Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json)
Hash identifier: Qik5nNAeiDTxB0bTYJbgmzDiFmdlQHSni9YImmeiU3c=
Subject key identifier: 35:29:76:88:E3:26:13:60:9E:7C:19:97:39:70:62:00:8F:00:9E:AF
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 019A52D143B084EDC0A756B0220836B53DD6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
Manifest number: 1712
Signing time: Wed 05 Nov 2025 07:00:37 +0000
Manifest this update: Wed 05 Nov 2025 07:00:37 +0000
Manifest next update: Thu 06 Nov 2025 07:00:37 +0000
Files and hashes: 1: 3MF6BuznJ4OfS1C5J5sFom719Ag.roa (hash: SgA1M+YF5PTZbvqD1BRuBpZXk3sFWrE/PgQsVhuZ/S4=)
2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: baRih0+07xIFsia8qubBGMcI2xij9IQvoY8LlO5E38E=)
3: pFxtApTW54EbBHD0oDAnh4jDG3E.roa (hash: gJNAVWKEII1RjZzGIybSB1Nkau8KmzUZnx0gYczpW88=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:43:b0:84:ed:c0:a7:56:b0:22:08:36:b5:3d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Nov 5 07:00:37 2025 GMT
Not After : Nov 6 07:00:37 2025 GMT
Subject: CN=35297688e32613609e7c1997397062008f009eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c1:fc:7a:8e:51:18:47:a1:38:38:71:c1:40:
a0:66:06:03:b2:e8:f1:86:6f:87:72:f8:c2:0c:7a:
ad:95:18:22:6e:9a:d6:da:70:ab:48:ae:71:da:c0:
4a:87:d6:13:ef:5a:29:99:1d:d3:57:13:b2:e7:89:
f9:57:90:7d:2e:ae:41:26:20:2c:88:af:b2:d2:9b:
8b:3d:f7:06:ca:7a:e9:18:c8:e6:fc:79:f6:ac:41:
88:2e:55:07:10:c5:1a:47:c8:4b:f0:a2:1b:0d:a9:
ef:4d:59:ac:c5:54:98:b4:fa:fc:ac:b2:c9:e9:76:
c9:bf:1f:4b:0f:22:ad:47:90:ae:0a:dc:70:81:b7:
8f:35:b5:ab:73:0b:d8:10:47:9d:cc:c3:e3:de:a7:
e1:a1:d5:24:93:d3:bf:3c:d5:23:95:0d:54:b1:b1:
dc:8d:1a:d9:3e:11:27:e2:4c:54:a7:0f:ff:bf:3e:
82:a2:5c:94:b0:5c:af:47:bd:5c:03:ce:da:05:79:
1c:38:7c:58:51:b3:1b:27:20:0c:e7:f2:18:c7:1c:
4d:e9:a4:ec:6a:4b:77:18:82:8b:a1:8f:5e:de:7d:
07:c1:fc:44:cc:67:64:d8:58:b0:6c:e8:8d:22:52:
31:82:a3:3f:4e:3e:31:e0:ba:f1:cf:8a:58:9d:90:
a1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:76:88:E3:26:13:60:9E:7C:19:97:39:70:62:00:8F:00:9E:AF
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:d7:01:94:24:39:79:da:44:98:5b:d5:3e:d1:5f:e8:a8:4c:
30:70:ff:56:2a:f1:16:d3:22:e9:ce:4b:ed:33:07:93:18:b0:
d2:c5:c1:40:66:ad:dc:ee:ca:9e:5d:3f:e8:1b:02:65:d0:de:
a3:87:7b:3e:11:4f:69:a8:dc:6b:76:68:0c:93:e5:10:fa:1f:
00:9a:8a:89:2b:fd:ce:0a:c9:d7:e0:9e:de:72:70:4f:d5:9f:
77:bf:90:11:18:38:2e:3e:7d:55:4f:e2:24:0c:1a:38:8e:9f:
28:83:58:88:e7:05:0c:b6:86:4f:84:78:b0:76:e0:8c:f0:b0:
20:34:e2:09:bd:90:14:fd:b0:f7:13:cf:c7:7c:04:bd:c4:53:
ff:35:d1:2e:b3:86:f6:a8:2d:ca:6b:69:8f:20:80:fb:5c:83:
66:fd:0c:c4:93:a2:db:25:39:fb:52:97:71:5d:3c:a0:29:5f:
6d:86:24:e3:34:2f:4b:8d:90:55:79:61:95:68:9f:ed:9b:91:
a2:3b:e7:41:3b:47:fd:5e:50:f0:92:f2:62:47:67:50:23:0a:
17:5b:8c:b6:5b:ab:8a:c3:f0:2b:f6:91:75:38:52:ba:2a:ae:
33:21:ae:81:65:46:6b:b7:1d:91:a3:f5:5b:ef:33:3b:9e:10:
81:61:30:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0UOwhO3Ap1awIgg2tT3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjUxMTA1MDcwMDM3WhcNMjUxMTA2MDcwMDM3WjAzMTEwLwYDVQQD
EygzNTI5NzY4OGUzMjYxMzYwOWU3YzE5OTczOTcwNjIwMDhmMDA5ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sH8eo5RGEehODhxwUCgZgYDsujx
hm+HcvjCDHqtlRgibprW2nCrSK5x2sBKh9YT71opmR3TVxOy54n5V5B9Lq5BJiAs
iK+y0puLPfcGynrpGMjm/Hn2rEGILlUHEMUaR8hL8KIbDanvTVmsxVSYtPr8rLLJ
6XbJvx9LDyKtR5CuCtxwgbePNbWrcwvYEEedzMPj3qfhodUkk9O/PNUjlQ1UsbHc
jRrZPhEn4kxUpw//vz6ColyUsFyvR71cA87aBXkcOHxYUbMbJyAM5/IYxxxN6aTs
akt3GIKLoY9e3n0HwfxEzGdk2FiwbOiNIlIxgqM/Tj4x4Lrxz4pYnZChVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUpdojjJhNgnnwZlzlwYgCPAJ6vMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACNcBlCQ5
edpEmFvVPtFf6KhMMHD/VirxFtMi6c5L7TMHkxiw0sXBQGat3O7Knl0/6BsCZdDe
o4d7PhFPaajca3ZoDJPlEPofAJqKiSv9zgrJ1+Ce3nJwT9Wfd7+QERg4Lj59VU/i
JAwaOI6fKINYiOcFDLaGT4R4sHbgjPCwIDTiCb2QFP2w9xPPx3wEvcRT/zXRLrOG
9qgtymtpjyCA+1yDZv0MxJOi2yU5+1KXcV08oClfbYYk4zQvS42QVXlhlWif7ZuR
ojvnQTtH/V5Q8JLyYkdnUCMKF1uMtlurisPwK/aRdThSuiquMyGugWVGa7cdkaP1
W+8zO54QgWEwjA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:08:50 2025 by rpki-client