Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: 08ZbV9CpnBO6RiZK8axjtPRGrYSl7XXQfjiizzHjKaY=
Subject key identifier: A1:FE:4F:11:1F:30:BF:68:5E:66:C1:DF:EA:D0:29:04:60:79:FC:9D
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 0199FBEAEB312CC12848E0FFA287117C7C6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 10ED
Signing time: Sun 19 Oct 2025 10:01:40 +0000
Manifest this update: Sun 19 Oct 2025 10:01:40 +0000
Manifest next update: Mon 20 Oct 2025 10:01:40 +0000
Files and hashes: 1: KwomHtAHnCM0D-yGdW_0Sf3mopc.roa (hash: nJuUP0j6H239g1R7GMJyKq0zviXnK+AhK7Q4U43dyg4=)
2: ZYlcf7X6lFUqPdlZgjx7h6pY7f0.roa (hash: Z91lhusvfId6xXTKVa6gm5qmkQJNcO8M7YoIqY37LFU=)
3: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: PVKCuW1GN5+5aTFHy+t9AbAFqzsugByT1V1chzIDz+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:eb:31:2c:c1:28:48:e0:ff:a2:87:11:7c:7c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: Oct 19 10:01:40 2025 GMT
Not After : Oct 20 10:01:40 2025 GMT
Subject: CN=a1fe4f111f30bf685e66c1dfead029046079fc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:11:75:ce:55:5e:27:97:60:30:cf:1e:ce:a0:
19:d1:0b:69:0d:29:45:07:e6:61:06:7f:7e:db:61:
32:ce:12:bd:77:2c:46:87:1b:9c:e2:d6:be:88:da:
71:71:8a:8f:30:08:2d:ab:bf:e6:8f:db:f0:0d:3d:
d0:d9:35:cd:29:c9:6c:3d:4e:2f:b2:9f:77:bf:f0:
54:27:f7:00:36:7a:1a:c7:bb:46:83:c3:49:ca:a0:
29:da:af:d0:21:e3:bc:79:54:05:39:0a:72:54:84:
b1:07:46:fc:16:fc:ff:78:0a:77:57:0c:a1:61:c2:
af:ae:4e:10:f3:86:8b:5d:54:59:24:2b:fc:4f:81:
3d:4e:8c:88:b7:b9:f5:33:af:ab:2b:7e:51:70:61:
b0:29:4a:17:2b:8d:03:70:83:02:97:bc:75:ce:de:
d5:6f:d1:24:2b:bc:ec:43:1c:5b:7d:85:f6:5c:d5:
aa:14:e1:5a:fd:1d:0a:c2:95:c5:05:7f:88:cc:eb:
5d:ae:7d:71:91:f7:d1:16:0b:1d:a5:49:17:61:0a:
70:b8:84:3d:78:41:dd:d8:42:32:f6:85:ab:ea:18:
83:e3:12:93:19:d5:b9:42:07:0b:19:23:98:6f:86:
80:a4:ad:b0:2b:b4:45:0f:d2:22:12:18:ef:a1:c2:
cf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FE:4F:11:1F:30:BF:68:5E:66:C1:DF:EA:D0:29:04:60:79:FC:9D
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:59:21:1c:81:2a:d1:fd:1c:4d:f5:dd:e4:6e:14:6a:31:2c:
48:9c:c9:d4:b8:15:c4:f4:1b:8a:be:c3:4d:38:00:8a:dc:28:
72:cf:6d:57:17:78:4c:02:37:3b:50:ea:71:4c:d8:79:41:8f:
29:9a:30:68:49:ec:4b:ce:c0:97:a2:5b:a6:77:6c:e1:68:ec:
e4:f8:4f:e3:02:1e:e6:ae:6c:e3:7b:a9:63:dc:f2:31:66:c9:
21:48:7f:67:d3:dc:2c:fe:98:00:11:37:f5:6c:08:58:96:bb:
19:58:ae:b2:79:7f:08:f2:9b:13:d6:26:a1:9d:78:c8:35:c9:
fd:4b:9c:75:0a:50:69:1b:7f:0f:04:14:0c:d9:cc:05:a7:e1:
9a:b3:8b:f7:bc:03:c6:37:76:b5:72:e9:d3:8a:3a:37:51:b2:
aa:fd:9c:18:d7:97:a2:ba:d7:23:f3:49:c5:99:2f:ad:3f:fc:
72:e9:0d:8f:87:dd:ac:31:b7:2c:77:b9:cc:c9:af:28:80:88:
8e:80:78:77:0e:ae:23:a2:4c:98:36:98:a5:df:cd:f3:bd:f2:
ba:0d:aa:40:ff:e9:4a:5e:03:a0:93:99:04:3d:39:0d:cb:8f:
0a:25:68:fb:28:c8:bd:29:85:b5:b6:eb:b0:94:ad:8d:2f:4b:
0e:ea:67:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76usxLMEoSOD/oocRfHxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjUxMDE5MTAwMTQwWhcNMjUxMDIwMTAwMTQwWjAzMTEwLwYDVQQD
EyhhMWZlNGYxMTFmMzBiZjY4NWU2NmMxZGZlYWQwMjkwNDYwNzlmYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hF1zlVeJ5dgMM8ezqAZ0QtpDSlF
B+ZhBn9+22EyzhK9dyxGhxuc4ta+iNpxcYqPMAgtq7/mj9vwDT3Q2TXNKclsPU4v
sp93v/BUJ/cANnoax7tGg8NJyqAp2q/QIeO8eVQFOQpyVISxB0b8Fvz/eAp3Vwyh
YcKvrk4Q84aLXVRZJCv8T4E9ToyIt7n1M6+rK35RcGGwKUoXK40DcIMCl7x1zt7V
b9EkK7zsQxxbfYX2XNWqFOFa/R0KwpXFBX+IzOtdrn1xkffRFgsdpUkXYQpwuIQ9
eEHd2EIy9oWr6hiD4xKTGdW5QgcLGSOYb4aApK2wK7RFD9IiEhjvocLPlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKH+TxEfML9oXmbB3+rQKQRgefydMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkVkhHIEq
0f0cTfXd5G4UajEsSJzJ1LgVxPQbir7DTTgAitwocs9tVxd4TAI3O1DqcUzYeUGP
KZowaEnsS87Al6Jbpnds4Wjs5PhP4wIe5q5s43upY9zyMWbJIUh/Z9PcLP6YABE3
9WwIWJa7GViusnl/CPKbE9YmoZ14yDXJ/UucdQpQaRt/DwQUDNnMBafhmrOL97wD
xjd2tXLp04o6N1Gyqv2cGNeXorrXI/NJxZkvrT/8cukNj4fdrDG3LHe5zMmvKICI
joB4dw6uI6JMmDaYpd/N873yug2qQP/pSl4DoJOZBD05DcuPCiVo+yjIvSmFtbbr
sJStjS9LDupn1A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:26:19 2025 by rpki-client