Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
File: ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft (raw, json)
Hash identifier: adnFii12kxfumbY7pPh8/z4j7rJtD0jl5FQWdDq15JU=
Subject key identifier: CE:3B:68:31:7A:CB:F1:26:7B:44:60:84:64:9D:F9:7D:67:4D:95:23
Authority key identifier: 8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
Certificate issuer: /CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Certificate serial: 019A006BF76841092DEAC84BA61D4E293505
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
Manifest number: 0ACC
Signing time: Mon 20 Oct 2025 07:01:06 +0000
Manifest this update: Mon 20 Oct 2025 07:01:06 +0000
Manifest next update: Tue 21 Oct 2025 07:01:06 +0000
Files and hashes: 1: RZMmAomJrqs0yCU-Sl6pSFt5lLQ.roa (hash: mHTuz89sEZswLAvVyf4aCavMINMyLcZOi1mRW8tq0vE=)
2: ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl (hash: hMxHZeNakHXzTS+EnFbzPOI9R+okCvCjaUEj9eFyMRU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6b:f7:68:41:09:2d:ea:c8:4b:a6:1d:4e:29:35:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Validity
Not Before: Oct 20 07:01:06 2025 GMT
Not After : Oct 21 07:01:06 2025 GMT
Subject: CN=ce3b68317acbf1267b446084649df97d674d9523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b6:c2:fe:83:f3:91:41:15:0f:e1:f8:7e:0b:
2a:10:7e:8e:fe:4c:8e:4e:7d:e7:15:88:4b:6c:8a:
58:72:e0:75:a8:c7:7d:b5:f0:27:af:85:97:fa:e4:
38:a8:2f:bb:09:67:6a:d8:ee:29:39:f8:49:8b:3f:
7a:87:14:2e:a9:af:29:e1:87:c7:02:c9:2f:1d:1e:
f6:68:d0:48:08:b9:a8:3a:16:0d:7d:b1:6f:02:ef:
7c:00:b9:1c:28:6b:c6:ac:5c:23:79:e1:41:cc:9e:
54:95:d3:80:d1:74:94:db:51:5d:65:e4:1a:f7:78:
da:bf:73:82:2c:94:1c:b9:a6:95:cc:6b:be:06:06:
fc:a7:ad:32:a0:f7:92:48:b6:28:52:71:8f:2d:2b:
7e:e6:c8:31:f2:12:75:23:e7:d5:0e:51:17:db:bc:
28:32:8f:0d:50:d4:e5:99:54:59:84:42:0f:18:e2:
4c:7a:fb:a7:d1:9b:18:43:bb:7b:f7:b4:24:71:4f:
4b:7a:4a:59:1c:a6:bf:6b:38:ab:3b:14:29:22:20:
b1:24:76:62:7d:75:be:ab:00:4e:e4:f9:cf:8a:84:
dc:cc:98:2d:5f:c4:61:aa:8b:58:0d:b1:aa:28:5b:
5d:95:41:6e:e0:6f:a4:95:5a:c2:72:f6:4e:40:67:
fe:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3B:68:31:7A:CB:F1:26:7B:44:60:84:64:9D:F9:7D:67:4D:95:23
X509v3 Authority Key Identifier:
keyid:8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:75:fa:d6:a5:dd:9b:40:a5:96:3b:c2:cb:83:a4:bf:c1:d8:
3a:02:d5:17:cf:31:3c:e7:5c:c5:bf:f0:c2:7f:d1:5d:f4:8a:
bf:70:73:c5:1f:cc:4d:41:1b:04:99:b0:f2:80:c8:78:05:21:
ae:26:bb:bd:cf:ef:6a:87:f2:5a:33:5c:21:36:9d:44:11:e5:
3b:e5:31:92:3b:22:3b:ae:ed:c1:38:18:e7:05:6a:92:e5:b4:
07:f4:8c:63:52:4d:24:d2:9e:1a:b8:9b:74:13:38:4a:59:a4:
66:90:4e:d8:2d:d5:66:39:e1:7b:78:fc:6b:b6:f7:0c:8c:e2:
42:00:cd:4c:f4:1f:f7:6c:44:65:f3:f9:e9:9a:27:c5:7e:0f:
3d:76:41:a4:09:17:a6:57:7e:17:f8:ee:64:99:42:3d:eb:1f:
12:ff:8d:68:3b:d5:9c:84:0a:05:38:e6:88:14:6f:d6:00:a1:
0d:04:69:36:87:89:31:0c:60:fe:e7:f7:3b:8e:06:15:3c:b9:
1e:2d:e7:c8:99:df:83:49:26:16:11:f0:1b:ff:3f:b0:f2:ae:
22:3f:6d:31:43:45:fa:10:2e:ef:b9:da:85:c2:ad:09:a9:1e:
bd:66:3e:a3:ec:7f:a8:10:8b:54:6a:6d:dd:e0:fe:19:2d:20:
15:17:83:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa/doQQkt6shLph1OKTUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjdmMzJkMzNmNjY0Njc3OWE1MWZiMjMyMDFjNjQ0MmQx
NDUxY2EwHhcNMjUxMDIwMDcwMTA2WhcNMjUxMDIxMDcwMTA2WjAzMTEwLwYDVQQD
EyhjZTNiNjgzMTdhY2JmMTI2N2I0NDYwODQ2NDlkZjk3ZDY3NGQ5NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rbC/oPzkUEVD+H4fgsqEH6O/kyO
Tn3nFYhLbIpYcuB1qMd9tfAnr4WX+uQ4qC+7CWdq2O4pOfhJiz96hxQuqa8p4YfH
AskvHR72aNBICLmoOhYNfbFvAu98ALkcKGvGrFwjeeFBzJ5UldOA0XSU21FdZeQa
93jav3OCLJQcuaaVzGu+Bgb8p60yoPeSSLYoUnGPLSt+5sgx8hJ1I+fVDlEX27wo
Mo8NUNTlmVRZhEIPGOJMevun0ZsYQ7t797QkcU9LekpZHKa/azirOxQpIiCxJHZi
fXW+qwBO5PnPioTczJgtX8RhqotYDbGqKFtdlUFu4G+klVrCcvZOQGf+sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM47aDF6y/Eme0RghGSd+X1nTZUjMB8GA1UdIwQY
MBaAFIr38y0z9mRneaUfsjIBxkQtFFHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMt
NWI3MmZiOTI3ZDFjLzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMtNWI3MmZiOTI3ZDFj
LzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnX61qXd
m0ClljvCy4Okv8HYOgLVF88xPOdcxb/wwn/RXfSKv3BzxR/MTUEbBJmw8oDIeAUh
ria7vc/vaofyWjNcITadRBHlO+UxkjsiO67twTgY5wVqkuW0B/SMY1JNJNKeGrib
dBM4SlmkZpBO2C3VZjnhe3j8a7b3DIziQgDNTPQf92xEZfP56ZonxX4PPXZBpAkX
pld+F/juZJlCPesfEv+NaDvVnIQKBTjmiBRv1gChDQRpNoeJMQxg/uf3O44GFTy5
Hi3nyJnfg0kmFhHwG/8/sPKuIj9tMUNF+hAu77nahcKtCakevWY+o+x/qBCLVGpt
3eD+GS0gFReDww==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:08:13 2025 by rpki-client