Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier: sDj1uXBRcF4Lfu5EDlFTVwzY5JcsNPymLxg/SMI7p70=
Subject key identifier: CE:7B:D9:06:B6:C1:02:2B:84:28:E0:39:B9:7E:5E:3B:25:55:CA:3E
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial: 0199FC8FBEB114FAB675F3A743FE9D97778B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number: 0E2B
Signing time: Sun 19 Oct 2025 13:01:42 +0000
Manifest this update: Sun 19 Oct 2025 13:01:42 +0000
Manifest next update: Mon 20 Oct 2025 13:01:42 +0000
Files and hashes: 1: CDrnNbtJLaCL50xwnqrzUWhQ_9k.roa (hash: xkyChTjHPfmap3pEfIzmPahUIANDsQxEAOedvER2SvU=)
2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: Q2J6iBYizr07FLZbhUtzeqikzf8aCwmE7J79wREuD9Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:be:b1:14:fa:b6:75:f3:a7:43:fe:9d:97:77:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8801543812040477d4744229466c8537d45171
Validity
Not Before: Oct 19 13:01:42 2025 GMT
Not After : Oct 20 13:01:42 2025 GMT
Subject: CN=ce7bd906b6c1022b8428e039b97e5e3b2555ca3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:79:bf:14:cb:fd:9e:6d:c7:a5:ef:dd:1b:
55:36:da:c3:c1:99:38:85:51:7c:d0:25:51:51:d7:
96:72:0f:90:e5:f1:be:c6:77:77:7c:92:f7:4d:4e:
c9:7d:51:1d:19:cd:e9:e9:73:c1:fb:68:09:f8:41:
33:b8:ed:17:a8:4f:f0:f5:b1:a1:46:64:aa:55:01:
05:1b:33:2a:21:bd:52:bb:94:3d:01:9f:59:c9:63:
5f:77:a5:78:75:33:d1:e7:01:56:bc:93:50:4f:db:
30:99:b4:04:69:21:3c:1e:16:8f:2d:fe:c1:0e:b4:
6f:60:a2:51:81:08:80:7b:ad:5e:e3:02:e0:7f:20:
44:9e:12:37:fc:5a:e0:b2:80:26:3b:c6:3e:1e:6f:
39:76:52:69:6c:6c:bd:69:0b:69:bc:22:ed:98:0a:
e0:59:15:41:7f:ed:82:67:5e:a4:9f:23:3e:98:92:
94:8c:a2:51:0e:07:b2:97:d1:f2:fa:cc:1a:5b:94:
9d:18:fa:7c:06:4a:c4:0a:22:45:da:45:3d:8a:c7:
9c:f0:09:6c:9e:f2:c6:ae:7b:53:37:9a:b0:2a:6d:
9a:cc:e5:c8:a7:c9:bc:d1:7f:ac:5a:7f:1c:c4:ba:
c2:e3:46:04:96:86:df:c1:a8:78:6f:89:6e:80:56:
14:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7B:D9:06:B6:C1:02:2B:84:28:E0:39:B9:7E:5E:3B:25:55:CA:3E
X509v3 Authority Key Identifier:
keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:83:23:12:c0:47:6d:af:cc:a9:fa:8e:b2:70:0d:c3:a4:94:
bc:19:9e:40:87:e2:77:89:d4:6f:29:b2:19:3f:2d:83:d1:c2:
43:83:38:21:34:d4:19:95:86:f7:41:05:a6:e7:37:78:71:8b:
7b:1d:6d:53:c3:44:a7:cc:80:44:bc:9c:e6:05:d3:79:f2:14:
2a:c1:f5:df:64:1d:4b:27:0c:7e:eb:3a:55:02:b6:3c:f7:da:
fc:be:19:22:fe:4e:3b:ed:5f:5d:ce:b8:5b:b0:38:de:0c:0b:
45:21:32:76:ad:29:e6:d7:32:9e:da:92:31:57:fd:2d:a0:24:
06:ae:6c:d5:e3:61:98:c5:e1:28:a8:78:3b:9d:63:b7:74:8a:
8b:a9:c2:d6:1e:a9:f9:55:74:aa:e6:11:d3:09:1c:3e:63:23:
a2:15:11:ec:f0:6c:10:c5:32:5b:2a:f9:38:69:cf:08:6b:e2:
28:f9:df:2c:19:30:90:07:bb:a9:a6:2e:f2:f6:47:9c:c1:ca:
2d:a4:6f:1d:31:a3:55:ba:53:05:98:5a:52:a1:29:3b:b4:cd:
91:d8:e9:79:0e:13:11:fb:e6:f0:02:50:65:79:20:04:9b:d6:
07:57:34:23:ea:e4:32:d0:f7:4f:b6:2f:ad:9d:fa:24:3c:ac:
77:dd:bc:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j76xFPq2dfOnQ/6dl3eLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjUxMDE5MTMwMTQyWhcNMjUxMDIwMTMwMTQyWjAzMTEwLwYDVQQD
EyhjZTdiZDkwNmI2YzEwMjJiODQyOGUwMzliOTdlNWUzYjI1NTVjYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspZ5vxTL/Z5tx6Xv3RtVNtrDwZk4
hVF80CVRUdeWcg+Q5fG+xnd3fJL3TU7JfVEdGc3p6XPB+2gJ+EEzuO0XqE/w9bGh
RmSqVQEFGzMqIb1Su5Q9AZ9ZyWNfd6V4dTPR5wFWvJNQT9swmbQEaSE8HhaPLf7B
DrRvYKJRgQiAe61e4wLgfyBEnhI3/FrgsoAmO8Y+Hm85dlJpbGy9aQtpvCLtmArg
WRVBf+2CZ16knyM+mJKUjKJRDgeyl9Hy+swaW5SdGPp8BkrECiJF2kU9isec8Als
nvLGrntTN5qwKm2azOXIp8m80X+sWn8cxLrC40YElobfwah4b4lugFYUAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM572Qa2wQIrhCjgObl+XjslVco+MB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACYMjEsBH
ba/MqfqOsnANw6SUvBmeQIfid4nUbymyGT8tg9HCQ4M4ITTUGZWG90EFpuc3eHGL
ex1tU8NEp8yARLyc5gXTefIUKsH132QdSycMfus6VQK2PPfa/L4ZIv5OO+1fXc64
W7A43gwLRSEydq0p5tcyntqSMVf9LaAkBq5s1eNhmMXhKKh4O51jt3SKi6nC1h6p
+VV0quYR0wkcPmMjohUR7PBsEMUyWyr5OGnPCGviKPnfLBkwkAe7qaYu8vZHnMHK
LaRvHTGjVbpTBZhaUqEpO7TNkdjpeQ4TEfvm8AJQZXkgBJvWB1c0I+rkMtD3T7Yv
rZ36JDysd9287A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:34:49 2025 by rpki-client