Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
File: I9FK_odQITwoDltovvsYhm95SX8.mft (raw, json)
Hash identifier: DXmPO7G7sMxl3WReGq7dnzJvBugKWHBXkNuuAikkuUA=
Subject key identifier: E5:8B:5E:A4:C1:59:52:22:23:B1:AE:E3:2F:E6:A2:23:95:97:7D:6D
Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
Certificate issuer: /CN=23d14afe8750213c280e5b68befb18866f79497f
Certificate serial: 019A03A39372FDFD0F9190BC431AEED25094
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
Manifest number: 0367
Signing time: Mon 20 Oct 2025 22:00:42 +0000
Manifest this update: Mon 20 Oct 2025 22:00:42 +0000
Manifest next update: Tue 21 Oct 2025 22:00:42 +0000
Files and hashes: 1: I9FK_odQITwoDltovvsYhm95SX8.crl (hash: 3TqYTH7+wvVrsFEwDSxsavESUlqZ3yp2b9h23GKcw1c=)
2: bfd_WpvacXpVJP__dq6vej5IyyY.roa (hash: /B+pNt8vIwVV5x8COrKPeKukz7hh0c0T1g3kvtIg6Z0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a3:93:72:fd:fd:0f:91:90:bc:43:1a:ee:d2:50:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f
Validity
Not Before: Oct 20 22:00:42 2025 GMT
Not After : Oct 21 22:00:42 2025 GMT
Subject: CN=e58b5ea4c159522223b1aee32fe6a22395977d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5f:70:3c:36:d8:fc:c5:75:48:bf:eb:78:7e:
26:85:3a:e5:df:19:09:b9:57:19:f0:39:d7:78:21:
d5:a4:89:f4:91:1d:83:37:3f:7f:b8:8a:50:81:96:
34:02:4c:4f:3a:b2:40:0a:81:ec:26:84:ac:d1:8d:
fe:f5:8f:f3:18:65:49:99:f9:e0:ba:50:55:aa:36:
20:2c:b8:5f:40:ff:80:a2:36:b8:97:87:5a:a5:0a:
3e:59:60:ce:50:1e:72:b4:fb:a4:6a:69:23:ea:6f:
71:b2:ba:5e:3c:53:00:7a:8b:1f:9b:5d:01:b9:97:
65:e5:60:5f:75:18:e4:09:18:58:0a:11:cc:71:f3:
77:47:b1:15:27:63:e2:b1:65:a6:d3:41:06:68:02:
96:5e:98:88:57:a6:85:e6:53:57:bd:0d:d2:f3:db:
78:05:b5:08:b8:85:fe:aa:dc:64:34:71:5a:52:23:
9d:03:ef:52:bb:ee:99:df:da:74:40:2c:2b:3f:6c:
ba:2e:f4:39:b6:ae:61:a2:1c:12:0e:8b:1f:b1:56:
f9:57:7b:0d:72:7a:45:4b:45:f3:d2:11:fd:31:fd:
24:2c:33:fc:70:0a:6b:2d:54:b8:ec:6c:7b:46:bf:
28:0d:44:ad:eb:3c:e8:12:d3:dd:4c:16:f5:b9:d5:
d8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8B:5E:A4:C1:59:52:22:23:B1:AE:E3:2F:E6:A2:23:95:97:7D:6D
X509v3 Authority Key Identifier:
keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:19:63:c0:ce:12:cf:f6:3b:f0:1a:77:2a:01:0f:5c:24:3f:
fc:7c:fd:34:63:cd:c8:c1:2e:ae:a0:d3:80:93:e2:6f:88:fb:
fa:91:d9:62:42:5c:eb:a6:f8:1a:e8:6b:da:37:f5:27:64:a8:
fd:54:49:0f:8f:57:51:f9:72:46:f6:7e:05:3b:f1:3f:ff:50:
c9:8b:42:c5:e9:55:fb:9e:2c:66:d9:5a:ec:e0:af:de:56:eb:
b2:a6:bf:6d:b5:b1:a5:8e:40:a9:ee:bd:8f:cb:de:89:db:2e:
b1:b6:fb:ac:c1:1a:02:5a:61:78:79:3c:1b:70:1e:8d:17:5f:
ac:2b:63:52:bc:21:ee:f6:ad:8f:9c:2a:62:1b:64:93:af:7c:
ec:a7:6d:fb:60:03:45:2f:79:dd:8d:98:66:92:3d:58:90:82:
ca:bb:61:42:cf:e4:11:2c:34:d7:91:75:10:9b:06:64:52:4e:
f2:0c:2b:3d:97:f2:13:33:3d:f3:73:79:7a:b8:dd:4e:25:77:
74:d0:d9:25:99:bc:ee:65:60:8b:f4:1f:be:34:35:89:49:5b:
50:2b:e7:d5:61:df:81:e3:08:88:a8:15:f3:d2:be:a2:79:88:
b3:55:06:1f:b4:b5:4b:24:b4:6d:eb:8b:ea:20:9e:19:55:28:
e9:b2:61:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDo5Ny/f0PkZC8Qxru0lCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3
OTQ5N2YwHhcNMjUxMDIwMjIwMDQyWhcNMjUxMDIxMjIwMDQyWjAzMTEwLwYDVQQD
EyhlNThiNWVhNGMxNTk1MjIyMjNiMWFlZTMyZmU2YTIyMzk1OTc3ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol9wPDbY/MV1SL/reH4mhTrl3xkJ
uVcZ8DnXeCHVpIn0kR2DNz9/uIpQgZY0AkxPOrJACoHsJoSs0Y3+9Y/zGGVJmfng
ulBVqjYgLLhfQP+Aoja4l4dapQo+WWDOUB5ytPukamkj6m9xsrpePFMAeosfm10B
uZdl5WBfdRjkCRhYChHMcfN3R7EVJ2PisWWm00EGaAKWXpiIV6aF5lNXvQ3S89t4
BbUIuIX+qtxkNHFaUiOdA+9Su+6Z39p0QCwrP2y6LvQ5tq5hohwSDosfsVb5V3sN
cnpFS0Xz0hH9Mf0kLDP8cAprLVS47Gx7Rr8oDUSt6zzoEtPdTBb1udXYswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWLXqTBWVIiI7Gu4y/moiOVl31tMB8GA1UdIwQY
MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt
ODQ3MmNhNDBmN2E3LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3
LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPRljwM4S
z/Y78Bp3KgEPXCQ//Hz9NGPNyMEurqDTgJPib4j7+pHZYkJc66b4Guhr2jf1J2So
/VRJD49XUflyRvZ+BTvxP/9QyYtCxelV+54sZtla7OCv3lbrsqa/bbWxpY5Aqe69
j8veidsusbb7rMEaAlpheHk8G3AejRdfrCtjUrwh7vatj5wqYhtkk6987Kdt+2AD
RS953Y2YZpI9WJCCyrthQs/kESw015F1EJsGZFJO8gwrPZfyEzM983N5erjdTiV3
dNDZJZm87mVgi/QfvjQ1iUlbUCvn1WHfgeMIiKgV89K+onmIs1UGH7S1SyS0beuL
6iCeGVUo6bJhGg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:21:44 2025 by rpki-client