Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft
File: iKlKQUDhmzIGP8bnefWTFKdKDFE.mft (raw, json)
Hash identifier: gcQjAtifapTwXFebqMq95ZOd/7ZJkY1zagI+2kP49/I=
Subject key identifier: 11:D7:7A:54:9D:5C:42:44:72:D7:E8:B6:56:19:FD:F6:12:6D:A5:23
Authority key identifier: 88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51
Certificate issuer: /CN=88a94a4140e19b32063fc6e779f59314a74a0c51
Certificate serial: 019A02232ACCA266C7C1E26E49944B073E7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft
Manifest number: 16E6
Signing time: Mon 20 Oct 2025 15:00:50 +0000
Manifest this update: Mon 20 Oct 2025 15:00:50 +0000
Manifest next update: Tue 21 Oct 2025 15:00:50 +0000
Files and hashes: 1: S1kW1dWYYAUdp34Ffvr3hqq6tx4.roa (hash: HPlJ0x+8hEc9+twnaORN/j75RT2RjTnSkW49RshA3cE=)
2: iKlKQUDhmzIGP8bnefWTFKdKDFE.crl (hash: jLi+Xp1HdiNHSkGdl+DPQQY7odkPbL52M/DsjD7M7wU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:23:2a:cc:a2:66:c7:c1:e2:6e:49:94:4b:07:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a94a4140e19b32063fc6e779f59314a74a0c51
Validity
Not Before: Oct 20 15:00:50 2025 GMT
Not After : Oct 21 15:00:50 2025 GMT
Subject: CN=11d77a549d5c424472d7e8b65619fdf6126da523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c4:2f:8a:27:79:8f:6f:b6:0b:55:d5:83:bb:
17:e4:80:f4:4f:02:54:e4:ca:40:62:65:6f:8b:f3:
2f:46:29:e5:15:d0:f4:29:7b:7b:47:b5:10:8f:4a:
54:59:ed:d9:42:8c:f8:a2:05:e7:4a:04:2e:a8:8e:
c7:32:f6:6b:6e:4d:07:27:56:bf:0e:de:b4:ac:74:
28:cb:87:55:9f:d1:2c:72:ea:6f:d5:3a:91:b1:47:
37:77:a5:31:3c:f0:fd:d2:71:cf:cf:99:1a:00:e7:
75:75:0d:cd:34:86:f1:ed:0a:c9:42:0a:e5:be:b9:
33:82:32:8a:f7:ef:82:bf:1e:32:22:e4:d8:68:ee:
19:46:36:84:18:00:35:a3:24:69:e4:a6:a8:ed:77:
d8:a6:08:15:6d:85:73:c4:17:a0:f9:c7:f0:43:5e:
62:b2:bd:4b:88:b7:b5:7e:b3:85:0d:e9:f4:34:0c:
4f:3b:0f:ba:e6:98:61:1c:6d:b8:69:96:72:0c:2a:
11:34:02:d2:c8:44:2b:14:82:99:6c:c4:2c:75:b0:
77:95:e3:8e:aa:91:56:05:48:94:16:4e:59:ba:be:
96:f1:91:08:51:ef:f0:00:89:0c:d8:e9:a4:81:d4:
64:dc:cb:2a:a4:03:1e:61:f5:95:e5:72:61:de:e6:
22:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:7A:54:9D:5C:42:44:72:D7:E8:B6:56:19:FD:F6:12:6D:A5:23
X509v3 Authority Key Identifier:
keyid:88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:68:eb:e4:b9:3f:5a:b2:a7:f4:ac:f1:d7:77:27:94:d0:dd:
5d:b0:73:02:85:e1:4b:af:a9:02:e3:37:3f:e2:dc:e1:81:37:
e3:d7:2b:d9:54:4a:47:9d:e8:72:eb:2b:b6:26:8a:c8:57:e3:
70:5b:84:34:a3:ac:c0:94:79:94:14:17:a0:32:d8:65:55:53:
9f:39:3e:8c:a9:a5:26:fd:7d:65:d9:24:e5:1e:80:fd:4c:5a:
22:f9:30:11:9c:14:15:e2:84:34:96:94:3c:8d:36:ce:64:b3:
e9:7e:77:da:9b:06:ff:63:73:49:c0:3e:e6:11:22:3b:1d:92:
6e:8a:c9:c7:4d:99:03:51:de:08:de:83:b5:00:92:3f:96:84:
c2:0b:0a:82:fc:6f:2b:5a:d1:7e:20:7e:44:a0:c7:b9:a6:6a:
83:1b:71:f8:3f:08:15:85:ee:10:b6:42:0f:98:c1:7f:26:c5:
d0:e0:3e:7e:f3:c1:d8:8e:97:51:ca:fe:32:2a:5f:1d:7e:bf:
be:12:ec:1d:16:ea:68:f1:05:11:ce:0f:59:e6:54:9e:70:22:
bb:2d:77:c6:61:6f:ad:3e:36:4e:14:17:ec:75:14:df:92:3f:
f4:80:1e:6b:da:63:7c:6a:5d:53:0c:c0:33:b5:63:7c:21:1a:
11:b6:9e:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIyrMombHweJuSZRLBz59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTk0YTQxNDBlMTliMzIwNjNmYzZlNzc5ZjU5MzE0YTc0
YTBjNTEwHhcNMjUxMDIwMTUwMDUwWhcNMjUxMDIxMTUwMDUwWjAzMTEwLwYDVQQD
EygxMWQ3N2E1NDlkNWM0MjQ0NzJkN2U4YjY1NjE5ZmRmNjEyNmRhNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sQviid5j2+2C1XVg7sX5ID0TwJU
5MpAYmVvi/MvRinlFdD0KXt7R7UQj0pUWe3ZQoz4ogXnSgQuqI7HMvZrbk0HJ1a/
Dt60rHQoy4dVn9Escupv1TqRsUc3d6UxPPD90nHPz5kaAOd1dQ3NNIbx7QrJQgrl
vrkzgjKK9++Cvx4yIuTYaO4ZRjaEGAA1oyRp5Kao7XfYpggVbYVzxBeg+cfwQ15i
sr1LiLe1frOFDen0NAxPOw+65phhHG24aZZyDCoRNALSyEQrFIKZbMQsdbB3leOO
qpFWBUiUFk5Zur6W8ZEIUe/wAIkM2OmkgdRk3MsqpAMeYfWV5XJh3uYi0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHXelSdXEJEctfotlYZ/fYSbaUjMB8GA1UdIwQY
MBaAFIipSkFA4ZsyBj/G53n1kxSnSgxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUt
N2ZlYTA2NmYwYjk2LzEvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUtN2ZlYTA2NmYwYjk2
LzEvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWjr5Lk/
WrKn9Kzx13cnlNDdXbBzAoXhS6+pAuM3P+Lc4YE349cr2VRKR53ocusrtiaKyFfj
cFuENKOswJR5lBQXoDLYZVVTnzk+jKmlJv19Zdkk5R6A/UxaIvkwEZwUFeKENJaU
PI02zmSz6X532psG/2NzScA+5hEiOx2SborJx02ZA1HeCN6DtQCSP5aEwgsKgvxv
K1rRfiB+RKDHuaZqgxtx+D8IFYXuELZCD5jBfybF0OA+fvPB2I6XUcr+MipfHX6/
vhLsHRbqaPEFEc4PWeZUnnAiuy13xmFvrT42ThQX7HUU35I/9IAea9pjfGpdUwzA
M7VjfCEaEbaelg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:34:11 2025 by rpki-client