Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json)
Hash identifier: 9LJnKPgPybe6KB/n78KuE1NwkqgRSoduMj3wNtOQ/9M=
Subject key identifier: EC:C3:7B:F2:14:A2:F2:AB:7A:F2:8F:9F:6A:F5:8E:76:68:B8:19:F2
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 019A52D2C0A47125F05940B8397D966491D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
Manifest number: 101D
Signing time: Wed 05 Nov 2025 07:02:14 +0000
Manifest this update: Wed 05 Nov 2025 07:02:14 +0000
Manifest next update: Thu 06 Nov 2025 07:02:14 +0000
Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=)
2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: IpbWBcbpmpqLFPedj/Wdfk7r+w+VJJHxHwp6PecPrFQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:c0:a4:71:25:f0:59:40:b8:39:7d:96:64:91:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Nov 5 07:02:14 2025 GMT
Not After : Nov 6 07:02:14 2025 GMT
Subject: CN=ecc37bf214a2f2ab7af28f9f6af58e7668b819f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:ac:2b:3f:40:6d:24:20:8f:62:61:46:28:
d8:28:3a:5c:88:1d:e5:27:e5:40:65:63:f6:63:1d:
07:7d:9f:87:b3:2b:7a:75:33:31:aa:e0:b5:bb:d3:
4c:15:a8:62:29:05:38:9b:1e:bb:24:a1:c2:e5:df:
90:8d:e8:1b:79:a8:7a:8b:be:35:f6:78:39:2e:7d:
ff:0a:dd:26:49:01:1e:a1:99:68:cb:4a:c0:b5:f8:
9c:d2:ba:1f:41:43:28:a4:59:5d:08:65:52:fc:69:
9b:0e:00:ad:e7:e3:7c:7c:12:a3:6e:be:a2:fb:02:
c1:2a:c1:9b:7b:4e:7c:99:54:9a:f6:c6:a6:c2:06:
f2:c8:27:4b:37:88:9c:4a:85:27:e0:8c:df:d8:73:
c3:5b:e0:12:1a:61:3c:49:85:b4:0c:46:66:99:b8:
2c:ec:e3:09:79:f0:51:18:05:fd:71:a2:40:ed:bf:
11:e9:22:9f:5f:51:f5:5a:fc:ca:c8:4e:6c:10:d7:
40:f5:16:ea:81:82:65:75:e4:22:fe:ef:e5:c7:c9:
43:0e:68:48:ae:67:88:da:42:dd:46:ba:ed:86:44:
70:62:46:4c:75:9a:10:31:f1:bf:46:11:71:03:3d:
76:0b:70:f0:b9:02:b3:f6:8f:36:50:e9:8e:0b:88:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C3:7B:F2:14:A2:F2:AB:7A:F2:8F:9F:6A:F5:8E:76:68:B8:19:F2
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:b2:7e:99:35:6a:af:fa:a6:12:36:59:08:ea:38:20:9d:27:
6c:86:d2:ed:14:be:8e:5b:eb:76:d8:80:d9:34:e6:f7:e4:07:
64:f9:4b:1a:43:c3:88:3e:d9:89:62:11:81:4a:d9:d2:36:24:
82:10:cc:0d:a0:a1:13:fa:aa:6a:58:1b:7a:20:ff:18:0d:73:
b0:5b:75:b0:44:63:a0:4d:2e:a7:25:53:0e:a4:03:d1:86:66:
ec:b3:20:bc:d7:77:92:79:8f:20:b5:79:ac:d2:a7:1f:bb:ad:
9f:2c:dc:d7:19:f0:64:32:2d:4e:51:99:e4:f6:95:00:32:28:
1b:ce:80:5c:c6:89:44:33:f1:d9:6c:69:3f:24:bb:9e:14:7b:
51:74:08:46:fa:6b:bc:fc:23:56:c7:11:45:ab:c1:ae:c8:84:
4e:b9:fb:99:1e:52:8e:83:9f:bd:dc:42:3e:cd:ed:41:04:dd:
33:74:61:08:bc:38:82:15:55:c6:54:41:e5:ba:f3:4b:9e:e0:
0d:b6:87:a4:c2:fc:be:df:58:8b:05:fc:e8:f8:4e:e6:a5:61:
d1:e3:5d:b9:db:82:72:0b:1e:84:02:a6:40:3f:00:3e:2b:3c:
1c:63:4b:61:a9:9f:92:ca:5d:53:93:d8:07:a5:ad:ae:15:5f:
38:33:13:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0sCkcSXwWUC4OX2WZJHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjUxMTA1MDcwMjE0WhcNMjUxMTA2MDcwMjE0WjAzMTEwLwYDVQQD
EyhlY2MzN2JmMjE0YTJmMmFiN2FmMjhmOWY2YWY1OGU3NjY4YjgxOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8usKz9AbSQgj2JhRijYKDpciB3l
J+VAZWP2Yx0HfZ+Hsyt6dTMxquC1u9NMFahiKQU4mx67JKHC5d+Qjegbeah6i741
9ng5Ln3/Ct0mSQEeoZloy0rAtfic0rofQUMopFldCGVS/GmbDgCt5+N8fBKjbr6i
+wLBKsGbe058mVSa9samwgbyyCdLN4icSoUn4Izf2HPDW+ASGmE8SYW0DEZmmbgs
7OMJefBRGAX9caJA7b8R6SKfX1H1WvzKyE5sENdA9RbqgYJldeQi/u/lx8lDDmhI
rmeI2kLdRrrthkRwYkZMdZoQMfG/RhFxAz12C3DwuQKz9o82UOmOC4gPjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzDe/IUovKrevKPn2r1jnZouBnyMB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7J+mTVq
r/qmEjZZCOo4IJ0nbIbS7RS+jlvrdtiA2TTm9+QHZPlLGkPDiD7ZiWIRgUrZ0jYk
ghDMDaChE/qqalgbeiD/GA1zsFt1sERjoE0upyVTDqQD0YZm7LMgvNd3knmPILV5
rNKnH7utnyzc1xnwZDItTlGZ5PaVADIoG86AXMaJRDPx2WxpPyS7nhR7UXQIRvpr
vPwjVscRRavBrsiETrn7mR5SjoOfvdxCPs3tQQTdM3RhCLw4ghVVxlRB5brzS57g
DbaHpML8vt9YiwX86PhO5qVh0eNduduCcgsehAKmQD8APis8HGNLYamfkspdU5PY
B6WtrhVfODMThA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:08:12 2025 by rpki-client