Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft
File: HtVdI1ecZBJxVa72UGlueVMdUI0.mft (raw, json)
Hash identifier: 1eAA0iekKOdr2RDx+gg78FyvxS6YamFRLv2HrO9tEIQ=
Subject key identifier: 60:C9:DC:BD:E2:8B:01:B8:0F:8D:A0:90:18:C9:B1:9B:8B:45:F8:3C
Authority key identifier: 1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D
Certificate issuer: /CN=1ed55d23579c64127155aef650696e79531d508d
Certificate serial: 019A4DE1F8669222FAB67141AC6150993BB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft
Manifest number: 135B
Signing time: Tue 04 Nov 2025 08:00:46 +0000
Manifest this update: Tue 04 Nov 2025 08:00:46 +0000
Manifest next update: Wed 05 Nov 2025 08:00:46 +0000
Files and hashes: 1: 6JyLUIA_3_F6lFc7OjrgVvilXiM.roa (hash: Uy0b+c0tNGh5Lnfz6gBjiWLD/+3F2702TS3OgZODmXc=)
2: HtVdI1ecZBJxVa72UGlueVMdUI0.crl (hash: r8EmPzjFkzuhZls2c3q3cBJESx5HrdFjxtZB2px3To0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:f8:66:92:22:fa:b6:71:41:ac:61:50:99:3b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed55d23579c64127155aef650696e79531d508d
Validity
Not Before: Nov 4 08:00:46 2025 GMT
Not After : Nov 5 08:00:46 2025 GMT
Subject: CN=60c9dcbde28b01b80f8da09018c9b19b8b45f83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ef:ab:99:df:57:c3:5b:f5:7b:57:93:ff:fa:
90:83:c9:a5:ad:24:60:3b:73:35:d8:f8:7c:d8:eb:
98:4c:65:1e:1e:d2:00:53:3a:92:6e:fb:2f:50:af:
04:ac:3a:1e:a6:6e:15:b0:bc:4f:7a:a2:11:65:c3:
49:36:89:fa:1f:4b:bc:ed:0d:22:35:fc:cc:99:dd:
7a:d1:dc:d5:72:e7:64:ae:6a:d9:8c:c1:05:92:e1:
de:7f:de:8e:60:27:67:53:3e:fb:57:6f:29:41:ea:
e9:52:5d:f5:79:c4:29:c0:9c:00:48:08:bf:46:e5:
2c:4a:da:e8:57:7c:c1:be:ad:36:df:e0:ca:fe:46:
a2:bf:f0:f2:a2:64:f4:58:bc:c7:49:52:77:ef:69:
e9:7d:30:99:b2:fe:85:94:2e:14:10:e8:22:04:b4:
e3:5f:2e:6e:54:d3:da:35:c7:13:44:b0:29:8b:7c:
54:78:6c:eb:6d:0b:5e:cb:d8:f6:1e:6c:2f:01:c9:
63:97:63:78:6c:dd:fd:f6:b0:c3:27:e3:9c:17:95:
de:23:e4:b5:d0:58:ce:63:73:be:54:f5:e0:d0:d1:
24:9a:98:7b:2c:69:fa:d9:2a:dd:23:f9:43:62:fa:
a9:e6:b4:a4:06:d5:d5:64:22:cd:78:dd:f1:33:e3:
2b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C9:DC:BD:E2:8B:01:B8:0F:8D:A0:90:18:C9:B1:9B:8B:45:F8:3C
X509v3 Authority Key Identifier:
keyid:1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:f4:47:85:a6:c1:f2:72:92:cd:5f:08:23:01:e0:6b:04:ba:
e5:61:10:11:81:fa:57:cf:f3:8d:41:de:f1:cf:06:0c:22:95:
f8:84:71:08:30:04:10:e9:db:b9:08:aa:a6:71:d4:ef:b5:9a:
d2:09:c6:fa:43:12:db:d6:9c:75:92:8b:71:35:94:ab:0a:ab:
2a:2b:4f:47:12:db:05:39:bb:5b:3c:ca:64:1c:d8:de:e0:20:
33:2a:61:e4:98:ec:7a:fe:48:68:1c:7f:13:a3:49:b2:3a:3c:
3b:38:e5:b1:64:24:9c:62:6b:95:c6:c6:54:71:06:25:80:f0:
05:92:9b:04:0d:14:9e:0a:18:6d:6f:a8:73:e8:fa:89:76:5d:
1f:84:e0:64:35:73:79:c4:93:d0:42:a5:2f:07:8e:ea:e6:f6:
57:6d:a2:23:81:14:ea:6c:4a:cd:64:df:a4:ba:ab:ad:ae:0f:
b5:e6:97:89:88:f9:4f:b9:fc:0a:f1:fd:8d:57:dd:68:21:23:
6c:bd:f0:c4:a6:55:4e:e0:32:01:3f:7a:ac:6f:99:d3:50:ae:
c3:64:3a:7c:4e:33:08:2b:ee:ab:07:f6:02:e1:12:ad:57:81:
1f:f5:2b:b1:cd:1f:32:a9:2d:19:8b:37:c8:2f:d4:3f:b1:98:
b3:c9:72:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4fhmkiL6tnFBrGFQmTuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDU1ZDIzNTc5YzY0MTI3MTU1YWVmNjUwNjk2ZTc5NTMx
ZDUwOGQwHhcNMjUxMTA0MDgwMDQ2WhcNMjUxMTA1MDgwMDQ2WjAzMTEwLwYDVQQD
Eyg2MGM5ZGNiZGUyOGIwMWI4MGY4ZGEwOTAxOGM5YjE5YjhiNDVmODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO+rmd9Xw1v1e1eT//qQg8mlrSRg
O3M12Ph82OuYTGUeHtIAUzqSbvsvUK8ErDoepm4VsLxPeqIRZcNJNon6H0u87Q0i
NfzMmd160dzVcudkrmrZjMEFkuHef96OYCdnUz77V28pQerpUl31ecQpwJwASAi/
RuUsStroV3zBvq023+DK/kaiv/DyomT0WLzHSVJ372npfTCZsv6FlC4UEOgiBLTj
Xy5uVNPaNccTRLApi3xUeGzrbQtey9j2HmwvAcljl2N4bN399rDDJ+OcF5XeI+S1
0FjOY3O+VPXg0NEkmph7LGn62SrdI/lDYvqp5rSkBtXVZCLNeN3xM+MrzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDJ3L3iiwG4D42gkBjJsZuLRfg8MB8GA1UdIwQY
MBaAFB7VXSNXnGQScVWu9lBpbnlTHVCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80ZmIyNzQtZDg0Zi00ZmJhLTkzOGUt
MWU5ZmY5MTgwOGMyLzEvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80ZmIyNzQtZDg0Zi00ZmJhLTkzOGUtMWU5ZmY5MTgwOGMy
LzEvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPRHhabB
8nKSzV8IIwHgawS65WEQEYH6V8/zjUHe8c8GDCKV+IRxCDAEEOnbuQiqpnHU77Wa
0gnG+kMS29acdZKLcTWUqwqrKitPRxLbBTm7WzzKZBzY3uAgMyph5Jjsev5IaBx/
E6NJsjo8OzjlsWQknGJrlcbGVHEGJYDwBZKbBA0UngoYbW+oc+j6iXZdH4TgZDVz
ecST0EKlLweO6ub2V22iI4EU6mxKzWTfpLqrra4PteaXiYj5T7n8CvH9jVfdaCEj
bL3wxKZVTuAyAT96rG+Z01Cuw2Q6fE4zCCvuqwf2AuESrVeBH/Ursc0fMqktGYs3
yC/UP7GYs8lyFw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:36:22 2025 by rpki-client