
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: yOqNwBV6LfnEmMIURfABJzYNF1C+qYaoKVqHj+dHhso=
Subject key identifier: 63:C9:4F:30:92:AA:B6:25:6A:07:41:99:B9:4D:19:2E:67:0B:62:CD
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019A022340FC7AD2A5FF573772D964CF6C1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 0575
Signing time: Mon 20 Oct 2025 15:00:56 +0000
Manifest this update: Mon 20 Oct 2025 15:00:56 +0000
Manifest next update: Tue 21 Oct 2025 15:00:56 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: 8bTJJFbJ+2vn3G7rECfc/jbAuEaRVLUPM7MWSDwrElc=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:23:40:fc:7a:d2:a5:ff:57:37:72:d9:64:cf:6c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Oct 20 15:00:56 2025 GMT
Not After : Oct 21 15:00:56 2025 GMT
Subject: CN=63c94f3092aab6256a074199b94d192e670b62cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:10:94:32:59:04:d8:1e:5f:ec:4c:17:3e:95:
ec:3f:72:26:4d:e1:4d:24:b5:7a:2c:f7:c8:88:80:
c5:ba:87:10:b3:81:3d:88:99:2a:dd:e9:f1:f8:c7:
96:71:1d:93:19:33:47:a8:54:8f:ca:7e:9b:e6:06:
db:bd:d2:3d:c9:8a:b0:0a:5e:bf:78:08:56:88:13:
ba:b8:ec:91:11:12:5c:a9:6d:82:65:40:59:0a:55:
06:8a:5e:4e:cb:c7:16:20:58:1e:0a:4b:bb:9f:ea:
0c:35:d7:69:61:5c:11:f6:43:b0:92:02:66:c9:08:
93:17:c9:bf:63:8e:85:e3:7c:f6:f1:d3:89:22:75:
a3:0e:3b:9e:db:3c:14:da:e0:50:33:7b:4f:52:c9:
89:f8:9d:91:19:29:3d:3f:ee:b6:6d:46:5f:3e:1a:
1e:4d:34:0d:78:95:3f:7f:91:69:b9:aa:97:d2:b5:
a8:94:68:f0:08:55:f3:5f:81:42:10:01:d8:26:d4:
e7:a3:90:dd:b3:0b:e6:cb:82:66:7c:d9:26:e6:70:
3a:fd:df:7a:2e:86:bf:3a:f0:3e:31:c2:62:d4:8c:
2f:9f:5b:9b:5f:43:90:de:0e:ad:64:0b:eb:95:56:
94:37:16:63:45:ac:e4:dc:fe:61:6f:ac:c7:d6:0c:
17:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C9:4F:30:92:AA:B6:25:6A:07:41:99:B9:4D:19:2E:67:0B:62:CD
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:ee:f5:5b:d1:a5:c4:14:32:39:1c:36:82:bd:4a:b4:7d:9c:
ee:70:ba:a6:53:38:ff:ac:8c:3c:cd:07:ed:80:a9:63:b4:50:
54:ae:4a:2e:8f:6a:58:8a:c0:96:53:24:d6:85:9e:0d:f6:1d:
17:95:df:dd:4f:f9:15:1e:f8:e8:17:65:59:e5:49:4e:6f:d0:
ff:95:2a:52:07:4e:fa:41:32:12:e6:cf:71:46:99:b3:8b:0a:
80:47:dd:69:43:1a:11:fd:0d:83:ac:b9:7f:c6:7d:5e:27:15:
23:4f:29:b0:ae:e0:5e:22:7c:17:28:db:7e:bc:68:80:4e:11:
f5:be:63:28:d0:06:11:30:f9:3d:e1:07:2a:d3:88:cd:ad:97:
f5:28:50:46:16:e6:1b:ea:b9:15:9f:aa:bb:29:4c:9d:97:1d:
b9:10:25:71:89:d7:6f:90:5f:d0:63:5c:12:96:80:9d:52:2d:
d4:ca:f7:1e:9d:61:61:54:9c:db:ec:b9:94:60:2d:65:dc:f1:
12:64:3a:a7:f8:fc:e2:e5:e2:4a:67:36:68:53:16:eb:28:ce:
46:68:d2:9e:e7:e8:25:9e:0d:d4:cb:7d:6b:0e:58:b8:f0:81:
71:af:80:76:04:4b:ec:71:59:1c:16:55:ff:2e:7c:8b:99:9b:
e2:3c:be:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCI0D8etKl/1c3ctlkz2weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUxMDIwMTUwMDU2WhcNMjUxMDIxMTUwMDU2WjAzMTEwLwYDVQQD
Eyg2M2M5NGYzMDkyYWFiNjI1NmEwNzQxOTliOTRkMTkyZTY3MGI2MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBCUMlkE2B5f7EwXPpXsP3ImTeFN
JLV6LPfIiIDFuocQs4E9iJkq3enx+MeWcR2TGTNHqFSPyn6b5gbbvdI9yYqwCl6/
eAhWiBO6uOyRERJcqW2CZUBZClUGil5Oy8cWIFgeCku7n+oMNddpYVwR9kOwkgJm
yQiTF8m/Y46F43z28dOJInWjDjue2zwU2uBQM3tPUsmJ+J2RGSk9P+62bUZfPhoe
TTQNeJU/f5FpuaqX0rWolGjwCFXzX4FCEAHYJtTno5Ddswvmy4JmfNkm5nA6/d96
Loa/OvA+McJi1Iwvn1ubX0OQ3g6tZAvrlVaUNxZjRazk3P5hb6zH1gwXqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPJTzCSqrYlagdBmblNGS5nC2LNMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmO71W9Gl
xBQyORw2gr1KtH2c7nC6plM4/6yMPM0H7YCpY7RQVK5KLo9qWIrAllMk1oWeDfYd
F5Xf3U/5FR746BdlWeVJTm/Q/5UqUgdO+kEyEubPcUaZs4sKgEfdaUMaEf0Ng6y5
f8Z9XicVI08psK7gXiJ8FyjbfrxogE4R9b5jKNAGETD5PeEHKtOIza2X9ShQRhbm
G+q5FZ+quylMnZcduRAlcYnXb5Bf0GNcEpaAnVIt1Mr3Hp1hYVSc2+y5lGAtZdzx
EmQ6p/j84uXiSmc2aFMW6yjORmjSnufoJZ4N1Mt9aw5YuPCBca+AdgRL7HFZHBZV
/y58i5mb4jy+cQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:27:46 2025 by rpki-client