:e5:d0:46:18:91:93:5f:29:51:e5:eb:
61:f5:65:47:57:c0:ef:39:ac:f7:57:ca:a6:ca:bb:a3:2a:fd:
51:7f:8f:fc:42:0c:c2:c5:36:e0:9c:8f:fa:74:5b:24:ad:c7:
58:76:88:e3:ce:10:60:11:ec:9e:45:e8:bc:71:c5:d7:93:af:
1b:05:a9:d0:a4:4d:46:f9:99:a4:ae:be:fa:b2:90:0b:1b:14:
51:05:dd:67:f9:92:eb:38:dd:71:eb:9a:36:ae:56:3f:ef:66:
37:3d:fb:33:24:61:75:80:79:f8:6b:e8:90:32:6d:fd:91:b3:
c7:f5:db:a6:2c:c2:bb:7b:65:4f:25:cf:98:bf:50:39:f3:cb:
bf:05:20:5d:ae:a0:88:c1:26:8d:ad:b3:2b:c3:70:04:ea:78:
c3:a7:8c:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9azdlODAutczkjtwZhwj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4
ZDIwZjYwHhcNMjUxMDE5MTcwMTI2WhcNMjUxMDIwMTcwMTI2WjAzMTEwLwYDVQQD
Eyg0OWFjZjY1ZWM2NzI3OGJiOGM2ODUyY2Y2YmEwYWQ3MzM5NDFjZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB4efv32WTIwEK5GPxbaqgWhiclK
7srZTdf4pZqzMUCqo+GRHIZMcwM13Qh7ghaXiIcYeFAhmMilwP7hEwdaMh6SZp1A
dpBu3wwFfeIpWgVHd0U6R7tAL45os/pB22+xwqNAeOYLt9WS2ePhE+uH9LBBb7Z0
n01IF37orbR99LfebqDUMdPkEFD8TJU7BgT1qX6NArZlY7yaBAH7GFWWGBkRTDaa
/d1JGiiFUi1nZBsF0NA61IMFvScaxRVUao/tDZxQ22cZqhEBVRv8ihfeeovs4wJI
ThkY0Woz1d8U7AmoXu655M0vl/2DS/x9WvNe4FFJOQXHMG9Pa3faGglmXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEms9l7Gcni7jGhSz2ugrXM5Qc+GMB8GA1UdIwQY
MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt
ZjYwZDZmNzE4MmExLzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx
LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZfSpKXa
4SBoKvykhwdUA1+Cek4w3+hK1q4h+dR7Cxln68mZvzzwv28drKWplRSym4/mCw5T
qFTIbjFRc4Ax7jaLPIJNQ0AmnjtKBodjcIsmRFGXPoqT6G2rVHpOruOiceXQRhiR
k18pUeXrYfVlR1fA7zms91fKpsq7oyr9UX+P/EIMwsU24JyP+nRbJK3HWHaI484Q
YBHsnkXovHHF15OvGwWp0KRNRvmZpK6++rKQCxsUUQXdZ/mS6zjdceuaNq5WP+9m
Nz37MyRhdYB5+GvokDJt/ZGzx/XbpizCu3tlTyXPmL9QOfPLvwUgXa6giMEmja2z
K8NwBOp4w6eM5Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:48:27 2025 by rpki-client