Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File: Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier: 0/bgypy1a7XH2s4Fc+0P6Qioj1Qeeoo5AkfS4PdEeyk=
Subject key identifier: 7F:A8:D4:25:3C:A6:1F:3F:E3:3B:C3:73:5E:4A:2B:A9:F6:82:21:09
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer: /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial: 0199FCFD954A4EA57AB63ACE9806EE8674DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number: 02C7
Signing time: Sun 19 Oct 2025 15:01:41 +0000
Manifest this update: Sun 19 Oct 2025 15:01:41 +0000
Manifest next update: Mon 20 Oct 2025 15:01:41 +0000
Files and hashes: 1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: QCGP001usWh747SohC2iLpAMaBQ7mfp7VwMos7L9y7Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:95:4a:4e:a5:7a:b6:3a:ce:98:06:ee:86:74:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Validity
Not Before: Oct 19 15:01:41 2025 GMT
Not After : Oct 20 15:01:41 2025 GMT
Subject: CN=7fa8d4253ca61f3fe33bc3735e4a2ba9f6822109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:eb:69:9f:42:83:fb:0b:b4:20:56:18:29:
62:68:f1:aa:60:55:8a:af:96:0f:77:af:77:0c:b0:
48:ec:12:8e:e9:81:ca:a8:76:92:a6:59:12:8c:af:
b8:cf:06:f5:b9:be:ca:a0:a1:3b:e3:25:9f:c3:1d:
44:c2:1d:da:9f:b4:0b:f8:b3:33:82:31:5e:8a:84:
83:a6:26:5c:ff:4d:30:06:0b:67:09:71:b0:cb:6d:
84:fe:bf:7c:5d:dc:6d:b4:f7:21:8e:d3:4d:2d:a2:
ec:40:92:50:60:d9:ca:23:f6:aa:9a:72:36:40:f5:
13:7b:11:8d:36:1a:b1:ac:67:a3:96:c2:92:26:1d:
9e:da:a6:9f:2c:99:14:cb:c9:8d:42:73:56:5f:9b:
e7:92:7f:7c:0f:7d:1e:f1:64:1c:ae:7b:bc:66:f1:
b3:7d:a1:4d:9e:20:9b:7f:4d:c2:06:04:83:10:95:
24:68:cc:db:40:73:2a:68:11:0b:a7:6f:60:4b:f1:
a4:77:a7:f4:99:55:7a:45:47:68:34:b2:6b:28:f0:
0f:0d:54:b3:00:ba:01:d1:cf:3e:f2:f6:85:bd:73:
0f:7f:b5:d1:bd:cd:01:fc:90:bd:f6:d4:47:a6:e0:
b4:31:2b:8d:db:00:09:0c:0c:06:d0:69:ec:6a:b0:
c4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A8:D4:25:3C:A6:1F:3F:E3:3B:C3:73:5E:4A:2B:A9:F6:82:21:09
X509v3 Authority Key Identifier:
keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:96:2c:b2:07:7e:f5:2d:87:83:be:ea:cd:0c:2d:b8:d3:3a:
00:71:7e:57:53:b1:b9:3a:54:1e:c3:ae:09:84:a0:d1:55:d0:
15:41:94:f7:f8:19:55:dc:13:8d:51:6e:eb:26:b1:d4:48:2e:
8d:5b:65:f0:2f:db:6f:67:2e:f7:43:b9:05:3b:fc:ba:d9:b9:
7f:2f:1f:40:75:60:9a:d7:85:0b:83:00:72:ee:a2:05:c0:fe:
f3:e1:c7:ef:5b:9b:80:46:b9:22:f2:b9:c4:28:5c:74:a1:c1:
80:a8:6d:f7:8e:ba:96:31:e8:df:62:76:d6:0d:d0:d3:a2:34:
f3:d3:a8:1e:b3:85:48:82:4f:c7:eb:04:11:02:7b:34:bb:71:
df:d9:ff:3f:db:0e:93:a9:65:eb:b9:9c:4d:70:a6:75:02:fe:
6e:4d:b2:6d:49:e0:00:86:74:b4:c3:e5:7c:4e:0f:59:ca:47:
85:e0:98:21:84:30:8f:f6:33:b9:dc:9f:6c:c3:67:36:a1:39:
1a:b0:ad:64:89:b9:8e:b7:a5:21:22:3f:91:92:56:3e:9f:18:
9e:cc:d0:2a:b9:5d:74:f7:93:92:2d:d9:01:75:1e:74:8a:07:
12:de:c4:c6:06:7c:c7:e0:68:b4:00:1b:b9:a9:5a:e6:64:0b:
4d:b1:99:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/ZVKTqV6tjrOmAbuhnTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUxMDE5MTUwMTQxWhcNMjUxMDIwMTUwMTQxWjAzMTEwLwYDVQQD
Eyg3ZmE4ZDQyNTNjYTYxZjNmZTMzYmMzNzM1ZTRhMmJhOWY2ODIyMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYbraZ9Cg/sLtCBWGCliaPGqYFWK
r5YPd693DLBI7BKO6YHKqHaSplkSjK+4zwb1ub7KoKE74yWfwx1Ewh3an7QL+LMz
gjFeioSDpiZc/00wBgtnCXGwy22E/r98XdxttPchjtNNLaLsQJJQYNnKI/aqmnI2
QPUTexGNNhqxrGejlsKSJh2e2qafLJkUy8mNQnNWX5vnkn98D30e8WQcrnu8ZvGz
faFNniCbf03CBgSDEJUkaMzbQHMqaBELp29gS/Gkd6f0mVV6RUdoNLJrKPAPDVSz
ALoB0c8+8vaFvXMPf7XRvc0B/JC99tRHpuC0MSuN2wAJDAwG0GnsarDEFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+o1CU8ph8/4zvDc15KK6n2giEJMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5Yssgd+
9S2Hg77qzQwtuNM6AHF+V1OxuTpUHsOuCYSg0VXQFUGU9/gZVdwTjVFu6yax1Egu
jVtl8C/bb2cu90O5BTv8utm5fy8fQHVgmteFC4MAcu6iBcD+8+HH71ubgEa5IvK5
xChcdKHBgKht9466ljHo32J21g3Q06I089OoHrOFSIJPx+sEEQJ7NLtx39n/P9sO
k6ll67mcTXCmdQL+bk2ybUngAIZ0tMPlfE4PWcpHheCYIYQwj/YzudyfbMNnNqE5
GrCtZIm5jrelISI/kZJWPp8YnszQKrlddPeTki3ZAXUedIoHEt7ExgZ8x+BotAAb
uala5mQLTbGZTw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:53:29 2025 by rpki-client