Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: qufzEuXQYMgMWamsCGoduyJdCS8+cs3gP/waqkje7ak=
Subject key identifier: DB:3F:52:00:20:AD:66:0B:A8:34:5F:BA:C0:E7:C8:5C:39:11:47:A3
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 0199FEEBDFA9CA56C76F4CD073B546269F4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 12F5
Signing time: Mon 20 Oct 2025 00:01:35 +0000
Manifest this update: Mon 20 Oct 2025 00:01:35 +0000
Manifest next update: Tue 21 Oct 2025 00:01:35 +0000
Files and hashes: 1: JZQSwG4wbJPMZQTbI1xSGViuvto.roa (hash: 7nxSYve4K7+DiIBeaX8vSWVp7u4kFJYyJFHRolTK/UI=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: 1Z2/2zn3PJhgW19Bq/Xqp1bhmJHlnZ9W9lpOGHtqYtk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:df:a9:ca:56:c7:6f:4c:d0:73:b5:46:26:9f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Oct 20 00:01:35 2025 GMT
Not After : Oct 21 00:01:35 2025 GMT
Subject: CN=db3f520020ad660ba8345fbac0e7c85c391147a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3f:e1:70:a3:d4:00:f9:f9:45:36:79:b5:65:
11:85:a1:e8:31:c2:25:44:6f:7c:34:ba:56:e7:fc:
2d:9f:fb:c6:54:84:8d:f5:c3:fc:f1:c9:f8:cf:8b:
7e:e6:d0:cd:78:39:0b:df:6c:69:fc:e1:75:4d:2d:
d6:89:7a:7d:14:60:fb:ad:db:dc:a8:ce:c4:73:e6:
d4:13:a2:92:de:2b:bf:75:bc:f8:ff:c6:ba:a6:a8:
2c:51:37:1b:15:80:e8:8d:55:a7:d9:3f:d3:d6:a7:
85:74:69:16:34:00:4f:8a:22:3b:4b:1f:af:85:4c:
67:c5:e8:39:65:24:a4:5b:3e:ac:aa:e6:ce:6c:4e:
09:b2:52:ee:d5:b9:0b:66:f3:47:a4:35:fa:99:3e:
dc:9a:ed:17:8d:5a:99:4f:ee:2a:f4:d7:66:2f:f9:
da:ec:f4:f2:46:cf:f0:a0:dc:da:39:31:fa:e0:21:
09:10:ad:a7:ba:ba:7e:6a:73:ce:62:cd:7c:0e:bc:
3d:e6:49:82:d5:b6:80:42:05:fb:2b:60:66:8d:bf:
93:5c:3b:55:c1:e0:65:fa:74:bf:08:bd:7f:d4:b0:
36:a8:ec:c8:b6:79:54:87:00:e8:61:4e:57:81:c3:
2c:12:ea:c3:4c:f3:fd:69:e1:ac:ad:34:70:6b:b5:
df:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3F:52:00:20:AD:66:0B:A8:34:5F:BA:C0:E7:C8:5C:39:11:47:A3
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:a7:e8:a4:43:4e:3e:8e:76:8e:51:f1:24:e2:bc:d3:d9:d6:
98:c9:ea:9f:0a:48:95:c0:4c:5e:9d:83:6c:04:10:80:fc:42:
95:33:8f:da:14:26:b7:63:db:32:b9:da:e6:15:f0:0f:12:9b:
29:f2:a3:cb:15:41:99:4c:70:f9:2f:d7:ef:0b:5f:8c:e7:27:
bd:bf:cb:ff:3b:7e:06:d7:42:92:17:9c:99:cf:39:56:ec:1a:
58:d7:53:88:f8:75:36:f5:1a:9a:af:55:b6:5b:cf:ef:ec:16:
40:fa:7d:ed:c9:a7:c5:80:9a:40:d5:6a:2b:af:71:cc:87:f5:
dd:ba:35:de:c0:a9:3e:7f:07:e6:0e:c4:45:5d:95:00:6d:45:
f3:3f:2b:14:e8:f3:3f:5f:ab:e3:c0:a9:5e:28:ca:94:db:20:
f9:85:c7:05:39:e0:9d:07:b3:c3:9a:68:01:17:c7:5a:30:27:
8b:c4:31:7d:0d:0b:a5:90:10:45:30:98:a9:3b:c1:7c:52:c6:
b5:8a:b8:e4:06:68:3f:92:d0:ce:4a:63:c7:54:0c:d3:53:e6:
3a:8e:49:c9:51:fd:98:24:b8:89:a3:57:69:84:c9:e8:06:59:
b0:b2:8d:fc:dd:87:51:2c:1c:ae:0e:88:ba:ae:a2:01:18:85:
50:0c:9d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+69+pylbHb0zQc7VGJp9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjUxMDIwMDAwMTM1WhcNMjUxMDIxMDAwMTM1WjAzMTEwLwYDVQQD
EyhkYjNmNTIwMDIwYWQ2NjBiYTgzNDVmYmFjMGU3Yzg1YzM5MTE0N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8j/hcKPUAPn5RTZ5tWURhaHoMcIl
RG98NLpW5/wtn/vGVISN9cP88cn4z4t+5tDNeDkL32xp/OF1TS3WiXp9FGD7rdvc
qM7Ec+bUE6KS3iu/dbz4/8a6pqgsUTcbFYDojVWn2T/T1qeFdGkWNABPiiI7Sx+v
hUxnxeg5ZSSkWz6squbObE4JslLu1bkLZvNHpDX6mT7cmu0XjVqZT+4q9NdmL/na
7PTyRs/woNzaOTH64CEJEK2nurp+anPOYs18Drw95kmC1baAQgX7K2Bmjb+TXDtV
weBl+nS/CL1/1LA2qOzItnlUhwDoYU5XgcMsEurDTPP9aeGsrTRwa7Xf3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNs/UgAgrWYLqDRfusDnyFw5EUejMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKfopENO
Po52jlHxJOK809nWmMnqnwpIlcBMXp2DbAQQgPxClTOP2hQmt2PbMrna5hXwDxKb
KfKjyxVBmUxw+S/X7wtfjOcnvb/L/zt+BtdCkhecmc85VuwaWNdTiPh1NvUamq9V
tlvP7+wWQPp97cmnxYCaQNVqK69xzIf13bo13sCpPn8H5g7ERV2VAG1F8z8rFOjz
P1+r48CpXijKlNsg+YXHBTngnQezw5poARfHWjAni8QxfQ0LpZAQRTCYqTvBfFLG
tYq45AZoP5LQzkpjx1QM01PmOo5JyVH9mCS4iaNXaYTJ6AZZsLKN/N2HUSwcrg6I
uq6iARiFUAydpQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:58:07 2025 by rpki-client