Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: WbgiD8NQiSEx9uR733V4oKSUGjMhs4e2RqJwzHWHywE=
Subject key identifier: 86:AC:01:2B:90:1A:EB:0B:2D:44:E0:43:AD:F9:6E:ED:6E:4D:68:D6
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 0199FCFD60417800C02FB5155877891150A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 1428
Signing time: Sun 19 Oct 2025 15:01:27 +0000
Manifest this update: Sun 19 Oct 2025 15:01:27 +0000
Manifest next update: Mon 20 Oct 2025 15:01:27 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: XkhnuTB53i/E/3VCXAdNuQyjmPJw0oDspS6Z2hzV3KM=)
2: MWwIJyVW-xGM8HHmiPSGu90ysVM.roa (hash: 9euJkhmoCQb1LOfkGIPpqowd4pomSIjB0l7bFL7u4Yg=)
3: PiMCmpetvGyOad9hAP8fiU1Qa8U.roa (hash: W2k0p2aLpcmF1pGu+mKgyVPY0tAWg3LNT6+Z7BuBqqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:60:41:78:00:c0:2f:b5:15:58:77:89:11:50:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Oct 19 15:01:27 2025 GMT
Not After : Oct 20 15:01:27 2025 GMT
Subject: CN=86ac012b901aeb0b2d44e043adf96eed6e4d68d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:16:c8:aa:25:ca:f8:9f:74:a9:2d:dd:90:
03:b6:5f:84:a2:63:47:06:a1:11:bd:92:ff:96:e1:
e4:32:a9:c5:4a:25:c7:39:f5:67:a2:e1:c3:56:ae:
ca:a0:4a:1d:7b:36:93:f5:1c:25:93:63:75:b5:70:
34:28:53:3e:8f:7b:dc:88:83:74:82:de:9d:40:4f:
96:7f:7d:13:20:55:3e:3b:e6:2d:a9:b9:45:c3:3c:
2b:24:3c:5e:19:da:ea:2e:c3:84:f0:e7:eb:9c:a5:
e6:c5:b1:9b:a7:90:de:7e:c7:b8:0a:9c:44:84:f3:
a5:ac:56:5f:66:d3:a8:e0:37:d8:b5:37:15:94:79:
93:65:1b:ee:10:92:4b:ae:fd:cf:fc:5d:20:63:a6:
e9:5b:3f:d9:e0:9e:d4:4d:7f:36:ca:dc:ea:33:41:
c5:89:1e:3e:d5:88:46:30:cb:ea:e5:35:bb:aa:f8:
30:5a:d5:53:7b:0e:be:0b:c1:d9:ee:6a:61:b8:31:
06:8d:fd:4d:09:c5:d7:01:da:0d:de:48:19:1a:80:
70:5e:f4:c2:94:23:8a:a5:95:04:51:24:f5:58:4d:
22:98:ba:00:c5:e7:37:a5:c1:6c:83:47:cc:5f:d1:
78:a9:1d:93:20:a9:55:16:58:bb:50:52:1c:f8:57:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AC:01:2B:90:1A:EB:0B:2D:44:E0:43:AD:F9:6E:ED:6E:4D:68:D6
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:65:6d:2c:c6:b1:cc:97:cb:f4:bd:d8:6a:98:05:1f:d3:f9:
cd:4b:7e:58:47:2a:bc:6b:de:a2:0d:c0:ae:c8:c4:06:a3:de:
58:ab:85:7a:25:e2:25:79:27:13:54:f5:3a:39:76:84:51:71:
19:bd:63:50:29:de:8e:e0:01:9a:9b:e6:28:23:8a:94:53:e2:
75:a9:57:ec:c0:03:a3:f3:67:91:f6:db:f6:dc:14:0f:7b:20:
4b:2c:ff:bd:55:5d:e3:fd:e6:b4:cf:89:b8:e8:c5:f9:7d:d9:
7c:1e:c4:da:da:04:d0:22:46:c1:e5:07:f5:96:7f:a0:a4:18:
33:37:2a:78:4c:67:aa:c9:e5:43:bc:38:60:1b:5b:e7:19:b3:
1c:d5:c0:9c:7e:ac:52:a8:9c:f4:bf:2b:22:05:9c:a3:1c:de:
f4:59:36:cd:09:cc:91:d4:76:c6:24:5e:bd:38:28:d5:0a:20:
d8:c3:95:de:f5:b6:89:44:ad:2f:d6:e7:77:77:f7:d7:d5:e1:
00:c2:4e:69:8e:4f:fb:3d:0c:ec:92:0a:d4:ee:4f:0c:48:f4:
91:ec:e4:10:dd:e5:96:46:ff:e2:fc:09:cf:c0:e1:4c:b2:77:
62:2a:b0:8e:01:6b:a6:cd:4f:57:73:2d:5f:4f:0c:b6:67:de:
65:36:3d:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/WBBeADAL7UVWHeJEVCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjUxMDE5MTUwMTI3WhcNMjUxMDIwMTUwMTI3WjAzMTEwLwYDVQQD
Eyg4NmFjMDEyYjkwMWFlYjBiMmQ0NGUwNDNhZGY5NmVlZDZlNGQ2OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmMWyKolyvifdKkt3ZADtl+EomNH
BqERvZL/luHkMqnFSiXHOfVnouHDVq7KoEodezaT9Rwlk2N1tXA0KFM+j3vciIN0
gt6dQE+Wf30TIFU+O+YtqblFwzwrJDxeGdrqLsOE8OfrnKXmxbGbp5Defse4CpxE
hPOlrFZfZtOo4DfYtTcVlHmTZRvuEJJLrv3P/F0gY6bpWz/Z4J7UTX82ytzqM0HF
iR4+1YhGMMvq5TW7qvgwWtVTew6+C8HZ7mphuDEGjf1NCcXXAdoN3kgZGoBwXvTC
lCOKpZUEUST1WE0imLoAxec3pcFsg0fMX9F4qR2TIKlVFli7UFIc+FfdXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIasASuQGusLLUTgQ635bu1uTWjWMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2VtLMax
zJfL9L3YapgFH9P5zUt+WEcqvGveog3ArsjEBqPeWKuFeiXiJXknE1T1Ojl2hFFx
Gb1jUCnejuABmpvmKCOKlFPidalX7MADo/Nnkfbb9twUD3sgSyz/vVVd4/3mtM+J
uOjF+X3ZfB7E2toE0CJGweUH9ZZ/oKQYMzcqeExnqsnlQ7w4YBtb5xmzHNXAnH6s
Uqic9L8rIgWcoxze9Fk2zQnMkdR2xiRevTgo1Qog2MOV3vW2iUStL9bnd3f319Xh
AMJOaY5P+z0M7JIK1O5PDEj0kezkEN3llkb/4vwJz8DhTLJ3YiqwjgFrps1PV3Mt
X08MtmfeZTY9FQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:37 2025 by rpki-client