Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: G/wWaPf/cXB+NKiwyVXui1eDkQax9Khd1orTFTGWFlg=
Subject key identifier: 82:91:2C:43:BA:A7:B6:19:3C:75:0B:7C:DA:14:62:72:52:9A:24:CD
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019A511987258BF1249B35AC2B54B69D9FC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 169F
Signing time: Tue 04 Nov 2025 23:00:18 +0000
Manifest this update: Tue 04 Nov 2025 23:00:18 +0000
Manifest next update: Wed 05 Nov 2025 23:00:18 +0000
Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: t90dggzbGQm97o9DhlNH0m5CoxZ+YWRuufwmYrL+4oU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:19:87:25:8b:f1:24:9b:35:ac:2b:54:b6:9d:9f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Nov 4 23:00:18 2025 GMT
Not After : Nov 5 23:00:18 2025 GMT
Subject: CN=82912c43baa7b6193c750b7cda146272529a24cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:98:c8:b6:1f:00:37:04:43:e8:7c:2c:a5:28:
c5:f3:a8:ad:d1:13:63:c9:ec:ea:d5:26:bc:60:6f:
1a:fa:cc:c6:24:a4:63:17:ea:f8:50:e0:88:28:98:
f6:ac:91:29:14:b6:07:9c:fa:78:2d:cd:4e:be:53:
e7:b0:5e:9c:b5:63:0c:82:9f:57:a1:dd:60:b8:27:
07:89:57:87:4c:31:32:b2:94:21:fc:78:c0:6b:93:
f0:7d:b9:8e:92:0e:f2:db:d1:a6:83:0c:95:04:ae:
26:b7:5f:07:2f:2e:80:6d:06:dd:6f:f6:26:f5:8c:
52:7f:3c:83:52:f7:57:5e:c7:32:f8:34:9b:5a:03:
c0:50:21:b8:3f:72:f9:a0:cb:49:35:cd:40:a2:d4:
5b:26:0f:6e:e9:56:48:25:13:54:b4:31:86:75:a9:
b3:6c:8b:6f:11:a5:e1:5b:6d:8c:d4:ab:b9:26:b8:
05:6d:75:e0:c8:2b:4d:3a:f4:5f:49:eb:8d:2d:7c:
53:49:06:37:94:4a:a4:a9:a6:d5:3a:74:b6:d0:b7:
8e:30:3e:a4:b5:d0:ae:9f:4c:83:3a:d6:46:b7:ff:
e3:e0:da:dc:ec:b6:43:5c:2b:d1:5b:58:da:f9:7a:
2c:5f:c5:08:7c:79:b2:89:9e:46:93:c4:11:5f:2a:
49:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:91:2C:43:BA:A7:B6:19:3C:75:0B:7C:DA:14:62:72:52:9A:24:CD
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:84:4c:4f:cc:0b:df:42:61:5c:d0:a9:4a:89:f1:1f:83:42:
b2:4a:4d:ac:23:ac:5b:34:59:62:5b:90:a1:13:2d:62:35:49:
1e:9e:7c:d1:a1:89:9d:06:8e:ed:d3:99:67:ed:5e:0b:03:4b:
88:d5:69:d9:10:8a:39:a6:3d:58:17:0d:49:1e:be:da:21:6d:
2e:f9:fb:58:d8:88:b6:e1:82:3b:74:b3:35:65:a0:f3:cf:dc:
f8:e7:c9:95:8d:68:40:88:b5:e4:4a:a9:93:75:a5:f0:db:e2:
fb:37:82:64:c3:68:5c:2d:84:e3:df:86:16:4d:ce:0d:a2:7e:
1b:23:18:ec:45:8f:3d:c8:92:33:4d:6a:75:71:45:4b:d2:25:
d7:f0:83:b9:48:81:8f:ef:15:be:b5:ad:d4:ca:50:26:aa:37:
c5:13:84:ce:32:ce:3f:e3:3b:94:21:78:50:f1:10:38:b5:5b:
32:3e:33:6b:6e:6d:8b:59:cb:27:6e:55:9f:b2:ac:36:69:df:
b2:16:4c:04:cc:cc:b9:74:43:ea:bf:71:66:7c:62:7b:5c:c5:
79:9d:cb:f5:e5:c9:b7:70:82:8c:6e:1b:a8:8d:aa:69:3a:58:
e0:cc:10:e1:8f:28:27:fd:15:71:29:0b:aa:3d:33:14:a3:99:
36:1a:87:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGYcli/EkmzWsK1S2nZ/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUxMTA0MjMwMDE4WhcNMjUxMTA1MjMwMDE4WjAzMTEwLwYDVQQD
Eyg4MjkxMmM0M2JhYTdiNjE5M2M3NTBiN2NkYTE0NjI3MjUyOWEyNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZjIth8ANwRD6HwspSjF86it0RNj
yezq1Sa8YG8a+szGJKRjF+r4UOCIKJj2rJEpFLYHnPp4Lc1OvlPnsF6ctWMMgp9X
od1guCcHiVeHTDEyspQh/HjAa5PwfbmOkg7y29GmgwyVBK4mt18HLy6AbQbdb/Ym
9YxSfzyDUvdXXscy+DSbWgPAUCG4P3L5oMtJNc1AotRbJg9u6VZIJRNUtDGGdamz
bItvEaXhW22M1Ku5JrgFbXXgyCtNOvRfSeuNLXxTSQY3lEqkqabVOnS20LeOMD6k
tdCun0yDOtZGt//j4Nrc7LZDXCvRW1ja+XosX8UIfHmyiZ5Gk8QRXypJdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKRLEO6p7YZPHULfNoUYnJSmiTNMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoRMT8wL
30JhXNCpSonxH4NCskpNrCOsWzRZYluQoRMtYjVJHp580aGJnQaO7dOZZ+1eCwNL
iNVp2RCKOaY9WBcNSR6+2iFtLvn7WNiItuGCO3SzNWWg88/c+OfJlY1oQIi15Eqp
k3Wl8Nvi+zeCZMNoXC2E49+GFk3ODaJ+GyMY7EWPPciSM01qdXFFS9Il1/CDuUiB
j+8VvrWt1MpQJqo3xROEzjLOP+M7lCF4UPEQOLVbMj4za25ti1nLJ25Vn7KsNmnf
shZMBMzMuXRD6r9xZnxie1zFeZ3L9eXJt3CCjG4bqI2qaTpY4MwQ4Y8oJ/0VcSkL
qj0zFKOZNhqHqg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:18:54 2025 by rpki-client