Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
File: rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft (raw, json)
Hash identifier: Pj7PrV52H5IeiWoeargh0bGo9IiQ72UXqPX7mQncBto=
Subject key identifier: 43:A5:5F:97:68:49:F8:15:9E:A2:BB:62:7D:AC:DF:55:1F:E4:C7:A4
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 0199FDDA53E85EAFFE0A17D2EF58AE8C83AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
Manifest number: 16EB
Signing time: Sun 19 Oct 2025 19:02:47 +0000
Manifest this update: Sun 19 Oct 2025 19:02:47 +0000
Manifest next update: Mon 20 Oct 2025 19:02:47 +0000
Files and hashes: 1: 7OSbUsexneQ0Q14f6d4gS3FqwKA.roa (hash: bTywqIASCFGsuBv+6N7v2D8L1Q+x4uOFKiuvSJi+2o4=)
2: BAFnA8E_-fRHFvJR66V5dNg4Xzc.roa (hash: zli04q+UUFDZ6LvNlKF4wEZntdZy+cQL9il9Oh4rSZo=)
3: rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl (hash: nkfHHYJt3nNRDYXimJV9ORJfML14yOajGwnL3dZHO+A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:da:53:e8:5e:af:fe:0a:17:d2:ef:58:ae:8c:83:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Oct 19 19:02:47 2025 GMT
Not After : Oct 20 19:02:47 2025 GMT
Subject: CN=43a55f976849f8159ea2bb627dacdf551fe4c7a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:27:87:ea:2d:69:35:73:5d:91:2d:eb:4c:
f5:c3:84:95:4c:b4:61:cc:ae:c9:56:89:d2:38:c6:
12:1e:3e:56:66:f2:de:f4:d2:bf:9c:12:c6:4d:b5:
35:c4:c5:ca:b6:1f:21:e7:0c:b2:8e:4c:ba:88:b5:
ab:d5:3d:25:fc:38:b9:2d:c6:47:7c:ec:63:61:e0:
7a:4f:f4:9c:34:22:b0:a7:9c:57:b7:01:01:c0:13:
09:9f:e9:53:93:93:b2:14:b1:f1:a5:ed:66:0c:11:
2e:d0:3c:b7:4a:46:e9:c3:fe:ff:64:84:27:a5:fc:
f0:6f:69:f8:1f:27:f9:7b:51:a0:f4:32:fc:e0:a6:
c5:c0:e9:c4:97:37:68:93:43:ee:04:af:5f:20:81:
b9:59:53:97:27:6c:98:63:6f:3b:b5:5d:3a:c4:ac:
43:71:c1:f3:52:c6:10:82:f0:6b:02:b5:9c:17:ed:
4c:28:45:9e:5b:00:92:b3:ac:3d:47:61:f4:3b:b4:
d0:3d:f1:46:bd:41:fb:47:46:76:2d:a7:58:c5:f7:
99:85:2b:4c:d0:99:19:cd:2b:fd:03:fc:1a:ef:61:
26:2a:ab:b9:5c:ca:1c:9c:52:74:03:75:4e:32:0b:
ab:a0:72:b3:a0:ea:55:bb:1b:f0:d6:fe:dc:8f:30:
a9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A5:5F:97:68:49:F8:15:9E:A2:BB:62:7D:AC:DF:55:1F:E4:C7:A4
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:73:74:42:af:a4:4b:5e:8a:64:51:b3:a3:dd:de:f8:bd:dc:
09:7e:c8:2c:c3:b7:a2:12:04:e1:de:1f:3a:e2:fe:8d:5e:c0:
61:eb:37:69:70:ad:ac:93:aa:3d:9b:06:eb:10:e8:40:68:15:
82:2c:fe:b0:1b:28:31:9e:6a:d0:4f:af:4e:af:4a:b1:ce:b9:
ea:51:36:36:d7:17:60:58:9e:a1:eb:1d:0c:f2:a6:c0:07:fc:
b9:c9:02:fd:38:90:19:35:e6:f9:c2:45:cd:b0:71:78:2e:b2:
69:1c:cb:a6:4e:69:0e:57:ca:fc:8e:c5:29:c9:e1:80:dd:6f:
fd:8e:90:2d:14:e8:2d:b1:9f:09:64:12:3d:b9:71:75:f5:35:
3d:df:51:52:59:77:95:11:39:06:b2:2e:9a:1a:4f:6d:14:2a:
df:77:5e:b4:d7:eb:bd:cb:b4:0c:74:71:26:65:35:74:78:66:
fb:5e:c5:c4:fa:89:fd:c5:04:ac:41:b6:65:df:ec:e4:57:c4:
9f:2c:1c:a6:21:87:56:ea:19:9b:f2:7f:25:5e:a6:72:cb:c6:
5f:cf:06:d2:c6:15:0f:4c:c3:8f:84:ca:44:08:71:e5:a2:53:
43:a1:96:ad:67:c8:d3:56:33:37:03:59:df:ee:7e:2e:7b:72:
c1:a9:c7:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92lPoXq/+ChfS71iujIOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjUxMDE5MTkwMjQ3WhcNMjUxMDIwMTkwMjQ3WjAzMTEwLwYDVQQD
Eyg0M2E1NWY5NzY4NDlmODE1OWVhMmJiNjI3ZGFjZGY1NTFmZTRjN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmawnh+otaTVzXZEt60z1w4SVTLRh
zK7JVonSOMYSHj5WZvLe9NK/nBLGTbU1xMXKth8h5wyyjky6iLWr1T0l/Di5LcZH
fOxjYeB6T/ScNCKwp5xXtwEBwBMJn+lTk5OyFLHxpe1mDBEu0Dy3Skbpw/7/ZIQn
pfzwb2n4Hyf5e1Gg9DL84KbFwOnElzdok0PuBK9fIIG5WVOXJ2yYY287tV06xKxD
ccHzUsYQgvBrArWcF+1MKEWeWwCSs6w9R2H0O7TQPfFGvUH7R0Z2LadYxfeZhStM
0JkZzSv9A/wa72EmKqu5XMocnFJ0A3VOMguroHKzoOpVuxvw1v7cjzCpoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOlX5doSfgVnqK7Yn2s31Uf5MekMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATnN0Qq+k
S16KZFGzo93e+L3cCX7ILMO3ohIE4d4fOuL+jV7AYes3aXCtrJOqPZsG6xDoQGgV
giz+sBsoMZ5q0E+vTq9Ksc656lE2NtcXYFieoesdDPKmwAf8uckC/TiQGTXm+cJF
zbBxeC6yaRzLpk5pDlfK/I7FKcnhgN1v/Y6QLRToLbGfCWQSPblxdfU1Pd9RUll3
lRE5BrIumhpPbRQq33detNfrvcu0DHRxJmU1dHhm+17FxPqJ/cUErEG2Zd/s5FfE
nywcpiGHVuoZm/J/JV6mcsvGX88G0sYVD0zDj4TKRAhx5aJTQ6GWrWfI01YzNwNZ
3+5+LntywanHQA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:45:39 2025 by rpki-client