Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
File: I7KazNTA1fX4N36n9GNDt2Brq3w.mft (raw, json)
Hash identifier: R1a0qFxLzNWote+j8YFQg1/acm5klup5aDoHKPCvEM0=
Subject key identifier: 99:B3:7D:08:5B:36:B1:E9:E8:11:15:15:E5:E8:49:E8:73:85:AE:C3
Authority key identifier: 23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C
Certificate issuer: /CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
Certificate serial: 019A0222D4EFFA35EE6E681E848DC0E4B8F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
Manifest number: 0D60
Signing time: Mon 20 Oct 2025 15:00:28 +0000
Manifest this update: Mon 20 Oct 2025 15:00:28 +0000
Manifest next update: Tue 21 Oct 2025 15:00:28 +0000
Files and hashes: 1: BY3gmYE2jAUAzVYgNkSF1kzgx38.roa (hash: o+T/NGOLnxz7Wv8sLagAUwobjqcsqFCif9O5RgNrbi4=)
2: I7KazNTA1fX4N36n9GNDt2Brq3w.crl (hash: 9C4/+GqBycGSu335JW4vAtpgSHT2cQ1UcUIBmym4So8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 15:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:22:d4:ef:fa:35:ee:6e:68:1e:84:8d:c0:e4:b8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
Validity
Not Before: Oct 20 15:00:28 2025 GMT
Not After : Oct 21 15:00:28 2025 GMT
Subject: CN=99b37d085b36b1e9e8111515e5e849e87385aec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:dc:e3:35:89:ed:63:61:59:61:b5:95:84:
59:64:90:da:0d:55:be:47:9a:4b:85:d4:70:ce:3d:
fe:b8:b3:fe:c8:bd:a5:ec:9d:06:7d:7a:2f:e7:75:
0c:70:39:02:e7:f3:e7:45:06:c7:4e:83:73:4c:33:
75:3a:eb:e7:3e:dc:a1:1b:bc:53:aa:d9:56:64:08:
dd:ec:e7:25:96:6f:1d:63:cf:38:73:82:0f:c5:1e:
71:a8:cb:a5:cd:4d:0a:c7:bc:58:d8:11:2f:a6:9d:
2b:5e:cf:fd:a7:4f:45:b1:e9:32:45:e2:e0:69:4c:
cf:fa:45:df:e9:81:ba:99:ee:6d:2c:da:39:19:6c:
c9:62:5e:62:98:a3:7a:d8:11:f2:b3:6e:85:3c:0b:
d0:77:da:69:0b:5f:b3:3d:90:4e:f8:ce:e2:f6:60:
aa:89:2b:c4:5b:32:d4:14:5d:12:6b:17:f8:55:2b:
18:ba:f2:81:18:4e:bb:9a:67:a9:d9:72:4a:07:c8:
51:46:63:92:aa:60:fc:b6:b0:ab:1e:dd:75:d0:4f:
e0:57:0d:e8:07:42:23:94:97:1f:e4:0d:9b:b2:80:
47:4c:40:1e:68:29:b8:fc:48:59:1e:c4:cc:c6:63:
ea:18:3d:9a:6f:85:32:29:9b:2b:6f:6a:f3:99:0d:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B3:7D:08:5B:36:B1:E9:E8:11:15:15:E5:E8:49:E8:73:85:AE:C3
X509v3 Authority Key Identifier:
keyid:23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:65:d5:6c:76:af:f9:e9:07:22:54:6c:62:38:95:05:f3:40:
ff:2d:06:d9:ff:72:96:4a:17:78:49:10:d9:37:90:0c:7a:2c:
16:af:4a:cc:e7:57:5b:41:69:cf:68:8f:9f:78:35:f5:9f:ec:
59:6c:99:01:85:22:67:2a:f6:d8:d2:d5:93:f5:02:83:65:2b:
56:05:d9:b0:b2:27:79:b6:58:24:e1:e8:b4:22:e9:bb:d7:86:
26:63:d8:52:ff:b9:ed:57:7a:7d:fd:11:7a:3a:f8:20:1a:20:
2f:03:7f:ba:98:21:70:51:0d:3a:86:fe:55:0f:5d:09:d5:32:
f2:9b:48:08:99:57:21:50:38:23:60:7d:f1:33:73:fb:5c:83:
37:c9:b7:66:66:df:a2:8f:1e:62:1a:ea:98:a1:47:77:33:c2:
53:b6:08:7d:47:e1:cd:31:db:a7:bc:1f:c7:46:a1:9e:05:53:
cf:8f:0d:29:60:f9:6b:6a:65:58:3a:3c:a5:7c:2c:5e:b9:95:
73:58:4d:81:59:18:d9:06:c8:bf:fe:57:9c:35:9a:40:fa:f1:
23:8a:64:4f:e9:4a:3f:01:e2:c7:15:5d:b5:21:0e:b1:2b:17:
a9:d8:de:d5:ca:16:26:73:8f:a5:b4:29:19:b6:50:10:3b:7b:
9f:7a:66:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCItTv+jXubmgehI3A5LjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjI5YWNjZDRjMGQ1ZjVmODM3N2VhN2Y0NjM0M2I3NjA2
YmFiN2MwHhcNMjUxMDIwMTUwMDI4WhcNMjUxMDIxMTUwMDI4WjAzMTEwLwYDVQQD
Eyg5OWIzN2QwODViMzZiMWU5ZTgxMTE1MTVlNWU4NDllODczODVhZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIDc4zWJ7WNhWWG1lYRZZJDaDVW+
R5pLhdRwzj3+uLP+yL2l7J0GfXov53UMcDkC5/PnRQbHToNzTDN1OuvnPtyhG7xT
qtlWZAjd7Ocllm8dY884c4IPxR5xqMulzU0Kx7xY2BEvpp0rXs/9p09FsekyReLg
aUzP+kXf6YG6me5tLNo5GWzJYl5imKN62BHys26FPAvQd9ppC1+zPZBO+M7i9mCq
iSvEWzLUFF0Saxf4VSsYuvKBGE67mmep2XJKB8hRRmOSqmD8trCrHt110E/gVw3o
B0IjlJcf5A2bsoBHTEAeaCm4/EhZHsTMxmPqGD2ab4UyKZsrb2rzmQ2FjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmzfQhbNrHp6BEVFeXoSehzha7DMB8GA1UdIwQY
MBaAFCOymszUwNX1+Dd+p/RjQ7dga6t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAt
MTE3NGE0MjgwMzZiLzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAtMTE3NGE0MjgwMzZi
LzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo2XVbHav
+ekHIlRsYjiVBfNA/y0G2f9ylkoXeEkQ2TeQDHosFq9KzOdXW0Fpz2iPn3g19Z/s
WWyZAYUiZyr22NLVk/UCg2UrVgXZsLInebZYJOHotCLpu9eGJmPYUv+57Vd6ff0R
ejr4IBogLwN/upghcFENOob+VQ9dCdUy8ptICJlXIVA4I2B98TNz+1yDN8m3Zmbf
oo8eYhrqmKFHdzPCU7YIfUfhzTHbp7wfx0ahngVTz48NKWD5a2plWDo8pXwsXrmV
c1hNgVkY2QbIv/5XnDWaQPrxI4pkT+lKPwHixxVdtSEOsSsXqdje1coWJnOPpbQp
GbZQEDt7n3pmVg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:50:24 2025 by rpki-client