Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: Bgp/8z9+Z5v/xzlHn/1a6XxT2XIt+byrgKrVsD2LUMg=
Subject key identifier: 97:4F:A0:78:3D:CA:C6:1B:EC:28:D1:F3:E5:8D:82:03:E4:3E:08:9D
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019A503E5EA1599BE0EB2CBA8F51713EA90F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 04D9
Signing time: Tue 04 Nov 2025 19:00:55 +0000
Manifest this update: Tue 04 Nov 2025 19:00:55 +0000
Manifest next update: Wed 05 Nov 2025 19:00:55 +0000
Files and hashes: 1: Q_kLSJOWLJDEhyzkodJRQWJEfMU.roa (hash: 2p8AahImaC704aSN2Sau8pFCrbFVUG9Dz60aJg9x1m8=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: XXCLsY9ebt+PnYYFfRHyryY8Y1/wck9hSpv+/sx3SmI=)
3: hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa (hash: GoC7lm4BXzEaLJBGVeCTSYenfrijER5VgtT8WvoxW4g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:5e:a1:59:9b:e0:eb:2c:ba:8f:51:71:3e:a9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Nov 4 19:00:55 2025 GMT
Not After : Nov 5 19:00:55 2025 GMT
Subject: CN=974fa0783dcac61bec28d1f3e58d8203e43e089d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:87:80:ac:ea:7e:40:d3:e1:9d:87:ad:92:c7:
b0:98:f9:bd:1c:67:62:b8:c7:5c:4d:eb:8d:50:24:
db:20:3d:a9:fa:5a:c9:63:76:a3:ad:4c:5a:55:d1:
d2:38:27:8a:af:32:51:a6:9e:7e:c9:16:49:ee:f8:
96:d4:c1:2c:62:10:44:67:22:d8:01:f1:b8:a7:2d:
3c:ec:8d:9c:91:7a:d0:46:7d:83:5a:81:5f:45:ac:
29:06:81:ac:1f:36:de:e3:80:9a:8a:fb:e5:0a:b9:
9d:07:2b:3c:f9:09:21:35:df:92:d5:15:05:ac:ce:
0a:29:58:32:21:a7:1f:35:ba:6d:04:fe:41:07:42:
ba:1d:d3:01:d4:7d:22:87:2b:80:c7:b8:45:39:6f:
87:55:12:e0:29:82:92:96:df:c6:70:d9:8b:7f:e6:
4a:90:0a:ce:8a:4c:07:86:a8:5f:25:ac:8d:d7:a1:
0a:01:4b:a9:04:33:b5:dd:2e:dc:ad:f5:28:07:b5:
dd:83:8d:ba:26:24:2c:a8:65:75:52:14:22:cb:64:
4c:9d:c5:ae:5f:27:ef:f5:21:7b:17:81:47:ec:46:
a9:13:08:1e:7a:44:b8:24:fb:21:ba:e7:42:81:c8:
79:8c:7f:f7:1a:8a:70:a8:3d:39:20:d0:41:06:b2:
23:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4F:A0:78:3D:CA:C6:1B:EC:28:D1:F3:E5:8D:82:03:E4:3E:08:9D
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:21:5d:04:91:d2:90:bb:c7:35:89:76:73:c0:d0:24:b1:3a:
cc:d8:d5:33:c7:2d:b5:3f:7f:bb:4d:b1:95:96:81:78:f4:d2:
0b:16:cd:8b:53:bf:f5:e5:fa:70:57:c5:51:2c:29:38:f8:55:
49:d4:26:15:1b:ed:50:b6:25:6e:a4:06:c3:9f:c7:07:8e:13:
96:76:07:0d:e9:12:5c:24:92:b5:45:1d:61:f8:5b:e5:77:ba:
d8:b0:d7:3f:ef:e0:ff:ae:e7:9b:92:90:70:b3:d9:ee:4d:cf:
ba:e9:a8:29:db:79:db:f2:bd:94:3b:18:c8:ee:74:d9:12:33:
13:6d:b9:c9:2b:8e:16:74:93:d8:ce:af:b4:c5:f2:29:9c:01:
ea:0a:5b:02:61:30:e8:5c:7a:fd:4e:8b:36:d1:c3:ea:01:10:
5d:7e:69:91:05:09:c0:12:c0:4d:6b:b7:bc:5c:69:2f:03:e1:
48:04:d4:8b:69:c2:27:ff:b2:0c:d7:42:45:d7:97:e0:2e:e8:
6b:00:85:ec:5e:be:39:5e:9b:c0:1a:72:07:dd:79:d7:6c:51:
0b:30:f4:01:5b:5b:2d:fe:79:0b:6d:45:ce:8a:3b:e2:54:9f:
98:77:e9:98:fd:03:20:74:fb:ab:94:49:89:ac:62:60:cb:df:
5c:e5:57:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPl6hWZvg6yy6j1FxPqkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjUxMTA0MTkwMDU1WhcNMjUxMTA1MTkwMDU1WjAzMTEwLwYDVQQD
Eyg5NzRmYTA3ODNkY2FjNjFiZWMyOGQxZjNlNThkODIwM2U0M2UwODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIeArOp+QNPhnYetksewmPm9HGdi
uMdcTeuNUCTbID2p+lrJY3ajrUxaVdHSOCeKrzJRpp5+yRZJ7viW1MEsYhBEZyLY
AfG4py087I2ckXrQRn2DWoFfRawpBoGsHzbe44CaivvlCrmdBys8+QkhNd+S1RUF
rM4KKVgyIacfNbptBP5BB0K6HdMB1H0ihyuAx7hFOW+HVRLgKYKSlt/GcNmLf+ZK
kArOikwHhqhfJayN16EKAUupBDO13S7crfUoB7Xdg426JiQsqGV1UhQiy2RMncWu
Xyfv9SF7F4FH7EapEwgeekS4JPshuudCgch5jH/3GopwqD05INBBBrIj1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdPoHg9ysYb7CjR8+WNggPkPgidMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAciFdBJHS
kLvHNYl2c8DQJLE6zNjVM8cttT9/u02xlZaBePTSCxbNi1O/9eX6cFfFUSwpOPhV
SdQmFRvtULYlbqQGw5/HB44TlnYHDekSXCSStUUdYfhb5Xe62LDXP+/g/67nm5KQ
cLPZ7k3PuumoKdt52/K9lDsYyO502RIzE225ySuOFnST2M6vtMXyKZwB6gpbAmEw
6Fx6/U6LNtHD6gEQXX5pkQUJwBLATWu3vFxpLwPhSATUi2nCJ/+yDNdCRdeX4C7o
awCF7F6+OV6bwBpyB91512xRCzD0AVtbLf55C21Fzoo74lSfmHfpmP0DIHT7q5RJ
iaxiYMvfXOVXlw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:22:08 2025 by rpki-client