Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
File: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft (raw, json)
Hash identifier: 0cxxqfSCk0GN3g06rvzEAl6FwJQjlOsldRkEvQZWi/Y=
Subject key identifier: 3D:A3:DC:BE:AE:A5:34:BE:DB:45:F2:E8:49:D0:73:98:D9:CB:27:3C
Authority key identifier: 88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
Certificate issuer: /CN=88a8d325f97b03713342682fc408d53368740e7d
Certificate serial: 019A01EB93912EC74BAFF013C7EBBFFCFB0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
Manifest number: 1172
Signing time: Mon 20 Oct 2025 14:00:06 +0000
Manifest this update: Mon 20 Oct 2025 14:00:06 +0000
Manifest next update: Tue 21 Oct 2025 14:00:06 +0000
Files and hashes: 1: 1g597y06foQbOFcS_h93SwkhNOQ.roa (hash: TZdC67NT8fkd1drCN7n7TEHOt/q1UG1cqUfoMBev2T4=)
2: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl (hash: CSUgOubEMlqZVosOQXgkOSIHUunI1Z4jGeG3W+LGu6o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:eb:93:91:2e:c7:4b:af:f0:13:c7:eb:bf:fc:fb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a8d325f97b03713342682fc408d53368740e7d
Validity
Not Before: Oct 20 14:00:06 2025 GMT
Not After : Oct 21 14:00:06 2025 GMT
Subject: CN=3da3dcbeaea534bedb45f2e849d07398d9cb273c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:18:ea:b1:48:df:5b:c6:b4:b6:5e:de:89:
07:c3:92:95:3a:f9:46:95:c7:18:1f:cc:c5:4b:5c:
30:0d:6c:4b:5e:e3:eb:b2:01:45:21:b2:d7:fc:ee:
68:f5:d4:8e:27:73:8b:29:76:2c:15:6f:be:91:f8:
f4:27:30:7b:79:ca:e5:8b:11:d1:1d:99:a4:a5:2e:
93:7d:97:00:d0:fd:36:e6:df:c4:bc:22:4a:18:c1:
a2:93:b1:ab:15:d9:c6:f2:33:3b:fd:79:e4:80:68:
27:aa:df:97:ff:73:b1:4d:1d:e3:33:75:f8:7e:c7:
89:21:ce:90:d5:86:fb:2c:ab:56:5d:54:29:49:af:
40:59:ed:56:05:16:ee:da:1f:a1:b0:7c:37:b7:6c:
34:f1:0a:09:94:ce:6d:90:f5:69:ad:3e:5a:7c:31:
06:4f:0a:b3:96:3b:cd:c5:ff:18:44:67:04:b7:67:
c1:02:5b:00:cd:8f:6a:3c:d4:bc:86:33:f1:2f:43:
3d:8b:24:7b:89:5c:35:0d:0f:16:c1:b7:fd:c6:a1:
28:ea:f7:c1:3d:8e:e6:62:ee:13:fe:df:a9:bb:32:
e4:11:04:8f:81:6b:88:8c:32:8f:92:9b:7a:d7:51:
ce:47:df:a3:fb:2b:4c:c9:37:a5:2d:58:92:59:72:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A3:DC:BE:AE:A5:34:BE:DB:45:F2:E8:49:D0:73:98:D9:CB:27:3C
X509v3 Authority Key Identifier:
keyid:88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:5d:8e:3a:97:a1:92:23:88:65:8f:d4:b9:ce:df:9f:9c:82:
da:77:9e:f9:59:57:3f:8f:00:7a:68:e3:a9:f0:04:13:e2:29:
e3:92:50:d3:92:fd:74:a1:cd:3f:76:bf:ef:19:74:ce:61:88:
db:bc:a5:a0:bd:54:62:92:4c:02:9a:64:55:50:8a:b0:76:b2:
46:2e:10:ce:21:22:e6:d4:1b:46:a4:ab:03:5d:f7:e6:af:f7:
ab:95:fc:5c:62:2a:5c:a0:91:c3:61:23:25:93:5d:1c:f6:cc:
a9:c3:4a:64:d9:a2:0c:bc:f9:17:be:bb:45:67:c7:57:47:93:
3b:06:83:ae:3a:f5:0d:d3:93:13:56:8c:05:e6:56:47:80:e1:
e6:01:f9:fe:12:a8:e1:50:55:51:dd:94:5c:36:4a:57:b1:53:
b0:ef:fa:34:ef:a7:20:81:2d:22:a3:08:38:99:ca:b0:56:b2:
25:e4:8b:5b:ec:23:b5:27:b1:ed:c7:00:03:f8:e6:f5:e2:69:
d2:ae:c6:c1:99:d9:b9:36:b9:8f:e8:2a:50:44:4d:e3:9c:23:
84:5a:df:cc:ff:83:32:ee:58:a5:e0:1e:24:3f:63:62:56:a5:
77:93:bd:1a:26:84:61:03:b5:39:82:11:6e:1b:37:f2:9a:e9:
59:d0:b5:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoB65ORLsdLr/ATx+u//PsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YThkMzI1Zjk3YjAzNzEzMzQyNjgyZmM0MDhkNTMzNjg3
NDBlN2QwHhcNMjUxMDIwMTQwMDA2WhcNMjUxMDIxMTQwMDA2WjAzMTEwLwYDVQQD
EygzZGEzZGNiZWFlYTUzNGJlZGI0NWYyZTg0OWQwNzM5OGQ5Y2IyNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlYY6rFI31vGtLZe3okHw5KVOvlG
lccYH8zFS1wwDWxLXuPrsgFFIbLX/O5o9dSOJ3OLKXYsFW++kfj0JzB7ecrlixHR
HZmkpS6TfZcA0P025t/EvCJKGMGik7GrFdnG8jM7/XnkgGgnqt+X/3OxTR3jM3X4
fseJIc6Q1Yb7LKtWXVQpSa9AWe1WBRbu2h+hsHw3t2w08QoJlM5tkPVprT5afDEG
TwqzljvNxf8YRGcEt2fBAlsAzY9qPNS8hjPxL0M9iyR7iVw1DQ8Wwbf9xqEo6vfB
PY7mYu4T/t+puzLkEQSPgWuIjDKPkpt611HOR9+j+ytMyTelLViSWXJdbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2j3L6upTS+20Xy6EnQc5jZyyc8MB8GA1UdIwQY
MBaAFIio0yX5ewNxM0JoL8QI1TNodA59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAt
Y2YwM2ZhNGNhMDgzLzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAtY2YwM2ZhNGNhMDgz
LzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC12OOpeh
kiOIZY/Uuc7fn5yC2nee+VlXP48AemjjqfAEE+Ip45JQ05L9dKHNP3a/7xl0zmGI
27yloL1UYpJMAppkVVCKsHayRi4QziEi5tQbRqSrA1335q/3q5X8XGIqXKCRw2Ej
JZNdHPbMqcNKZNmiDLz5F767RWfHV0eTOwaDrjr1DdOTE1aMBeZWR4Dh5gH5/hKo
4VBVUd2UXDZKV7FTsO/6NO+nIIEtIqMIOJnKsFayJeSLW+wjtSex7ccAA/jm9eJp
0q7GwZnZuTa5j+gqUERN45wjhFrfzP+DMu5YpeAeJD9jYlald5O9GiaEYQO1OYIR
bhs38prpWdC1pQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:18:05 2025 by rpki-client