Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: wT26k2d26GOoHmB5T/s2/bFgHie4YmRJOpM+IxzJsxs=
Subject key identifier: 4C:AF:5C:47:AF:FC:2D:6C:2C:45:C8:35:38:83:53:6A:E3:61:7E:92
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 0199FAA14FDBC463C7F7AE5052BD68935183
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 0EC2
Signing time: Sun 19 Oct 2025 04:01:39 +0000
Manifest this update: Sun 19 Oct 2025 04:01:39 +0000
Manifest next update: Mon 20 Oct 2025 04:01:39 +0000
Files and hashes: 1: hi3FrnF-3jLI3lIxcnrMYtC-4ow.roa (hash: Hon+3addqQMzwZi2hE3IgLssZw3bA0MMDqOLsP3ZK0E=)
2: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: wpmjugmaL+gQCTVHPgwZY1fOWjrrlTTX17JVakfQfrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:a1:4f:db:c4:63:c7:f7:ae:50:52:bd:68:93:51:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Oct 19 04:01:39 2025 GMT
Not After : Oct 20 04:01:39 2025 GMT
Subject: CN=4caf5c47affc2d6c2c45c8353883536ae3617e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:38:a7:4b:96:6a:2e:14:f4:5a:ce:01:a4:
61:58:71:de:61:78:6b:ec:72:d4:a2:20:c3:95:0d:
de:24:cb:91:91:ee:ea:25:6c:36:79:e8:b2:70:2b:
d9:06:ff:db:18:cd:fd:1f:4e:5e:0f:4c:aa:41:6d:
c2:e3:16:23:3a:b3:3b:ee:46:1e:d0:a7:e8:31:16:
5a:ba:61:27:07:be:32:97:79:de:42:42:6f:a1:23:
17:a9:ff:d2:3d:80:7b:15:c1:b1:f8:b3:8f:44:4d:
88:88:25:97:0b:24:a6:98:25:35:a8:49:35:e9:6f:
7e:78:10:80:92:88:a1:60:00:7d:c5:f2:55:97:2a:
55:c8:c8:4a:20:46:03:2a:59:ee:55:f4:9f:46:0a:
d1:84:00:49:3e:9e:dc:29:72:31:d9:c0:3b:29:dc:
dd:b7:7f:f3:aa:51:a9:16:4c:df:f2:e6:9a:c1:f8:
67:34:9e:d2:08:44:cf:84:5d:3e:bf:fd:46:a6:81:
4d:1c:6d:5a:25:a3:9c:2b:ac:3f:d1:a7:9a:c2:b7:
62:ca:aa:53:af:9b:1c:10:f8:94:83:c7:03:55:41:
61:4a:ba:e9:0d:d1:7f:3b:f0:03:f6:61:86:13:46:
16:d8:aa:54:49:d4:59:d7:86:1d:2d:b1:71:5f:4d:
b6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AF:5C:47:AF:FC:2D:6C:2C:45:C8:35:38:83:53:6A:E3:61:7E:92
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:ec:0a:98:8b:8d:eb:0f:a1:fe:d7:a2:7f:f1:b9:6e:84:38:
05:0f:7a:49:fd:a8:82:1b:89:89:17:6a:79:09:70:44:33:05:
e6:20:5b:5c:0f:65:55:81:31:5c:23:fe:39:5f:d2:b1:32:65:
94:ad:39:54:4a:4c:1c:93:b3:80:5f:21:85:13:83:38:e8:a2:
f2:41:19:d1:2d:f0:4f:ff:75:9f:d2:9c:66:82:a5:4f:7b:50:
0f:d9:21:91:7d:4e:e7:fc:58:41:e4:0f:61:4c:c4:3b:ce:0b:
76:a7:c3:8a:c7:8c:91:8b:e2:f6:4f:9f:69:ee:10:39:39:f0:
05:e2:1d:7a:47:74:40:32:7a:77:07:b3:e8:78:fd:51:5c:76:
52:19:99:b4:67:da:3c:d5:1f:52:cb:31:65:11:65:69:8b:a7:
3b:a9:15:ee:fc:68:0e:7e:a0:89:8c:f8:4b:2a:b8:fe:21:04:
e1:84:cb:5a:9d:5c:e7:34:92:93:5f:7c:21:c8:87:77:4d:14:
b7:e4:0f:33:10:4c:db:14:d1:c2:4b:24:b3:73:ea:d5:d3:9c:
9b:68:ca:b5:cf:3a:97:3b:2f:aa:9a:ff:1c:56:5c:fd:bf:32:
6f:f7:cf:ba:c7:9b:e4:f8:f0:08:26:38:ce:4e:6a:66:58:28:
0b:f9:00:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oU/bxGPH965QUr1ok1GDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjUxMDE5MDQwMTM5WhcNMjUxMDIwMDQwMTM5WjAzMTEwLwYDVQQD
Eyg0Y2FmNWM0N2FmZmMyZDZjMmM0NWM4MzUzODgzNTM2YWUzNjE3ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHg4p0uWai4U9FrOAaRhWHHeYXhr
7HLUoiDDlQ3eJMuRke7qJWw2eeiycCvZBv/bGM39H05eD0yqQW3C4xYjOrM77kYe
0KfoMRZaumEnB74yl3neQkJvoSMXqf/SPYB7FcGx+LOPRE2IiCWXCySmmCU1qEk1
6W9+eBCAkoihYAB9xfJVlypVyMhKIEYDKlnuVfSfRgrRhABJPp7cKXIx2cA7Kdzd
t3/zqlGpFkzf8uaawfhnNJ7SCETPhF0+v/1GpoFNHG1aJaOcK6w/0aeawrdiyqpT
r5scEPiUg8cDVUFhSrrpDdF/O/AD9mGGE0YW2KpUSdRZ14YdLbFxX022XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyvXEev/C1sLEXINTiDU2rjYX6SMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+wKmIuN
6w+h/teif/G5boQ4BQ96Sf2oghuJiRdqeQlwRDMF5iBbXA9lVYExXCP+OV/SsTJl
lK05VEpMHJOzgF8hhRODOOii8kEZ0S3wT/91n9KcZoKlT3tQD9khkX1O5/xYQeQP
YUzEO84LdqfDiseMkYvi9k+fae4QOTnwBeIdekd0QDJ6dwez6Hj9UVx2UhmZtGfa
PNUfUssxZRFlaYunO6kV7vxoDn6giYz4Syq4/iEE4YTLWp1c5zSSk198IciHd00U
t+QPMxBM2xTRwksks3Pq1dOcm2jKtc86lzsvqpr/HFZc/b8yb/fPuseb5PjwCCY4
zk5qZlgoC/kAXw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:18 2025 by rpki-client