
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: qMMT9vfE8C94uQkH++DNcwn9O3FB+Qac2el9xiemch4=
Subject key identifier: 73:B9:69:52:A1:2D:FA:40:F1:DF:2E:7D:FD:02:90:CF:A2:43:1E:65
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 0199FE4758CF821197957E284A03DA0B0075
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 0573
Signing time: Sun 19 Oct 2025 21:01:52 +0000
Manifest this update: Sun 19 Oct 2025 21:01:52 +0000
Manifest next update: Mon 20 Oct 2025 21:01:52 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: FMhLgzn3xWELB6UcgxsjLmZ5v7t0Pj51jPQuLfZFZFo=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:47:58:cf:82:11:97:95:7e:28:4a:03:da:0b:00:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Oct 19 21:01:52 2025 GMT
Not After : Oct 20 21:01:52 2025 GMT
Subject: CN=73b96952a12dfa40f1df2e7dfd0290cfa2431e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c6:56:d2:6a:0d:12:00:32:e7:eb:a5:8b:3c:
40:e6:d1:9e:f5:f0:22:b5:f7:a4:66:0a:7f:58:c0:
5c:e9:86:aa:a6:13:f0:f4:20:64:36:2e:cd:ab:a2:
12:4b:a2:31:c6:73:a3:c1:b4:85:5d:82:ef:2c:be:
67:88:65:63:0e:57:ad:88:ab:d5:06:6a:0a:0f:3e:
aa:56:57:5b:88:75:14:1f:ac:3f:59:74:b3:14:d6:
87:8a:f6:48:8e:8f:0c:de:f2:39:3d:8c:48:70:6d:
1e:59:e6:df:c8:c3:7f:74:a0:94:ac:c0:e2:4a:ae:
f5:73:4e:ed:3e:24:c0:3c:e4:80:25:5b:c3:b0:3f:
4a:f5:3b:f3:d9:51:39:48:40:bb:34:87:3e:36:88:
b4:2f:d2:87:82:29:9a:cb:24:7e:b6:a0:6a:1d:75:
cd:af:ba:5a:b1:43:12:5a:2f:1e:db:8a:9f:36:d0:
a0:65:3d:64:dd:bf:e2:75:e9:fc:7d:fb:3c:05:3b:
ce:1d:23:28:1b:a9:5b:ef:29:40:ca:29:2a:9e:0c:
89:7b:66:fd:f0:26:a3:f8:e3:cd:8d:b4:51:6f:14:
3f:e0:fb:87:39:2d:5d:ed:f9:4e:a9:38:4d:6e:c9:
aa:f0:6b:dd:21:6e:18:54:4e:2b:24:a6:39:28:23:
35:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B9:69:52:A1:2D:FA:40:F1:DF:2E:7D:FD:02:90:CF:A2:43:1E:65
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:de:71:95:2b:de:68:d8:19:ac:86:8b:30:a9:48:a5:ad:ed:
72:fa:e8:3c:52:5f:ab:81:ec:93:05:30:92:0a:7d:11:12:ab:
dd:d1:0b:37:05:f6:2b:40:1c:a3:8a:74:ca:f5:cf:99:90:19:
cc:4e:d8:6e:24:26:ac:52:a2:fe:dd:b5:b8:89:53:7d:6d:9c:
62:25:ea:a2:3c:49:d0:93:16:0c:09:1f:27:44:98:99:96:5e:
e7:d5:a5:1d:bc:d8:60:98:96:4b:17:b3:d2:38:23:8c:81:bf:
c0:be:0c:69:d7:3c:41:85:cf:85:eb:bc:68:c0:7f:6f:26:c1:
7d:26:81:c1:c7:14:43:9c:3d:92:86:d6:42:72:4f:0e:25:60:
00:67:44:6f:d6:b9:11:d7:43:03:90:00:b3:6d:05:eb:f5:f5:
75:f1:41:a5:1d:df:dd:12:d2:47:cc:ce:d1:f5:19:51:68:c4:
66:80:41:73:05:43:f4:3a:5f:ce:82:8b:58:cc:9e:ad:8c:38:
f5:b2:ed:6b:81:e4:09:53:3b:d4:89:9e:91:15:df:c6:59:2a:
7e:54:dd:8f:ff:42:7e:fc:63:8b:62:b4:b0:23:1f:2c:c2:c1:
34:cd:81:11:34:f7:93:46:cf:17:9e:25:63:6e:e4:d9:f0:58:
76:d1:98:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R1jPghGXlX4oSgPaCwB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUxMDE5MjEwMTUyWhcNMjUxMDIwMjEwMTUyWjAzMTEwLwYDVQQD
Eyg3M2I5Njk1MmExMmRmYTQwZjFkZjJlN2RmZDAyOTBjZmEyNDMxZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ZW0moNEgAy5+ulizxA5tGe9fAi
tfekZgp/WMBc6YaqphPw9CBkNi7Nq6ISS6IxxnOjwbSFXYLvLL5niGVjDletiKvV
BmoKDz6qVldbiHUUH6w/WXSzFNaHivZIjo8M3vI5PYxIcG0eWebfyMN/dKCUrMDi
Sq71c07tPiTAPOSAJVvDsD9K9Tvz2VE5SEC7NIc+Noi0L9KHgimayyR+tqBqHXXN
r7pasUMSWi8e24qfNtCgZT1k3b/iden8ffs8BTvOHSMoG6lb7ylAyikqngyJe2b9
8Caj+OPNjbRRbxQ/4PuHOS1d7flOqThNbsmq8GvdIW4YVE4rJKY5KCM1aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO5aVKhLfpA8d8uff0CkM+iQx5lMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB95xlSve
aNgZrIaLMKlIpa3tcvroPFJfq4HskwUwkgp9ERKr3dELNwX2K0Aco4p0yvXPmZAZ
zE7YbiQmrFKi/t21uIlTfW2cYiXqojxJ0JMWDAkfJ0SYmZZe59WlHbzYYJiWSxez
0jgjjIG/wL4Madc8QYXPheu8aMB/bybBfSaBwccUQ5w9kobWQnJPDiVgAGdEb9a5
EddDA5AAs20F6/X1dfFBpR3f3RLSR8zO0fUZUWjEZoBBcwVD9DpfzoKLWMyerYw4
9bLta4HkCVM71ImekRXfxlkqflTdj/9Cfvxji2K0sCMfLMLBNM2BETT3k0bPF54l
Y27k2fBYdtGYrg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:59:26 2025 by rpki-client