
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
File: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft (raw, json)
Hash identifier: FXdliDX0d2K16GSCAkpr41KCS2fU1YL3920vLMqSaYU=
Subject key identifier: C8:1F:D3:98:FF:73:93:0F:5C:EB:23:5F:72:B0:D1:E7:2F:17:8F:F3
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial: 0199FFFE723DDB0B840F89100D12DDA539EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
Manifest number: 0435
Signing time: Mon 20 Oct 2025 05:01:29 +0000
Manifest this update: Mon 20 Oct 2025 05:01:29 +0000
Manifest next update: Tue 21 Oct 2025 05:01:29 +0000
Files and hashes: 1: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl (hash: CRsBGhdElYp5Gly3rHdJusU+ui44yjdQ1K9Qe06ZCYI=)
2: RFpSEEfmfhQM7TNBHUvPYNYCE48.roa (hash: iHrN3ygMDkDOsg7Lw4ctlZrjgMs+0h97Al7X6knMEEI=)
3: UkLoRo0mP_K3Dh8gkYYP1OxkE_I.roa (hash: Q3D4Rh06gP+xE8oXAtIwLH3P2XhdWnZQyb1Lpy85O7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:72:3d:db:0b:84:0f:89:10:0d:12:dd:a5:39:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Validity
Not Before: Oct 20 05:01:29 2025 GMT
Not After : Oct 21 05:01:29 2025 GMT
Subject: CN=c81fd398ff73930f5ceb235f72b0d1e72f178ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:e1:f9:9d:d6:2f:b5:83:c1:9a:4a:3c:c0:
01:8e:69:da:14:01:36:6f:41:fb:1d:e2:39:aa:86:
bf:e2:4d:53:8e:36:db:54:05:11:f0:47:7f:3f:df:
75:ef:06:71:a4:19:81:8b:81:bf:74:e0:0e:ea:5e:
de:0e:36:f3:7c:2e:19:5b:d4:46:be:32:9b:9d:be:
f1:3e:d0:90:d9:28:be:8f:01:41:ab:75:59:3e:e6:
4d:07:7e:b0:0e:7b:ed:e3:dd:c1:d0:80:f8:59:a7:
fe:38:1a:aa:f5:56:4f:5b:3f:26:ac:f2:3d:1e:51:
e2:2c:9d:54:7b:29:e7:9c:1d:58:33:ee:33:f0:40:
66:52:d8:0b:bd:61:6d:bf:c9:b1:d8:8d:7e:cf:7f:
a1:e7:f8:73:56:fa:70:80:0e:93:ee:d5:b3:fe:52:
01:d7:1e:b5:8d:1f:20:c3:8f:6b:c7:b5:72:1b:5a:
12:73:00:1b:a4:4f:39:80:4e:ec:e6:5b:54:2c:f4:
e6:7a:ed:59:9b:17:c5:e1:2b:35:98:da:1f:49:44:
09:cc:b6:86:dc:1a:33:a7:24:f7:b3:83:cb:26:b9:
bd:d6:af:99:1a:bf:8b:19:2c:74:3d:5a:d5:fe:f5:
38:93:69:ea:f2:88:0b:54:f9:73:bb:06:c4:91:a1:
a9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1F:D3:98:FF:73:93:0F:5C:EB:23:5F:72:B0:D1:E7:2F:17:8F:F3
X509v3 Authority Key Identifier:
keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:07:ab:b3:07:27:1f:d3:7d:ea:00:78:d2:39:f2:a1:44:1b:
da:c5:71:11:31:49:31:e5:a5:4c:e3:e0:76:ae:38:c8:b5:44:
cb:87:bf:ea:16:e2:29:65:99:a3:b0:01:7f:0f:38:d5:8f:5c:
14:75:cd:ac:d9:9d:51:94:ad:ad:00:fe:31:ad:8c:10:0f:5b:
cf:93:f1:8b:76:93:1e:27:24:18:56:a8:2f:ab:fd:d1:f2:83:
d6:a7:ff:9d:d4:3a:e2:1b:37:de:68:db:9a:70:97:5c:80:e1:
88:cd:81:8f:4f:50:b4:a4:9b:39:c5:9e:9e:3a:1a:68:66:80:
07:4c:ee:b5:b5:9a:35:fb:fb:30:1a:4e:6e:db:e1:fa:d3:5d:
0b:19:d6:51:ac:ac:28:f4:01:5d:b9:41:ee:e5:44:9b:5a:0a:
af:63:48:4a:54:77:51:21:e4:e9:39:e0:a1:14:65:f3:4a:e2:
27:29:64:c9:86:62:1a:62:6d:0c:2b:bc:63:ff:4a:44:c0:43:
ba:30:81:2e:87:65:db:7c:4d:a5:6e:ba:ed:ef:e3:2e:c8:88:
98:12:a9:12:17:6d:db:de:a5:3d:6b:0e:46:34:c2:44:25:76:
28:75:6b:19:a5:c6:02:22:e6:e4:83:e0:f7:ae:12:f2:d6:75:
4e:c1:ea:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//nI92wuED4kQDRLdpTnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjUxMDIwMDUwMTI5WhcNMjUxMDIxMDUwMTI5WjAzMTEwLwYDVQQD
EyhjODFmZDM5OGZmNzM5MzBmNWNlYjIzNWY3MmIwZDFlNzJmMTc4ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikvh+Z3WL7WDwZpKPMABjmnaFAE2
b0H7HeI5qoa/4k1TjjbbVAUR8Ed/P9917wZxpBmBi4G/dOAO6l7eDjbzfC4ZW9RG
vjKbnb7xPtCQ2Si+jwFBq3VZPuZNB36wDnvt493B0ID4Waf+OBqq9VZPWz8mrPI9
HlHiLJ1UeynnnB1YM+4z8EBmUtgLvWFtv8mx2I1+z3+h5/hzVvpwgA6T7tWz/lIB
1x61jR8gw49rx7VyG1oScwAbpE85gE7s5ltULPTmeu1ZmxfF4Ss1mNofSUQJzLaG
3BozpyT3s4PLJrm91q+ZGr+LGSx0PVrV/vU4k2nq8ogLVPlzuwbEkaGpTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgf05j/c5MPXOsjX3Kw0ecvF4/zMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwerswcn
H9N96gB40jnyoUQb2sVxETFJMeWlTOPgdq44yLVEy4e/6hbiKWWZo7ABfw841Y9c
FHXNrNmdUZStrQD+Ma2MEA9bz5Pxi3aTHickGFaoL6v90fKD1qf/ndQ64hs33mjb
mnCXXIDhiM2Bj09QtKSbOcWenjoaaGaAB0zutbWaNfv7MBpObtvh+tNdCxnWUays
KPQBXblB7uVEm1oKr2NISlR3USHk6TngoRRl80riJylkyYZiGmJtDCu8Y/9KRMBD
ujCBLodl23xNpW667e/jLsiImBKpEhdt296lPWsORjTCRCV2KHVrGaXGAiLm5IPg
964S8tZ1TsHqkg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:45:47 2025 by rpki-client