Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json)
Hash identifier: bBXCEsKrHe+qc7v/onroWev9Z/cHpNVSj53gareCrPA=
Subject key identifier: D4:0D:B3:B1:08:D0:19:2D:F1:E5:C0:3C:F0:6A:43:02:29:90:70:73
Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Certificate serial: 019A00357A2123981F22AFB6E824781F87BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
Manifest number: 0570
Signing time: Mon 20 Oct 2025 06:01:35 +0000
Manifest this update: Mon 20 Oct 2025 06:01:35 +0000
Manifest next update: Tue 21 Oct 2025 06:01:35 +0000
Files and hashes: 1: AgvVH_Z5ZikBFIUyEGB_f4ftLfg.roa (hash: Ii6l1o1UjR6zsFk/Ik5xPFxEIQrzvV/YcOC6UeUTh7g=)
2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: EkI/ZaOF9Ukxe3aH33gWNhfjZ7yw7WV1oz9kl+gI6Ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:7a:21:23:98:1f:22:af:b6:e8:24:78:1f:87:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Validity
Not Before: Oct 20 06:01:35 2025 GMT
Not After : Oct 21 06:01:35 2025 GMT
Subject: CN=d40db3b108d0192df1e5c03cf06a430229907073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:95:3c:c0:8e:f8:d0:e5:61:db:8b:78:4e:
bd:9c:d6:37:99:0b:66:5d:34:e5:f8:50:60:be:b1:
cd:25:63:f2:ef:b8:da:e2:47:8d:a8:56:56:22:75:
cb:15:1c:78:83:3d:60:76:e1:88:f3:62:6d:15:c9:
66:a8:64:e5:4d:ba:01:f5:38:0e:38:95:12:60:14:
f0:5f:c6:bc:fb:9b:89:cb:25:d6:79:77:5c:87:e3:
59:30:1a:ff:c0:a0:07:23:aa:51:1a:0c:b4:19:b4:
da:27:c8:9b:80:7f:f1:b3:87:89:66:58:50:63:84:
6e:09:c0:fc:25:b2:04:36:c0:b5:37:16:80:a3:f7:
03:42:88:f3:5a:63:df:8e:3d:6d:d1:00:c4:d2:75:
95:07:b6:c7:ef:14:76:93:21:9e:05:68:06:fa:23:
02:80:ee:18:d5:b5:45:1e:06:f7:65:32:00:d2:87:
54:7f:5d:0d:e3:4e:33:d3:91:d1:6e:97:22:71:4f:
b1:6a:70:cd:0e:ad:0e:76:7c:03:6f:ce:59:61:84:
6e:fc:de:07:b0:60:14:b9:f6:2a:a2:86:77:34:41:
20:fc:73:f7:92:d8:d3:23:a1:d0:8d:60:26:e2:ec:
1c:8c:a9:e0:95:5d:58:e3:3f:1a:f8:12:b3:f5:35:
96:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0D:B3:B1:08:D0:19:2D:F1:E5:C0:3C:F0:6A:43:02:29:90:70:73
X509v3 Authority Key Identifier:
keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:d9:97:3e:90:73:a6:6f:06:52:7c:d5:ea:34:d6:18:b5:1b:
75:87:06:65:0e:b0:34:43:c4:0d:54:59:4a:b1:76:80:42:84:
fc:a4:a8:a1:70:fa:28:32:ff:4f:57:c8:14:01:d7:ce:0b:ff:
c5:72:a7:33:57:c8:95:b9:27:74:66:d4:b8:03:dd:3c:10:07:
ad:3b:78:9e:84:bf:d6:2c:9f:c6:09:98:90:30:ca:36:6c:85:
28:f0:26:d2:73:8a:67:0f:93:94:b1:10:03:a7:0b:2d:50:6e:
3e:ee:e8:c8:b6:1b:e4:dd:76:fa:6a:f2:c1:66:f8:df:cb:c5:
33:79:bf:72:cd:7b:6c:20:3a:10:f0:df:15:47:91:14:83:27:
14:ad:d3:9d:5e:b9:a6:6b:33:70:08:a1:c7:94:5f:61:70:8d:
d0:cb:10:2d:b1:c3:d5:70:be:51:0e:9e:f3:7a:32:5a:47:7c:
43:99:e7:65:f8:10:96:ad:78:6a:0f:0b:5c:39:8c:79:a9:26:
42:72:2a:91:4e:68:0e:1f:a3:41:47:0a:95:10:a8:f0:95:0b:
d1:2a:fa:f5:62:43:2a:63:d5:61:80:0a:1e:47:73:0d:49:a6:
63:91:e8:3d:fb:7f:6d:e5:ad:f2:bf:70:ba:5d:0f:c7:ff:e1:
78:51:04:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANXohI5gfIq+26CR4H4e9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx
ZWY1MTAwHhcNMjUxMDIwMDYwMTM1WhcNMjUxMDIxMDYwMTM1WjAzMTEwLwYDVQQD
EyhkNDBkYjNiMTA4ZDAxOTJkZjFlNWMwM2NmMDZhNDMwMjI5OTA3MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosSVPMCO+NDlYduLeE69nNY3mQtm
XTTl+FBgvrHNJWPy77ja4keNqFZWInXLFRx4gz1gduGI82JtFclmqGTlTboB9TgO
OJUSYBTwX8a8+5uJyyXWeXdch+NZMBr/wKAHI6pRGgy0GbTaJ8ibgH/xs4eJZlhQ
Y4RuCcD8JbIENsC1NxaAo/cDQojzWmPfjj1t0QDE0nWVB7bH7xR2kyGeBWgG+iMC
gO4Y1bVFHgb3ZTIA0odUf10N404z05HRbpcicU+xanDNDq0OdnwDb85ZYYRu/N4H
sGAUufYqooZ3NEEg/HP3ktjTI6HQjWAm4uwcjKnglV1Y4z8a+BKz9TWWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQNs7EI0Bkt8eXAPPBqQwIpkHBzMB8GA1UdIwQY
MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt
NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl
LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9mXPpBz
pm8GUnzV6jTWGLUbdYcGZQ6wNEPEDVRZSrF2gEKE/KSooXD6KDL/T1fIFAHXzgv/
xXKnM1fIlbkndGbUuAPdPBAHrTt4noS/1iyfxgmYkDDKNmyFKPAm0nOKZw+TlLEQ
A6cLLVBuPu7oyLYb5N12+mrywWb438vFM3m/cs17bCA6EPDfFUeRFIMnFK3TnV65
pmszcAihx5RfYXCN0MsQLbHD1XC+UQ6e83oyWkd8Q5nnZfgQlq14ag8LXDmMeakm
QnIqkU5oDh+jQUcKlRCo8JUL0Sr69WJDKmPVYYAKHkdzDUmmY5HoPft/beWt8r9w
ul0Px//heFEEsA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:07:37 2025 by rpki-client