Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.mft
File: i58lgoNRffGYWTiOE7rRrgJopfs.mft (raw, json)
Hash identifier: Xyc30vktPOaDW+W4oaPjnTj6ao0dA2ZAmqtvKJ+mJbk=
Subject key identifier: 96:9A:1D:F9:D6:CA:93:B6:53:69:EA:2F:6B:E2:AC:7C:13:A0:D2:8A
Authority key identifier: 8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
Certificate issuer: /CN=8b9f258283517df19859388e13bad1ae0268a5fb
Certificate serial: 0199FC58BAB0AB1929DA1A0D10C38B03FE1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 12:01:37 +0000
Manifest this update: Sun 19 Oct 2025 12:01:37 +0000
Manifest next update: Mon 20 Oct 2025 12:01:37 +0000
Files and hashes: 1: aUEo_6I1NIoEpJrfmKA_-34y2x4.roa (hash: qf/pPhy348tojuz4A7OR24KHAsQ8d6peWd65flxSoJ4=)
2: i58lgoNRffGYWTiOE7rRrgJopfs.crl (hash: lKyamX2iNDgIdCukW4PzHW2r+Yj8mTm7uCEcp92EVfg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:ba:b0:ab:19:29:da:1a:0d:10:c3:8b:03:fe:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9f258283517df19859388e13bad1ae0268a5fb
Validity
Not Before: Oct 19 12:01:37 2025 GMT
Not After : Oct 20 12:01:37 2025 GMT
Subject: CN=969a1df9d6ca93b65369ea2f6be2ac7c13a0d28a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:49:a8:3d:c4:48:87:cf:20:1a:1c:75:74:
0f:6f:43:13:d0:ec:3f:ba:0a:a3:e5:3f:41:a9:50:
3a:33:8e:05:d4:cd:6c:73:f8:b8:6c:df:5c:72:23:
6e:70:dd:6c:90:38:4f:56:a6:be:5d:9f:6b:0a:ba:
be:14:66:34:65:2d:1e:77:63:20:b7:e8:50:53:25:
2e:78:46:f5:8f:9e:25:5f:11:8c:81:a4:f1:e0:a3:
d9:a8:39:f3:aa:79:af:e8:09:73:8f:b3:0b:66:9e:
22:f2:ee:0f:ea:60:d1:8d:a7:b2:cc:9f:99:82:79:
a6:9c:bf:4a:99:00:48:e7:7f:f0:b9:8e:0f:77:83:
4b:3d:30:e5:02:ec:21:c8:34:23:97:7a:a0:7b:ee:
00:b9:69:0d:23:f2:96:0f:d2:ec:54:0d:b9:a4:fb:
6d:0a:6f:79:3f:bd:ab:91:3a:23:75:e1:9c:11:0c:
b5:56:38:4b:70:42:b6:ff:35:35:58:ed:05:d1:f8:
bf:c1:15:ed:ec:53:8b:d9:1f:82:f2:67:71:35:f6:
8c:35:88:86:f5:f7:ae:ba:74:6f:c4:91:93:2a:3f:
7c:73:a0:c0:96:54:45:de:b7:13:a3:19:d4:07:c8:
a5:ef:18:24:8d:4c:a4:d4:a4:3f:c9:ac:bf:51:b5:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9A:1D:F9:D6:CA:93:B6:53:69:EA:2F:6B:E2:AC:7C:13:A0:D2:8A
X509v3 Authority Key Identifier:
keyid:8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:14:cc:26:d6:6d:28:60:8c:1b:90:0e:68:31:71:94:59:76:
9e:ac:77:fa:e3:32:16:08:9e:dc:a2:ff:07:47:e8:36:86:df:
2f:02:df:1f:5e:2b:3f:d9:b2:05:b2:84:0c:76:70:b1:aa:11:
85:99:4d:de:89:de:cb:e1:2b:07:f9:55:8e:6d:92:7b:c8:e5:
46:f7:6e:68:ee:57:33:15:fb:e0:d6:dc:a6:ac:f6:88:4b:79:
fc:cb:32:f2:75:f3:1a:56:9a:4e:4e:13:e4:b2:07:3e:5a:77:
b5:5f:6d:24:af:1d:2d:83:d0:4a:5c:15:64:28:6e:3b:df:3a:
ac:70:c0:e3:2f:20:3b:60:11:d5:86:6b:15:ab:04:bc:7b:97:
64:3c:7c:fc:50:f3:a3:5a:05:97:0e:f9:c0:4b:a7:0a:6d:da:
52:f4:1e:aa:ab:d9:b7:41:1a:1c:36:ef:f7:f7:43:b7:8d:1a:
22:1a:b6:b4:2b:ad:1a:8b:dd:70:37:75:69:d7:e9:18:44:27:
51:00:23:c9:fe:36:24:bc:43:ca:dd:18:ea:9b:2b:6a:13:c9:
0e:f5:97:d4:ca:d1:92:f9:e3:89:0e:55:8d:a3:40:a5:8d:5b:
50:16:26:ae:96:20:08:a0:0d:cc:ce:23:b7:d7:bb:bd:93:fa:
0d:e1:aa:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLqwqxkp2hoNEMOLA/4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWYyNTgyODM1MTdkZjE5ODU5Mzg4ZTEzYmFkMWFlMDI2
OGE1ZmIwHhcNMjUxMDE5MTIwMTM3WhcNMjUxMDIwMTIwMTM3WjAzMTEwLwYDVQQD
Eyg5NjlhMWRmOWQ2Y2E5M2I2NTM2OWVhMmY2YmUyYWM3YzEzYTBkMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRNJqD3ESIfPIBocdXQPb0MT0Ow/
ugqj5T9BqVA6M44F1M1sc/i4bN9cciNucN1skDhPVqa+XZ9rCrq+FGY0ZS0ed2Mg
t+hQUyUueEb1j54lXxGMgaTx4KPZqDnzqnmv6Alzj7MLZp4i8u4P6mDRjaeyzJ+Z
gnmmnL9KmQBI53/wuY4Pd4NLPTDlAuwhyDQjl3qge+4AuWkNI/KWD9LsVA25pPtt
Cm95P72rkTojdeGcEQy1VjhLcEK2/zU1WO0F0fi/wRXt7FOL2R+C8mdxNfaMNYiG
9feuunRvxJGTKj98c6DAllRF3rcToxnUB8il7xgkjUyk1KQ/yay/UbW6BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJaaHfnWypO2U2nqL2virHwToNKKMB8GA1UdIwQY
MBaAFIufJYKDUX3xmFk4jhO60a4CaKX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTU4bGdvTlJmZkdZV1RpT0U3clJyZ0pvcGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81MjhlMjEtMjNiMi00NDM2LWJjOGIt
OGY1ZTk5N2FiMWI1LzEvaTU4bGdvTlJmZkdZV1RpT0U3clJyZ0pvcGZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81MjhlMjEtMjNiMi00NDM2LWJjOGItOGY1ZTk5N2FiMWI1
LzEvaTU4bGdvTlJmZkdZV1RpT0U3clJyZ0pvcGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRTMJtZt
KGCMG5AOaDFxlFl2nqx3+uMyFgie3KL/B0foNobfLwLfH14rP9myBbKEDHZwsaoR
hZlN3oney+ErB/lVjm2Se8jlRvduaO5XMxX74Nbcpqz2iEt5/Msy8nXzGlaaTk4T
5LIHPlp3tV9tJK8dLYPQSlwVZChuO986rHDA4y8gO2AR1YZrFasEvHuXZDx8/FDz
o1oFlw75wEunCm3aUvQeqqvZt0EaHDbv9/dDt40aIhq2tCutGovdcDd1adfpGEQn
UQAjyf42JLxDyt0Y6psrahPJDvWX1MrRkvnjiQ5VjaNApY1bUBYmrpYgCKANzM4j
t9e7vZP6DeGqBQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:56:25 2025 by rpki-client