Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File: Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier: CrPYLPbQzzSI0r9nb5NP4aUY1T3NNB5FPqCwsX4hJ7M=
Subject key identifier: C2:CC:E1:EB:74:6D:1C:82:12:9C:F2:FB:F9:11:B6:F6:5C:B6:98:7E
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer: /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial: 0198D960D0EF0EE4897E245FD8D31AD50836
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number: 0230
Signing time: Sun 24 Aug 2025 00:00:57 +0000
Manifest this update: Sun 24 Aug 2025 00:00:57 +0000
Manifest next update: Mon 25 Aug 2025 00:00:57 +0000
Files and hashes: 1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: aM4OLkJJOLOv63GJgKNAS9zCP6lBZf1SG50AeS/Ls2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d9:60:d0:ef:0e:e4:89:7e:24:5f:d8:d3:1a:d5:08:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Validity
Not Before: Aug 24 00:00:57 2025 GMT
Not After : Aug 25 00:00:57 2025 GMT
Subject: CN=c2cce1eb746d1c82129cf2fbf911b6f65cb6987e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ef:66:56:0e:86:20:c5:57:5c:60:da:2d:44:
0d:d0:08:e1:20:55:07:2d:b3:32:3c:3e:1b:b8:2c:
b6:35:df:df:51:26:2c:c2:11:37:fa:f1:6d:3f:3a:
c7:60:17:1d:6e:65:25:ee:29:51:47:be:e2:e9:c6:
ac:f7:49:73:e5:cc:7a:4e:11:b4:8b:b6:15:52:e0:
83:63:f7:a5:8c:57:ac:98:be:15:cb:9c:a2:77:c5:
0c:25:2b:3f:ac:f7:c3:12:fe:3b:8d:fb:cd:9c:55:
b4:ef:9f:36:1e:5e:ba:49:74:49:ff:70:45:e4:63:
a4:9f:26:c3:e0:e2:5a:e4:b4:93:f5:7a:e8:c1:33:
6c:1a:8e:d2:09:a1:c2:2e:f0:af:dc:bb:2b:7c:99:
49:3a:dc:ac:6f:ae:23:fe:70:b1:12:09:cb:75:6c:
56:c3:fa:94:8e:d9:25:fc:c4:9c:98:a0:ba:74:2f:
96:8b:e3:32:08:68:53:f4:61:48:6c:4c:90:0d:b7:
4b:9a:6f:d8:ce:2c:58:08:5d:f8:86:b0:58:f6:46:
61:c3:fc:c3:6c:79:0b:3e:4e:7f:e5:7f:dd:36:6b:
b7:72:dd:e7:d2:fe:7a:8e:91:86:6a:1b:da:40:9f:
0b:4f:8e:b9:73:1a:bc:a0:e5:75:9b:2b:4c:fa:fe:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CC:E1:EB:74:6D:1C:82:12:9C:F2:FB:F9:11:B6:F6:5C:B6:98:7E
X509v3 Authority Key Identifier:
keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:33:11:2e:b0:c8:b3:58:d0:ca:1b:f3:c5:e5:69:b0:82:ec:
bc:d4:32:f9:d5:6d:2e:eb:ca:55:92:c3:44:0c:97:4d:bd:f1:
62:62:da:f3:f3:25:50:dd:7e:0c:02:2d:b8:6d:16:85:74:23:
9b:87:46:26:a3:d7:d8:4e:b0:db:48:42:2b:90:1f:5c:06:db:
8d:db:95:1e:c1:28:9b:5b:df:cc:09:90:4f:ed:de:8a:c1:8d:
77:24:8c:ec:e3:43:e4:50:83:52:68:ea:89:07:0c:c4:f4:51:
aa:83:40:03:00:c7:81:c3:64:df:ff:95:f9:08:cf:65:b4:8f:
0d:fc:eb:02:fb:ad:b9:6d:6f:f6:bd:cb:db:90:4d:6b:04:fa:
3f:ab:5b:53:1c:e1:00:eb:c2:4d:ff:27:77:07:52:91:bc:51:
2c:e7:35:fe:02:de:bf:5b:ea:3e:5b:90:85:1a:c3:0c:0a:6d:
5a:d5:b8:43:c7:f2:c8:29:3a:e0:3b:27:c9:18:ff:67:90:63:
bf:ba:9f:00:9a:16:56:16:30:50:9a:fe:10:a1:42:cb:1d:a0:
70:92:cb:5b:28:da:e0:19:76:e6:8c:ec:df:29:92:0a:b7:a5:
94:43:bc:7f:5b:1f:91:b3:d4:ff:6a:91:08:dc:d9:51:83:92:
73:41:87:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjZYNDvDuSJfiRf2NMa1Qg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwODI0MDAwMDU3WhcNMjUwODI1MDAwMDU3WjAzMTEwLwYDVQQD
EyhjMmNjZTFlYjc0NmQxYzgyMTI5Y2YyZmJmOTExYjZmNjVjYjY5ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu9mVg6GIMVXXGDaLUQN0AjhIFUH
LbMyPD4buCy2Nd/fUSYswhE3+vFtPzrHYBcdbmUl7ilRR77i6cas90lz5cx6ThG0
i7YVUuCDY/eljFesmL4Vy5yid8UMJSs/rPfDEv47jfvNnFW07582Hl66SXRJ/3BF
5GOknybD4OJa5LST9XrowTNsGo7SCaHCLvCv3LsrfJlJOtysb64j/nCxEgnLdWxW
w/qUjtkl/MScmKC6dC+Wi+MyCGhT9GFIbEyQDbdLmm/YzixYCF34hrBY9kZhw/zD
bHkLPk5/5X/dNmu3ct3n0v56jpGGahvaQJ8LT465cxq8oOV1mytM+v6i5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLM4et0bRyCEpzy+/kRtvZctph+MB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTMRLrDI
s1jQyhvzxeVpsILsvNQy+dVtLuvKVZLDRAyXTb3xYmLa8/MlUN1+DAItuG0WhXQj
m4dGJqPX2E6w20hCK5AfXAbbjduVHsEom1vfzAmQT+3eisGNdySM7OND5FCDUmjq
iQcMxPRRqoNAAwDHgcNk3/+V+QjPZbSPDfzrAvutuW1v9r3L25BNawT6P6tbUxzh
AOvCTf8ndwdSkbxRLOc1/gLev1vqPluQhRrDDAptWtW4Q8fyyCk64DsnyRj/Z5Bj
v7qfAJoWVhYwUJr+EKFCyx2gcJLLWyja4Bl25ozs3ymSCrellEO8f1sfkbPU/2qR
CNzZUYOSc0GH0w==
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:08:32 2025 by rpki-client