Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier: 5GfW7qdY4FQar9IFPC8LZCJKKXvJrWNFp9WLsBQlzIc=
Subject key identifier: E5:AA:1C:96:16:1A:1B:96:D7:0A:46:0B:72:C1:CD:10:04:47:F2:BE
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial: 0198D660A0E95E591D9D22AB0D9F3D948536
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number: 1042
Signing time: Sat 23 Aug 2025 10:01:53 +0000
Manifest this update: Sat 23 Aug 2025 10:01:53 +0000
Manifest next update: Sun 24 Aug 2025 10:01:53 +0000
Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: +ts78HkQRaWMUngB+ibx5dA9219+XfucFMo8EMWhwBk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:60:a0:e9:5e:59:1d:9d:22:ab:0d:9f:3d:94:85:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
Validity
Not Before: Aug 23 10:01:53 2025 GMT
Not After : Aug 24 10:01:53 2025 GMT
Subject: CN=e5aa1c96161a1b96d70a460b72c1cd100447f2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:b0:b2:49:6d:d3:f8:e7:c5:09:97:1e:ad:
64:36:d3:c7:e3:f4:64:db:df:ab:67:c1:ec:1f:72:
26:71:0f:4a:34:c3:48:ec:b8:ba:17:0d:2e:38:7d:
77:6f:04:06:d1:e8:0d:de:88:0b:b1:fa:cb:77:98:
dd:74:9d:f3:47:51:6b:f0:4b:6b:f5:86:53:20:fd:
79:9f:fc:a4:c7:38:33:62:2a:0a:65:83:9f:00:d8:
91:a6:fb:e4:46:6e:a7:e1:1c:b9:76:b2:d2:37:39:
5e:f6:0c:1e:cd:2a:17:7a:9f:25:98:f9:77:46:0d:
ef:61:9e:cf:82:55:9d:e5:12:a5:3f:72:25:fb:1a:
5c:61:e5:94:36:1e:ac:5b:65:5a:28:1a:4d:e5:90:
6e:82:cb:1a:6d:fd:b2:fa:a7:cf:68:f6:f1:1d:b8:
e3:7a:92:2c:22:59:af:33:f1:ca:3c:8a:a0:cc:69:
10:76:47:76:3f:89:f7:24:d1:3e:ac:ea:03:22:ec:
40:19:2f:71:6f:8a:31:2f:e1:6f:1f:9a:4b:09:56:
5d:62:7a:31:c9:97:18:9f:01:31:34:5d:5f:f2:0a:
b2:b8:37:f0:a4:f9:5f:b7:03:2c:bd:15:c4:e3:c4:
05:7b:5f:c1:88:1d:ca:a8:33:7d:f4:23:d3:77:dc:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AA:1C:96:16:1A:1B:96:D7:0A:46:0B:72:C1:CD:10:04:47:F2:BE
X509v3 Authority Key Identifier:
keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:ed:3c:c6:c7:33:aa:d1:c4:bc:92:d5:f1:da:c9:4b:28:74:
ea:79:91:ac:81:fc:2b:25:29:cf:5e:80:2f:91:f7:0a:c6:4f:
89:41:63:b1:c9:1b:7f:de:33:66:04:d4:18:05:c2:19:57:e1:
f0:fb:48:7b:be:b8:0f:2a:e9:4a:ba:95:26:01:21:a5:73:77:
1e:21:48:cb:e6:fc:e8:4a:b2:c0:e4:e6:a0:a4:80:d9:4b:14:
3b:04:78:35:74:61:18:b6:eb:fd:c8:d2:0c:32:50:d7:83:25:
96:a3:69:7c:d2:98:98:c3:8f:17:e4:49:cd:fb:ed:c8:18:84:
99:67:57:6d:c0:bc:b4:05:dc:75:76:1b:c9:80:6d:4a:7a:48:
04:68:fe:ff:b5:7c:e2:59:e4:f4:7c:c4:05:52:de:1a:a9:b3:
c9:49:6e:d3:d6:88:18:71:59:52:e3:36:9c:78:cb:2e:71:04:
11:87:74:52:51:1e:f4:05:fc:71:89:55:38:01:b3:73:c1:ca:
e2:c7:56:9e:03:3a:91:9a:18:1f:eb:ef:fc:2d:8c:5e:a4:3e:
20:01:17:f0:69:89:14:67:a8:ca:c9:53:68:45:88:2a:00:a5:
29:ef:50:35:38:07:a3:62:70:04:58:28:ac:48:09:4f:7b:29:
6b:5e:b4:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYKDpXlkdnSKrDZ89lIU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUwODIzMTAwMTUzWhcNMjUwODI0MTAwMTUzWjAzMTEwLwYDVQQD
EyhlNWFhMWM5NjE2MWExYjk2ZDcwYTQ2MGI3MmMxY2QxMDA0NDdmMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5qwsklt0/jnxQmXHq1kNtPH4/Rk
29+rZ8HsH3ImcQ9KNMNI7Li6Fw0uOH13bwQG0egN3ogLsfrLd5jddJ3zR1Fr8Etr
9YZTIP15n/ykxzgzYioKZYOfANiRpvvkRm6n4Ry5drLSNzle9gwezSoXep8lmPl3
Rg3vYZ7PglWd5RKlP3Il+xpcYeWUNh6sW2VaKBpN5ZBugssabf2y+qfPaPbxHbjj
epIsIlmvM/HKPIqgzGkQdkd2P4n3JNE+rOoDIuxAGS9xb4oxL+FvH5pLCVZdYnox
yZcYnwExNF1f8gqyuDfwpPlftwMsvRXE48QFe1/BiB3KqDN99CPTd9zaGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWqHJYWGhuW1wpGC3LBzRAER/K+MB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACu08xscz
qtHEvJLV8drJSyh06nmRrIH8KyUpz16AL5H3CsZPiUFjsckbf94zZgTUGAXCGVfh
8PtIe764DyrpSrqVJgEhpXN3HiFIy+b86EqywOTmoKSA2UsUOwR4NXRhGLbr/cjS
DDJQ14MllqNpfNKYmMOPF+RJzfvtyBiEmWdXbcC8tAXcdXYbyYBtSnpIBGj+/7V8
4lnk9HzEBVLeGqmzyUlu09aIGHFZUuM2nHjLLnEEEYd0UlEe9AX8cYlVOAGzc8HK
4sdWngM6kZoYH+vv/C2MXqQ+IAEX8GmJFGeoyslTaEWIKgClKe9QNTgHo2JwBFgo
rEgJT3spa160Hw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:51:12 2025 by rpki-client