Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: 8BpSJJFzF8b6XbYqNH/WX1hkeha8iY3vTdqYq2095Iw=
Subject key identifier: AC:A8:44:B5:12:BF:D5:97:1C:E6:10:95:29:10:1D:3E:E2:84:4F:9D
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 0198D6CD01A6A7D7F51B45AC3C444154540E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 04DA
Signing time: Sat 23 Aug 2025 12:00:16 +0000
Manifest this update: Sat 23 Aug 2025 12:00:16 +0000
Manifest next update: Sun 24 Aug 2025 12:00:16 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: i8dAmPC8eEaYzIjmM+B8sva2tFXrdHbz89co7ObtUVE=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:cd:01:a6:a7:d7:f5:1b:45:ac:3c:44:41:54:54:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Aug 23 12:00:16 2025 GMT
Not After : Aug 24 12:00:16 2025 GMT
Subject: CN=aca844b512bfd5971ce6109529101d3ee2844f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:18:00:f8:d3:3b:67:7e:c5:44:49:8b:d8:eb:
2c:3e:f0:1c:c0:90:a0:5d:ff:eb:5f:ad:00:4a:66:
31:db:fc:aa:9b:fd:ff:5e:db:93:19:06:42:67:ce:
02:42:20:fe:b6:3c:0d:94:4a:0d:d4:21:8f:f5:5d:
62:31:e7:8d:79:ba:ec:41:84:e0:a0:c2:96:dc:7b:
30:77:76:a3:00:ba:cc:c0:7b:71:d8:e4:d1:bd:38:
a6:21:97:1b:a1:02:5c:39:90:36:70:bc:c3:9c:69:
dc:15:8c:47:8d:c7:4c:29:8e:05:bb:9f:9e:37:a1:
5e:ae:74:60:e1:7e:aa:6b:be:5e:d0:c3:c2:2d:ec:
1d:f8:2d:3f:91:4f:c7:73:71:f9:64:be:49:75:ef:
17:5a:3c:10:65:3b:e8:37:63:3e:39:39:66:d1:03:
e6:ed:3f:de:d5:e3:d7:3a:73:96:54:a1:db:ac:9b:
6f:ff:d6:75:59:23:ae:c4:52:8e:d1:0f:c8:40:d4:
48:4d:eb:4b:fc:bd:77:57:3b:fc:59:d4:68:f2:b8:
27:f0:73:bf:74:27:21:e9:9f:31:58:58:ef:01:61:
b4:4d:91:f1:ee:73:54:53:6b:38:a4:76:26:44:16:
76:3d:d2:9f:58:0f:24:f7:eb:76:39:c2:06:18:49:
72:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A8:44:B5:12:BF:D5:97:1C:E6:10:95:29:10:1D:3E:E2:84:4F:9D
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:6b:e8:a6:09:46:bd:3a:b6:19:8b:c8:10:03:29:78:e1:e3:
5e:f9:46:17:1b:6a:b9:9a:8a:c8:8e:ff:c2:92:5f:66:8e:4f:
81:55:9b:f6:80:74:2b:2f:7c:c8:d8:2a:06:d7:5b:a9:68:70:
a9:2e:cd:0e:0e:a1:b0:e9:f7:4e:a3:be:6e:58:46:c2:89:9e:
e5:7c:4e:6e:43:56:17:04:ef:d8:1a:19:27:42:9d:55:4f:e9:
f7:70:b6:00:14:d3:cf:23:73:7c:44:57:35:0e:45:13:88:a2:
bc:bc:b6:aa:e3:4d:e7:cc:84:27:f6:c9:66:e1:6b:4d:51:9f:
c9:13:e0:31:90:ca:83:0a:89:f2:03:22:d2:fe:a9:2a:bb:fa:
b7:6e:14:3b:db:ed:0b:2f:a1:67:6a:40:42:8e:af:04:6b:b8:
6a:6d:7c:87:cf:77:0c:1a:21:d5:05:08:40:22:70:11:1a:b0:
45:36:31:ef:ae:82:78:8b:e4:2d:3e:41:00:74:63:bc:74:0e:
59:83:65:d4:c9:a8:7e:1a:c6:06:8b:40:f2:c7:ec:c6:43:74:
ea:07:e5:7b:21:91:31:b5:19:f5:6e:8b:75:5e:eb:9f:db:dc:
62:68:ef:24:9d:63:90:00:4f:c4:a7:d3:73:78:3f:c1:5a:49:
02:e9:1a:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzQGmp9f1G0WsPERBVFQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUwODIzMTIwMDE2WhcNMjUwODI0MTIwMDE2WjAzMTEwLwYDVQQD
EyhhY2E4NDRiNTEyYmZkNTk3MWNlNjEwOTUyOTEwMWQzZWUyODQ0ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBgA+NM7Z37FREmL2OssPvAcwJCg
Xf/rX60ASmYx2/yqm/3/XtuTGQZCZ84CQiD+tjwNlEoN1CGP9V1iMeeNebrsQYTg
oMKW3Hswd3ajALrMwHtx2OTRvTimIZcboQJcOZA2cLzDnGncFYxHjcdMKY4Fu5+e
N6FernRg4X6qa75e0MPCLewd+C0/kU/Hc3H5ZL5Jde8XWjwQZTvoN2M+OTlm0QPm
7T/e1ePXOnOWVKHbrJtv/9Z1WSOuxFKO0Q/IQNRITetL/L13Vzv8WdRo8rgn8HO/
dCch6Z8xWFjvAWG0TZHx7nNUU2s4pHYmRBZ2PdKfWA8k9+t2OcIGGElydwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyoRLUSv9WXHOYQlSkQHT7ihE+dMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMGvopglG
vTq2GYvIEAMpeOHjXvlGFxtquZqKyI7/wpJfZo5PgVWb9oB0Ky98yNgqBtdbqWhw
qS7NDg6hsOn3TqO+blhGwome5XxObkNWFwTv2BoZJ0KdVU/p93C2ABTTzyNzfERX
NQ5FE4iivLy2quNN58yEJ/bJZuFrTVGfyRPgMZDKgwqJ8gMi0v6pKrv6t24UO9vt
Cy+hZ2pAQo6vBGu4am18h893DBoh1QUIQCJwERqwRTYx766CeIvkLT5BAHRjvHQO
WYNl1MmofhrGBotA8sfsxkN06gfleyGRMbUZ9W6LdV7rn9vcYmjvJJ1jkABPxKfT
c3g/wVpJAukaZw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:40:51 2025 by rpki-client