Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: STHbTQj5PK/UGzinkVBjFJwtPVoxC0Ja5YBAScowOHM=
Subject key identifier: CA:8D:76:1A:D8:1C:20:A5:EB:9C:55:00:23:2D:18:D6:04:DA:08:3C
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019A4DE1CE7D8C61F6A858A9AA58316E9393
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0BB1
Signing time: Tue 04 Nov 2025 08:00:35 +0000
Manifest this update: Tue 04 Nov 2025 08:00:35 +0000
Manifest next update: Wed 05 Nov 2025 08:00:35 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: rVWnfJaagwAPiLmClz/sz7QAEUDOiex6UILpuLXH1Bc=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:ce:7d:8c:61:f6:a8:58:a9:aa:58:31:6e:93:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Nov 4 08:00:35 2025 GMT
Not After : Nov 5 08:00:35 2025 GMT
Subject: CN=ca8d761ad81c20a5eb9c5500232d18d604da083c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:a1:6e:d4:25:7f:20:7a:43:ef:79:29:08:
35:cc:ff:1d:bd:6c:1b:34:e3:30:3b:39:a0:b7:8f:
f5:9d:5b:34:9b:94:90:fe:d9:30:9c:1d:50:5b:14:
a2:a4:40:f1:cb:85:29:fe:47:eb:18:7f:c4:d3:24:
1a:08:d9:41:92:88:14:62:be:fe:06:0a:90:81:4a:
d9:ab:d8:bc:0d:41:b2:bb:86:30:16:dd:5b:7c:a0:
3e:bd:54:b9:d6:1b:8e:44:7c:89:88:26:25:ed:4e:
90:66:33:a3:48:cf:4d:47:cb:c4:d0:12:89:ee:c4:
f0:d8:1b:8a:8c:39:df:59:58:41:6b:27:ff:18:97:
8c:6d:08:ec:5f:8c:0b:3f:61:0f:35:10:d4:5f:fa:
46:e5:05:48:5d:f0:6c:51:cf:f0:b2:1d:90:b5:c2:
16:f9:db:a9:64:bb:35:a4:e5:8e:ac:89:8f:7c:44:
40:7d:db:ae:4a:43:91:70:25:32:d2:7c:7a:d9:d8:
42:09:c2:bc:b8:87:3c:02:2f:b8:d4:42:ef:06:d9:
9d:fa:8d:b0:0c:e7:cb:e3:ff:4d:32:03:57:8e:58:
3c:1d:2a:c4:19:ea:e1:d4:c0:95:70:5d:e9:bc:8a:
ca:16:d1:86:02:7d:3c:e8:ab:be:13:aa:8e:47:d9:
ac:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8D:76:1A:D8:1C:20:A5:EB:9C:55:00:23:2D:18:D6:04:DA:08:3C
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:2a:80:e0:dd:a7:d6:ab:71:c4:96:30:b0:ec:a2:44:36:b4:
44:60:1a:c6:7e:78:3a:7d:8f:7e:6d:c2:c9:20:76:39:17:64:
79:19:63:1e:94:8d:1f:0a:94:b4:cd:8a:2d:2c:69:df:97:19:
6c:b5:b7:5f:2b:94:ba:79:f7:5b:2b:13:5f:d6:06:44:94:d9:
f8:4e:df:b9:d6:6e:67:a7:a2:bb:39:b3:11:61:91:8c:ed:21:
6a:45:1e:84:d9:83:e3:8c:8b:ee:85:23:6a:a3:fd:85:9e:ee:
65:cd:a2:9c:70:4c:b4:dd:ba:2b:58:41:e5:bd:07:de:14:ad:
b0:78:f4:a1:ad:e0:79:3f:b2:b2:bd:39:24:aa:b4:6a:fe:93:
c8:28:fa:86:20:36:b3:b5:ea:f5:f6:49:1c:7a:b9:51:12:6b:
3c:d1:c2:7d:41:14:da:d1:6a:b8:73:ff:db:25:58:58:e9:36:
8b:01:5a:0b:9c:6f:c6:10:db:8d:9d:ee:bc:ff:05:16:36:a1:
b6:5e:41:7e:7a:51:73:82:8a:8d:e5:22:11:9f:b9:08:00:87:
c9:78:a9:b5:f1:4f:08:35:c2:04:3a:cf:fd:9f:4b:de:56:26:
d0:81:77:fe:98:dd:58:81:f4:90:20:aa:4d:85:a4:67:1c:ac:
1f:81:3e:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4c59jGH2qFipqlgxbpOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUxMTA0MDgwMDM1WhcNMjUxMTA1MDgwMDM1WjAzMTEwLwYDVQQD
EyhjYThkNzYxYWQ4MWMyMGE1ZWI5YzU1MDAyMzJkMThkNjA0ZGEwODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlShbtQlfyB6Q+95KQg1zP8dvWwb
NOMwOzmgt4/1nVs0m5SQ/tkwnB1QWxSipEDxy4Up/kfrGH/E0yQaCNlBkogUYr7+
BgqQgUrZq9i8DUGyu4YwFt1bfKA+vVS51huORHyJiCYl7U6QZjOjSM9NR8vE0BKJ
7sTw2BuKjDnfWVhBayf/GJeMbQjsX4wLP2EPNRDUX/pG5QVIXfBsUc/wsh2QtcIW
+dupZLs1pOWOrImPfERAfduuSkORcCUy0nx62dhCCcK8uIc8Ai+41ELvBtmd+o2w
DOfL4/9NMgNXjlg8HSrEGerh1MCVcF3pvIrKFtGGAn086Ku+E6qOR9mskwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqNdhrYHCCl65xVACMtGNYE2gg8MB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkiqA4N2n
1qtxxJYwsOyiRDa0RGAaxn54On2Pfm3CySB2ORdkeRljHpSNHwqUtM2KLSxp35cZ
bLW3XyuUunn3WysTX9YGRJTZ+E7fudZuZ6eiuzmzEWGRjO0hakUehNmD44yL7oUj
aqP9hZ7uZc2inHBMtN26K1hB5b0H3hStsHj0oa3geT+ysr05JKq0av6TyCj6hiA2
s7Xq9fZJHHq5URJrPNHCfUEU2tFquHP/2yVYWOk2iwFaC5xvxhDbjZ3uvP8FFjah
tl5BfnpRc4KKjeUiEZ+5CACHyXiptfFPCDXCBDrP/Z9L3lYm0IF3/pjdWIH0kCCq
TYWkZxysH4E+bw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:08 2025 by rpki-client