Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json)
Hash identifier: SUhDaESXQr9m2KcOw3PfD5bg+zUh80s5owaht5CsGE0=
Subject key identifier: 1D:BF:F8:51:F2:48:1F:1A:CD:F8:B7:2B:22:09:F3:66:2D:2F:D8:6D
Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Certificate serial: 0199FFC830E79B61F9651EBB84A54757F560
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
Manifest number: 0720
Signing time: Mon 20 Oct 2025 04:02:13 +0000
Manifest this update: Mon 20 Oct 2025 04:02:13 +0000
Manifest next update: Tue 21 Oct 2025 04:02:13 +0000
Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: Y3tzezH+WvwbplSnIz+ZKAw50LWqOb6YhZk/ZGyQ2fk=)
2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:30:e7:9b:61:f9:65:1e:bb:84:a5:47:57:f5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Validity
Not Before: Oct 20 04:02:13 2025 GMT
Not After : Oct 21 04:02:13 2025 GMT
Subject: CN=1dbff851f2481f1acdf8b72b2209f3662d2fd86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:a1:c1:85:18:0a:44:0f:5d:ec:7a:a3:a8:
1d:af:c4:b0:0f:8b:59:bf:ca:3c:27:72:2a:f8:a4:
bf:63:ff:f5:f1:92:be:3d:f2:31:ac:2b:8b:56:b3:
4c:62:d6:46:7e:61:c3:7a:44:54:55:46:15:e3:5c:
e3:02:ca:3c:9e:71:ab:b5:69:1a:74:02:fb:e6:de:
67:04:97:2a:2c:d3:04:f0:d7:e3:dc:a8:c3:7e:58:
17:39:6d:ce:a2:04:be:1a:ca:5b:99:ff:3d:2b:0b:
0b:84:e1:79:0f:9b:ba:e1:1d:cd:eb:98:b9:13:46:
35:21:e1:9f:02:b6:e0:1a:5b:63:e9:a9:0e:57:04:
b9:b1:1f:81:4f:6a:ef:d3:86:e1:1e:1f:92:f5:64:
26:dd:95:62:82:17:13:34:6c:e4:3e:c7:68:80:da:
2c:e9:5d:3e:71:88:13:82:df:87:5f:5d:5f:9a:08:
dc:92:69:e0:bc:81:bd:ad:97:af:64:60:87:74:e5:
5d:54:76:f9:5c:b4:4b:6f:f4:24:ca:a7:19:b0:cf:
f3:a9:f9:4b:ad:17:18:37:d0:f8:e3:86:46:2c:6b:
7b:fb:f4:81:50:99:46:ab:d4:0f:65:cd:15:f3:62:
0c:6a:55:e0:e8:02:85:3d:fb:93:e0:5b:70:c6:d7:
17:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BF:F8:51:F2:48:1F:1A:CD:F8:B7:2B:22:09:F3:66:2D:2F:D8:6D
X509v3 Authority Key Identifier:
keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:96:9c:9a:48:f6:b1:ce:6b:2d:ed:32:05:7d:a4:fa:bb:17:
c9:fa:1b:65:b2:79:16:71:c2:3f:53:67:1b:05:68:ec:3d:66:
10:26:61:ed:18:b7:11:76:0f:d4:67:fe:3f:13:3e:89:48:68:
99:67:c5:ec:8e:11:9d:4d:32:b1:3e:90:79:cb:41:36:a4:8c:
0a:97:32:d5:e7:09:f2:75:d6:71:ba:aa:ba:d4:ac:bf:ca:1b:
8d:63:4c:63:f5:fc:bc:72:2c:f1:f6:ee:f9:a4:bf:62:9d:4e:
1c:ed:2d:71:2d:f5:ec:b8:ea:1b:ad:b1:cc:c0:b0:f3:b4:99:
3e:8f:c1:eb:71:45:bc:58:7d:28:09:7e:0c:54:a1:ed:80:ce:
6f:be:d0:e0:2b:f0:e5:41:00:45:ff:10:01:48:a6:4b:9f:69:
28:a0:06:9a:c7:61:d9:51:49:c1:73:9a:09:2f:4d:77:d2:3f:
d3:36:1c:69:20:30:c0:c2:72:ec:6b:6b:6b:58:b8:b4:b9:b0:
80:8b:14:5b:7a:95:ee:31:5f:8d:c0:8a:34:92:0a:ee:e1:92:
c7:75:91:e8:ff:eb:68:1d:e4:0f:b8:b8:84:d1:09:b7:d3:9a:
dd:b7:ff:ab:ea:e1:ba:9a:02:70:e8:26:c5:e9:4b:43:45:0b:
71:b1:bb:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDDnm2H5ZR67hKVHV/VgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4
YTc5MzgwHhcNMjUxMDIwMDQwMjEzWhcNMjUxMDIxMDQwMjEzWjAzMTEwLwYDVQQD
EygxZGJmZjg1MWYyNDgxZjFhY2RmOGI3MmIyMjA5ZjM2NjJkMmZkODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRShwYUYCkQPXex6o6gdr8SwD4tZ
v8o8J3Iq+KS/Y//18ZK+PfIxrCuLVrNMYtZGfmHDekRUVUYV41zjAso8nnGrtWka
dAL75t5nBJcqLNME8Nfj3KjDflgXOW3OogS+Gspbmf89KwsLhOF5D5u64R3N65i5
E0Y1IeGfArbgGltj6akOVwS5sR+BT2rv04bhHh+S9WQm3ZVighcTNGzkPsdogNos
6V0+cYgTgt+HX11fmgjckmngvIG9rZevZGCHdOVdVHb5XLRLb/QkyqcZsM/zqflL
rRcYN9D444ZGLGt7+/SBUJlGq9QPZc0V82IMalXg6AKFPfuT4FtwxtcXUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2/+FHySB8azfi3KyIJ82YtL9htMB8GA1UdIwQY
MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt
ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi
LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJacmkj2
sc5rLe0yBX2k+rsXyfobZbJ5FnHCP1NnGwVo7D1mECZh7Ri3EXYP1Gf+PxM+iUho
mWfF7I4RnU0ysT6QectBNqSMCpcy1ecJ8nXWcbqqutSsv8objWNMY/X8vHIs8fbu
+aS/Yp1OHO0tcS317LjqG62xzMCw87SZPo/B63FFvFh9KAl+DFSh7YDOb77Q4Cvw
5UEARf8QAUimS59pKKAGmsdh2VFJwXOaCS9Nd9I/0zYcaSAwwMJy7Gtra1i4tLmw
gIsUW3qV7jFfjcCKNJIK7uGSx3WR6P/raB3kD7i4hNEJt9Oa3bf/q+rhupoCcOgm
xelLQ0ULcbG7hg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:41:35 2025 by rpki-client