Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: dK4GCvxFW1Ml82oPg0q0RmeyJAqdJMpWYCuqhDlUTIw=
Subject key identifier: 9C:6E:1B:EE:EF:1D:08:9D:4A:33:39:22:E9:AB:06:D7:61:AC:F6:41
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 0199FE474CC1DAFF8DF9CCC425ED33A2BB17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 21:01:49 +0000
Manifest this update: Sun 19 Oct 2025 21:01:49 +0000
Manifest next update: Mon 20 Oct 2025 21:01:49 +0000
Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: X7DkTrL7h5ECMMQH4X3C86h1NaRS/QnI/JnqYp1y0YI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:47:4c:c1:da:ff:8d:f9:cc:c4:25:ed:33:a2:bb:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Oct 19 21:01:49 2025 GMT
Not After : Oct 20 21:01:49 2025 GMT
Subject: CN=9c6e1beeef1d089d4a333922e9ab06d761acf641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:ea:17:cc:76:be:2f:79:3f:a7:85:7a:5f:
8a:2c:cc:1c:d0:2b:d3:99:22:5d:96:45:51:4d:3f:
02:f1:43:ab:99:a4:2d:0d:24:09:e7:20:3a:95:34:
dd:a3:bc:8b:b1:52:83:f2:99:ac:71:a3:97:65:08:
43:28:1f:5c:f3:a4:47:ec:2a:2a:d1:25:9c:1e:fe:
40:f0:75:e9:12:e6:d6:8a:8e:26:e7:50:48:5d:c3:
4a:fa:44:cc:8c:4e:e4:eb:fa:99:93:9e:e4:3c:40:
54:52:87:b7:aa:6b:74:35:56:63:7a:0a:9a:7a:5e:
d8:f5:c3:f0:72:3c:db:42:d0:4b:0c:2d:14:73:00:
62:48:8b:a3:0e:4d:c0:ca:cf:72:18:27:ae:aa:dc:
92:87:43:81:b3:38:81:5e:9a:e2:66:dc:12:9f:ed:
83:be:19:16:e1:26:d9:46:d1:a9:dd:e2:1a:4a:3d:
8f:28:8c:44:92:0c:44:e8:e4:82:5f:07:4b:33:a3:
fb:62:92:fb:c7:9e:a0:d3:0b:71:62:d3:ff:32:d8:
d7:72:f0:c3:8a:10:3c:39:f1:7f:e9:46:0a:c4:e0:
d7:b7:74:5a:e6:49:cf:b7:30:2b:4e:96:6d:49:b5:
24:21:0f:08:e1:99:9d:26:b5:64:b0:1b:f8:0c:10:
b9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6E:1B:EE:EF:1D:08:9D:4A:33:39:22:E9:AB:06:D7:61:AC:F6:41
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:d4:65:dc:4e:6b:23:71:a9:7a:74:46:27:f6:48:77:31:8d:
56:c9:b9:96:37:c8:b1:a8:51:9f:37:c3:54:af:d3:81:45:a8:
48:cd:59:9d:13:17:6d:e7:8c:15:2e:b0:ac:85:93:82:fc:ef:
09:11:08:07:8e:c2:21:c1:b8:60:ed:19:8a:35:de:cc:04:b7:
d5:94:7a:0d:32:cc:cb:b8:0a:9e:1d:78:db:15:89:73:c6:46:
64:ec:c9:23:8f:ef:67:24:00:34:85:e6:43:2a:bd:72:eb:9b:
07:05:96:b8:0b:5f:5c:92:d1:2e:1d:ad:4a:dc:f1:9f:7a:2d:
a8:7f:c4:8a:e4:03:30:0c:7c:59:f7:c0:95:b6:00:06:85:09:
9d:a7:7d:58:51:0d:b4:38:31:a1:3d:99:ab:60:22:6b:a6:f6:
44:3f:4b:0c:55:98:e5:57:95:3b:29:3a:67:a8:6a:ad:53:40:
e7:5d:50:01:b3:ea:c2:ba:9a:2e:64:a6:9d:b9:82:61:3c:5d:
56:2b:8f:bb:ed:c3:59:16:de:b6:c1:1b:81:85:56:a0:8e:ff:
2d:5d:63:ba:40:7d:23:b3:59:37:19:d3:97:73:26:86:5c:4e:
8e:53:b9:17:c6:72:02:69:0c:4e:ca:02:c9:2b:a6:63:9f:4e:
2b:76:f1:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R0zB2v+N+czEJe0zorsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUxMDE5MjEwMTQ5WhcNMjUxMDIwMjEwMTQ5WjAzMTEwLwYDVQQD
Eyg5YzZlMWJlZWVmMWQwODlkNGEzMzM5MjJlOWFiMDZkNzYxYWNmNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscvqF8x2vi95P6eFel+KLMwc0CvT
mSJdlkVRTT8C8UOrmaQtDSQJ5yA6lTTdo7yLsVKD8pmscaOXZQhDKB9c86RH7Coq
0SWcHv5A8HXpEubWio4m51BIXcNK+kTMjE7k6/qZk57kPEBUUoe3qmt0NVZjegqa
el7Y9cPwcjzbQtBLDC0UcwBiSIujDk3Ays9yGCeuqtySh0OBsziBXpriZtwSn+2D
vhkW4SbZRtGp3eIaSj2PKIxEkgxE6OSCXwdLM6P7YpL7x56g0wtxYtP/MtjXcvDD
ihA8OfF/6UYKxODXt3Ra5knPtzArTpZtSbUkIQ8I4ZmdJrVksBv4DBC5SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxuG+7vHQidSjM5IumrBtdhrPZBMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAttRl3E5r
I3GpenRGJ/ZIdzGNVsm5ljfIsahRnzfDVK/TgUWoSM1ZnRMXbeeMFS6wrIWTgvzv
CREIB47CIcG4YO0ZijXezAS31ZR6DTLMy7gKnh142xWJc8ZGZOzJI4/vZyQANIXm
Qyq9cuubBwWWuAtfXJLRLh2tStzxn3otqH/EiuQDMAx8WffAlbYABoUJnad9WFEN
tDgxoT2Zq2Aia6b2RD9LDFWY5VeVOyk6Z6hqrVNA511QAbPqwrqaLmSmnbmCYTxd
ViuPu+3DWRbetsEbgYVWoI7/LV1jukB9I7NZNxnTl3MmhlxOjlO5F8ZyAmkMTsoC
ySumY59OK3bx5A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:07:22 2025 by rpki-client