Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
File: iu8WONCRG6mIZOl5yEJrpPQaJy4.mft (raw, json)
Hash identifier: W2BaqBkqFetral2rMEI8cSi5opeq/jUCiVP8sLKdbkI=
Subject key identifier: 83:0B:7D:55:68:C2:C4:4B:EF:8E:1C:21:98:5C:E0:53:B1:98:5F:6C
Authority key identifier: 8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
Certificate issuer: /CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Certificate serial: 019A03A47A279138C22C70E57E2A13615BA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
Manifest number: 16E7
Signing time: Mon 20 Oct 2025 22:01:41 +0000
Manifest this update: Mon 20 Oct 2025 22:01:41 +0000
Manifest next update: Tue 21 Oct 2025 22:01:41 +0000
Files and hashes: 1: if3KaihHpbg1Z08V6cXxVYQmFhk.roa (hash: 4GJMU1mopT3EhZuM0ayjHedY3bbBO8iZn11kZBRbuts=)
2: iu8WONCRG6mIZOl5yEJrpPQaJy4.crl (hash: 6mRekR5qQKr3cKYoj9MtC4c4KVrS3mIAtVqykjPEODM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a4:7a:27:91:38:c2:2c:70:e5:7e:2a:13:61:5b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aef1638d0911ba98864e979c8426ba4f41a272e
Validity
Not Before: Oct 20 22:01:41 2025 GMT
Not After : Oct 21 22:01:41 2025 GMT
Subject: CN=830b7d5568c2c44bef8e1c21985ce053b1985f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:e8:44:e7:ea:c8:83:f9:6a:ec:3c:8c:c5:
5b:0a:89:86:6b:f1:ee:a8:6e:bc:8b:0b:0e:e9:85:
55:3f:28:9d:9f:33:cf:ae:70:31:90:70:1e:6a:9c:
b8:60:7a:2d:b1:b1:fc:9c:dd:41:a1:f6:fa:c9:bb:
15:a9:52:f2:5b:4c:e3:eb:ed:80:b5:bb:77:50:06:
b7:2e:b1:70:e0:9d:ae:58:9a:b2:59:39:b8:e4:7b:
e1:29:b0:50:94:af:59:e1:d0:f7:64:04:7e:2a:8b:
73:ce:49:df:57:48:52:a2:c9:e7:2d:e9:46:64:d1:
6d:ba:d9:b5:f1:58:38:24:75:5c:34:d5:50:72:bd:
c5:ff:18:a0:e7:66:67:3e:eb:e0:e5:95:07:df:c1:
ce:25:a0:c2:39:5d:7e:1b:ba:3d:5a:8f:88:ff:53:
35:a0:21:c4:31:71:89:5f:da:62:27:59:5a:20:36:
f4:b5:0f:eb:db:9a:4a:9a:13:ea:67:1d:14:c1:bd:
54:31:97:fd:36:16:95:ed:18:7b:d8:e6:88:84:2a:
33:04:c4:df:99:34:04:51:d8:cf:92:39:de:a5:e5:
f7:cc:00:04:5b:02:e9:9c:0d:14:b0:ac:67:02:ae:
4c:53:46:d9:40:a3:7c:d9:fa:c0:cd:4a:10:fe:e6:
c2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:0B:7D:55:68:C2:C4:4B:EF:8E:1C:21:98:5C:E0:53:B1:98:5F:6C
X509v3 Authority Key Identifier:
keyid:8A:EF:16:38:D0:91:1B:A9:88:64:E9:79:C8:42:6B:A4:F4:1A:27:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iu8WONCRG6mIZOl5yEJrpPQaJy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/265769-354e-4a8b-9542-94f97b3a2ce2/1/iu8WONCRG6mIZOl5yEJrpPQaJy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c5:6d:21:cc:1b:3e:08:39:e3:18:24:b9:1b:0d:3b:21:2e:43:
2f:01:8b:ec:48:d0:13:f4:f5:08:57:b9:6c:82:94:f7:e2:4a:
06:40:c1:52:25:a2:57:4a:47:f0:0e:f1:1d:a5:9b:c1:0f:7d:
c1:0b:d7:55:da:b1:b6:3d:4d:d4:1d:09:6c:1c:ae:95:a5:bb:
7a:36:d0:db:f4:18:08:eb:64:fc:e4:37:e1:1c:f9:4c:c0:f3:
3b:c3:e4:f5:35:0a:1f:57:77:08:49:f2:4f:da:43:ca:6d:7a:
7d:ba:51:e9:ce:d9:37:30:6d:ef:02:0a:90:5d:b3:4a:9d:bb:
b0:a1:d7:54:67:24:59:e0:d6:b1:ab:10:62:ec:93:ef:bc:4c:
ff:df:13:15:42:88:f4:20:93:78:84:d2:50:1e:60:22:c6:2d:
86:95:24:ff:1d:91:94:8b:87:f5:0f:bc:52:6e:10:ae:67:e4:
c2:5a:bf:7a:62:47:52:c9:c5:46:75:27:69:b1:1c:70:98:ff:
b9:aa:2b:e6:2c:4a:c1:c1:22:c0:da:e9:30:a3:82:01:cd:05:
55:fa:1d:42:5d:f4:5d:b1:33:f5:b3:ce:f5:39:28:51:d2:93:
55:50:c5:4f:85:8e:09:08:94:2b:15:7a:50:dd:c5:66:ad:ce:
b6:3d:69:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDpHonkTjCLHDlfioTYVupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZWYxNjM4ZDA5MTFiYTk4ODY0ZTk3OWM4NDI2YmE0ZjQx
YTI3MmUwHhcNMjUxMDIwMjIwMTQxWhcNMjUxMDIxMjIwMTQxWjAzMTEwLwYDVQQD
Eyg4MzBiN2Q1NTY4YzJjNDRiZWY4ZTFjMjE5ODVjZTA1M2IxOTg1ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmToROfqyIP5auw8jMVbComGa/Hu
qG68iwsO6YVVPyidnzPPrnAxkHAeapy4YHotsbH8nN1Bofb6ybsVqVLyW0zj6+2A
tbt3UAa3LrFw4J2uWJqyWTm45HvhKbBQlK9Z4dD3ZAR+KotzzknfV0hSosnnLelG
ZNFtutm18Vg4JHVcNNVQcr3F/xig52ZnPuvg5ZUH38HOJaDCOV1+G7o9Wo+I/1M1
oCHEMXGJX9piJ1laIDb0tQ/r25pKmhPqZx0Uwb1UMZf9NhaV7Rh72OaIhCozBMTf
mTQEUdjPkjnepeX3zAAEWwLpnA0UsKxnAq5MU0bZQKN82frAzUoQ/ubCQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMLfVVowsRL744cIZhc4FOxmF9sMB8GA1UdIwQY
MBaAFIrvFjjQkRupiGTpechCa6T0GicuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDIt
OTRmOTdiM2EyY2UyLzEvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yNjU3NjktMzU0ZS00YThiLTk1NDItOTRmOTdiM2EyY2Uy
LzEvaXU4V09OQ1JHNm1JWk9sNXlFSnJwUFFhSnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxW0hzBs+
CDnjGCS5Gw07IS5DLwGL7EjQE/T1CFe5bIKU9+JKBkDBUiWiV0pH8A7xHaWbwQ99
wQvXVdqxtj1N1B0JbByulaW7ejbQ2/QYCOtk/OQ34Rz5TMDzO8Pk9TUKH1d3CEny
T9pDym16fbpR6c7ZNzBt7wIKkF2zSp27sKHXVGckWeDWsasQYuyT77xM/98TFUKI
9CCTeITSUB5gIsYthpUk/x2RlIuH9Q+8Um4Qrmfkwlq/emJHUsnFRnUnabEccJj/
uaor5ixKwcEiwNrpMKOCAc0FVfodQl30XbEz9bPO9TkoUdKTVVDFT4WOCQiUKxV6
UN3FZq3Otj1pfA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 07:17:21 2025 by rpki-client