Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json)
Hash identifier: P0z+/rnaHjrZoafAScz/QXKjEcr93SHF0DwgfQV/HuY=
Subject key identifier: 2E:D5:53:60:6A:1E:13:BF:D4:E3:14:1C:9D:7D:DE:A3:C1:84:B5:F5
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 019A53E3A833B4E8A7B5578FCCED1E2962EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
Manifest number: 0AF8
Signing time: Wed 05 Nov 2025 12:00:19 +0000
Manifest this update: Wed 05 Nov 2025 12:00:19 +0000
Manifest next update: Thu 06 Nov 2025 12:00:19 +0000
Files and hashes: 1: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (hash: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=)
2: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: 1dS6OxAwlyqRfgJp6x0ZtIIHeucepUkuU8ZIn/4Ry5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e3:a8:33:b4:e8:a7:b5:57:8f:cc:ed:1e:29:62:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Nov 5 12:00:19 2025 GMT
Not After : Nov 6 12:00:19 2025 GMT
Subject: CN=2ed553606a1e13bfd4e3141c9d7ddea3c184b5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fd:bf:fc:81:d8:6e:79:e8:67:84:e7:aa:14:
c7:e9:ad:10:cc:85:19:a1:00:2c:0c:fc:7b:df:38:
ae:10:58:e1:f2:1c:f5:26:1c:fa:c5:4a:a6:65:4f:
1a:5b:3d:23:69:e9:f9:98:44:3a:01:60:0e:6b:f2:
7f:71:fa:f3:7b:a1:07:c9:b6:d7:6f:0d:8c:6f:92:
8e:06:ee:a7:9c:c9:ae:6d:93:62:4b:ed:8a:c9:1c:
b4:4b:68:f5:c1:40:d7:5e:8e:a3:81:ea:37:41:92:
f7:e1:7c:eb:af:ed:13:c0:8c:17:af:98:35:05:03:
2e:9d:6c:12:d9:90:b3:19:15:11:12:1c:84:07:bc:
a7:76:db:0a:26:dd:fe:b2:73:e8:45:3a:a1:a5:08:
05:24:06:4a:4f:bf:c1:b7:60:59:4a:59:d8:01:48:
65:37:51:ca:d1:66:8e:8f:eb:b7:e7:66:97:50:31:
be:4b:a0:d1:34:ab:e2:ca:86:49:86:82:bb:be:ef:
1b:57:46:45:7d:20:9c:91:5b:3e:5d:c4:11:9e:b5:
bd:c9:93:22:52:79:44:68:ed:ab:ce:f0:de:49:c9:
c3:59:cd:eb:a2:c7:dc:96:d6:d7:3f:77:ac:d7:cb:
8c:1c:41:fa:02:8f:51:43:89:14:9a:b1:92:6b:7b:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:53:60:6A:1E:13:BF:D4:E3:14:1C:9D:7D:DE:A3:C1:84:B5:F5
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:65:14:e7:1b:4f:f8:a6:de:e1:2c:a3:50:8e:c9:67:4b:88:
c3:6b:2c:cc:e4:85:d3:a0:8b:70:a6:6e:5d:7b:ee:95:bb:93:
1d:1d:45:1c:2e:c9:0c:d7:98:a3:b6:e3:15:09:45:41:54:de:
85:37:6b:01:ca:67:33:16:01:ed:2d:a1:bd:81:23:fa:f5:41:
99:40:46:a1:11:23:7e:21:65:22:e8:0d:8e:f8:30:ef:7a:ce:
1d:2a:6d:3a:bc:ec:38:66:01:d5:aa:c2:d0:dd:da:34:61:50:
ae:ca:03:14:28:a6:7b:e4:f5:92:74:d4:c0:69:b3:0e:65:81:
dd:02:7b:fb:f5:4f:5b:98:e3:c7:1c:74:70:64:1e:7f:e9:c2:
bf:e6:94:9c:a9:c9:a7:07:6c:ff:58:56:81:4e:8f:14:bb:2c:
46:98:34:b9:ee:1b:9e:82:22:5c:d3:a5:77:e3:aa:36:80:00:
bc:92:5b:1c:06:60:66:7f:0b:7a:c1:71:1e:86:78:92:1b:f4:
17:96:e7:e3:1d:80:e6:b0:83:b9:c8:cb:3e:bf:0f:ef:dd:1f:
f1:f7:98:05:a9:5c:c4:61:8e:4d:fa:d2:f6:fb:e8:cb:67:6f:
0f:57:ef:dd:84:ba:d4:aa:74:ca:d7:d7:2f:c0:a2:ba:c9:6c:
81:16:ef:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT46gztOintVePzO0eKWLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjUxMTA1MTIwMDE5WhcNMjUxMTA2MTIwMDE5WjAzMTEwLwYDVQQD
EygyZWQ1NTM2MDZhMWUxM2JmZDRlMzE0MWM5ZDdkZGVhM2MxODRiNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv2//IHYbnnoZ4TnqhTH6a0QzIUZ
oQAsDPx73ziuEFjh8hz1Jhz6xUqmZU8aWz0jaen5mEQ6AWAOa/J/cfrze6EHybbX
bw2Mb5KOBu6nnMmubZNiS+2KyRy0S2j1wUDXXo6jgeo3QZL34Xzrr+0TwIwXr5g1
BQMunWwS2ZCzGRUREhyEB7yndtsKJt3+snPoRTqhpQgFJAZKT7/Bt2BZSlnYAUhl
N1HK0WaOj+u352aXUDG+S6DRNKviyoZJhoK7vu8bV0ZFfSCckVs+XcQRnrW9yZMi
UnlEaO2rzvDeScnDWc3rosfcltbXP3es18uMHEH6Ao9RQ4kUmrGSa3tVdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7VU2BqHhO/1OMUHJ193qPBhLX1MB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqGUU5xtP
+Kbe4SyjUI7JZ0uIw2sszOSF06CLcKZuXXvulbuTHR1FHC7JDNeYo7bjFQlFQVTe
hTdrAcpnMxYB7S2hvYEj+vVBmUBGoREjfiFlIugNjvgw73rOHSptOrzsOGYB1arC
0N3aNGFQrsoDFCime+T1knTUwGmzDmWB3QJ7+/VPW5jjxxx0cGQef+nCv+aUnKnJ
pwds/1hWgU6PFLssRpg0ue4bnoIiXNOld+OqNoAAvJJbHAZgZn8LesFxHoZ4khv0
F5bn4x2A5rCDucjLPr8P790f8feYBalcxGGOTfrS9vvoy2dvD1fv3YS61Kp0ytfX
L8CiuslsgRbvOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:37:32 2025 by rpki-client