
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
File: IbgvyO2I-ZyrV9doAxdusnqfC_o.mft (raw, json)
Hash identifier: 2cbqfAEuFTAVR+JYpi2bK+oCtghqCsCPHMoTIQlW4ZY=
Subject key identifier: 64:F4:21:45:03:88:65:09:A2:FF:8A:88:9C:92:04:8C:17:59:A6:F0
Authority key identifier: 21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA
Certificate issuer: /CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa
Certificate serial: 0199FFC85E248609FCA5FA604B0F97D1D079
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
Manifest number: 0E70
Signing time: Mon 20 Oct 2025 04:02:25 +0000
Manifest this update: Mon 20 Oct 2025 04:02:25 +0000
Manifest next update: Tue 21 Oct 2025 04:02:25 +0000
Files and hashes: 1: IbgvyO2I-ZyrV9doAxdusnqfC_o.crl (hash: UhChn7cQgkvHQpk/xdtOkGgyY/4GPrj7LAjOTDJnakc=)
2: ItUhScrgPwKkKUyhqEMMP6UQG5o.roa (hash: gmpeHaOEVGgSYmwc/n6Xey1Y6I6lJR2qqLtWqmrTzmc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:5e:24:86:09:fc:a5:fa:60:4b:0f:97:d1:d0:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa
Validity
Not Before: Oct 20 04:02:25 2025 GMT
Not After : Oct 21 04:02:25 2025 GMT
Subject: CN=64f4214503886509a2ff8a889c92048c1759a6f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fc:91:d0:66:4d:e9:ce:ed:21:dd:a2:44:12:
1c:60:b3:6d:23:de:06:e2:28:64:b5:ae:5e:0c:34:
69:1c:47:2e:47:74:00:87:d9:d3:c5:1b:fe:b7:fc:
a3:13:c0:6e:13:52:f2:a6:3a:0e:ab:a0:1a:3d:38:
92:3c:09:75:24:ff:14:79:d6:8c:a8:2e:0b:02:8d:
0d:a3:73:f7:ea:6d:05:f6:37:97:c9:0b:c3:b1:91:
eb:b3:7c:6c:b3:6b:12:d9:46:bf:66:03:fb:64:b6:
ac:9e:86:7d:b3:08:0f:29:c4:3a:30:64:15:e3:c5:
9a:17:2f:e1:af:7e:7d:a6:39:26:22:7d:29:e8:9d:
75:a7:a6:b6:58:4a:5e:89:af:e1:bb:a4:b7:96:3c:
33:cd:26:0c:e3:55:c6:cd:a5:f4:17:1d:e5:18:c4:
c7:b2:c0:0a:9b:4c:74:6e:da:a5:90:f0:ee:dd:45:
b8:69:78:9a:90:4a:f2:a4:f1:c5:24:bb:b1:34:8d:
1a:ec:64:80:89:f9:01:bc:18:5f:c2:79:94:4d:fb:
b1:7d:f9:dc:67:d4:f8:23:2a:83:74:e3:e0:fb:bf:
a3:b2:44:85:6c:6d:bc:bc:c5:9c:d6:7b:8a:fe:63:
9e:61:73:34:a5:32:c9:f0:e4:fa:8e:02:8e:23:6e:
89:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F4:21:45:03:88:65:09:A2:FF:8A:88:9C:92:04:8C:17:59:A6:F0
X509v3 Authority Key Identifier:
keyid:21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:c3:ba:af:3b:e3:b6:4c:4c:38:2a:9d:4b:89:08:60:3d:6e:
c0:1f:1b:cd:7a:73:bb:d5:d8:62:8d:c6:47:5a:3e:02:77:41:
42:04:f5:5d:8d:9d:05:17:02:f9:aa:22:10:b1:f1:75:b4:ad:
96:69:36:c5:00:02:2b:63:b3:db:46:24:83:1f:e5:06:5f:5c:
53:e4:fd:9b:75:65:e0:1c:b0:7e:6b:20:43:dd:5c:dd:6c:d1:
c7:5d:ed:ac:1f:12:3d:d3:eb:ec:1f:42:e9:e2:b5:76:78:55:
62:68:80:67:4a:6c:b1:9e:4f:ad:9e:92:0d:23:6d:22:85:b2:
f5:f2:26:78:d3:c0:cb:ae:d1:63:16:08:68:e6:b5:06:0c:70:
0e:0a:ff:70:17:4a:3a:c5:94:fc:39:7c:8f:be:8d:19:ba:dc:
64:49:c1:d9:6b:cc:b2:47:cf:71:b3:a5:c0:75:ad:0b:a8:ed:
59:01:61:b3:cb:da:ee:ba:77:66:dc:62:ad:fc:f2:8c:92:3c:
97:39:ff:f0:7b:77:2b:ce:e3:54:47:f9:69:3d:23:b7:7a:d7:
f3:b0:e0:fe:7b:fe:10:4c:e4:67:89:ba:0f:ec:d7:9b:82:07:
12:73:02:af:84:2d:dc:a1:8e:dd:c6:a8:bc:3c:75:48:11:6c:
89:29:91:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yF4khgn8pfpgSw+X0dB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYjgyZmM4ZWQ4OGY5OWNhYjU3ZDc2ODAzMTc2ZWIyN2E5
ZjBiZmEwHhcNMjUxMDIwMDQwMjI1WhcNMjUxMDIxMDQwMjI1WjAzMTEwLwYDVQQD
Eyg2NGY0MjE0NTAzODg2NTA5YTJmZjhhODg5YzkyMDQ4YzE3NTlhNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/yR0GZN6c7tId2iRBIcYLNtI94G
4ihkta5eDDRpHEcuR3QAh9nTxRv+t/yjE8BuE1LypjoOq6AaPTiSPAl1JP8UedaM
qC4LAo0No3P36m0F9jeXyQvDsZHrs3xss2sS2Ua/ZgP7ZLasnoZ9swgPKcQ6MGQV
48WaFy/hr359pjkmIn0p6J11p6a2WEpeia/hu6S3ljwzzSYM41XGzaX0Fx3lGMTH
ssAKm0x0btqlkPDu3UW4aXiakErypPHFJLuxNI0a7GSAifkBvBhfwnmUTfuxffnc
Z9T4IyqDdOPg+7+jskSFbG28vMWc1nuK/mOeYXM0pTLJ8OT6jgKOI26J7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT0IUUDiGUJov+KiJySBIwXWabwMB8GA1UdIwQY
MBaAFCG4L8jtiPmcq1fXaAMXbrJ6nwv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMt
YWU1ZmE1M2I5M2IyLzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMtYWU1ZmE1M2I5M2Iy
LzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsO6rzvj
tkxMOCqdS4kIYD1uwB8bzXpzu9XYYo3GR1o+AndBQgT1XY2dBRcC+aoiELHxdbSt
lmk2xQACK2Oz20Ykgx/lBl9cU+T9m3Vl4BywfmsgQ91c3WzRx13trB8SPdPr7B9C
6eK1dnhVYmiAZ0pssZ5PrZ6SDSNtIoWy9fImeNPAy67RYxYIaOa1BgxwDgr/cBdK
OsWU/Dl8j76NGbrcZEnB2WvMskfPcbOlwHWtC6jtWQFhs8va7rp3ZtxirfzyjJI8
lzn/8Ht3K87jVEf5aT0jt3rX87Dg/nv+EEzkZ4m6D+zXm4IHEnMCr4Qt3KGO3cao
vDx1SBFsiSmR4g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:44:50 2025 by rpki-client