Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.mft
File: H_Umh1LLtSS8_ktaSXb_D4XTia8.mft (raw, json)
Hash identifier: QhQFAMb0B/63YgyL2wUEBW4buhyBJvt/NFDfk0WIr5o=
Subject key identifier: E5:CD:43:58:55:AB:F6:87:A5:D7:CD:A7:89:CC:0A:AA:79:09:8C:46
Authority key identifier: 1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
Certificate issuer: /CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Certificate serial: 019A4D05FD00553AD52E7678569E91B207B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.mft
Manifest number: 0AFA
Signing time: Tue 04 Nov 2025 04:00:29 +0000
Manifest this update: Tue 04 Nov 2025 04:00:29 +0000
Manifest next update: Wed 05 Nov 2025 04:00:29 +0000
Files and hashes: 1: 9pQi_NMMFUj3irIeg0-DmdkDCbk.roa (hash: PFd36o1XR8n7Qanm5GG5TpwQ2+VBH8Rn7+qS0Um/8ws=)
2: H_Umh1LLtSS8_ktaSXb_D4XTia8.crl (hash: eQpBpAC67/GPA9dKxNVkAe9m9848H5DDqMJLQFYh+H8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.mft
rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:05:fd:00:55:3a:d5:2e:76:78:56:9e:91:b2:07:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Validity
Not Before: Nov 4 04:00:29 2025 GMT
Not After : Nov 5 04:00:29 2025 GMT
Subject: CN=e5cd435855abf687a5d7cda789cc0aaa79098c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:62:8e:86:af:21:ef:be:97:95:63:66:a5:1d:
3b:09:25:61:5f:b9:ef:a3:88:a1:d4:20:7d:fd:b7:
20:34:60:32:af:20:7f:85:86:da:43:3e:da:a2:ad:
b0:58:b3:cd:cd:df:2d:ff:59:f6:0e:33:9c:4c:dd:
b4:36:e8:d4:b7:bd:b1:20:1a:7f:ec:80:16:32:f5:
ad:3b:6d:19:36:4e:00:f8:d3:57:a7:a9:0b:3c:57:
bf:14:4f:d0:e0:d0:fe:1a:53:92:ea:3c:24:92:e9:
f2:89:64:a9:0b:0a:23:50:92:81:e2:f3:02:e5:11:
33:22:30:02:55:66:36:76:fd:4e:b1:47:8b:a7:dc:
8a:36:55:e7:02:7a:80:1a:85:96:5e:1d:9e:38:83:
73:5a:71:64:1d:d1:71:ec:9e:d2:59:1f:33:7f:df:
d1:ad:b0:07:e3:de:38:82:76:6f:e9:27:2a:c7:cf:
78:e1:81:93:11:d9:8f:12:ee:13:8f:ec:ee:1e:dc:
1a:96:b2:3f:07:9b:f2:87:52:2c:54:0c:dc:3c:7c:
49:fa:61:37:9a:88:e9:e5:39:ab:d4:be:10:e6:0e:
ec:31:67:d4:b1:ec:14:13:88:66:38:79:c2:6d:36:
6c:4b:64:0c:38:17:64:78:25:48:8f:3c:fe:f3:e1:
61:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CD:43:58:55:AB:F6:87:A5:D7:CD:A7:89:CC:0A:AA:79:09:8C:46
X509v3 Authority Key Identifier:
keyid:1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:87:39:ad:63:e2:94:29:06:2f:10:db:db:fd:0b:58:61:0e:
6c:cd:62:5a:6b:e2:8e:80:07:a2:13:1b:66:a7:1a:08:24:72:
9f:69:a1:06:b9:3a:bb:14:15:53:79:4c:8a:62:de:8f:69:ba:
3a:7f:37:c8:43:3c:31:aa:e0:72:27:3a:24:c2:40:63:5b:a5:
96:48:4f:c4:7b:19:ce:1f:9e:a9:24:89:73:ed:8c:2a:76:b6:
67:52:c2:c1:7a:5d:fa:48:cb:0a:d8:28:cb:52:79:8d:c7:77:
37:b1:bb:5e:7f:07:18:e3:78:cf:57:69:2b:22:4b:49:5f:b8:
f9:ac:db:8d:d0:dd:78:b0:93:5c:8d:73:ed:0d:69:96:f8:38:
84:14:cb:e6:9f:65:65:f2:8e:71:4c:64:4c:79:c6:0d:d2:78:
61:9b:ae:42:f1:55:81:39:39:61:da:82:ca:59:df:62:49:46:
a2:89:dd:7e:5f:09:2d:af:6a:c7:e9:d5:ba:06:db:3d:55:43:
d3:83:d7:ab:be:a6:5a:51:79:25:25:d3:12:b5:8a:16:8a:92:
2d:c5:c0:8d:ab:6d:59:f8:d7:f1:c9:b0:48:79:73:3a:54:e5:
86:2a:dc:9b:08:b6:6b:0f:18:be:bc:0e:11:76:46:38:2d:34:
2d:1b:a4:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBf0AVTrVLnZ4Vp6Rsge1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZjUyNjg3NTJjYmI1MjRiY2ZlNGI1YTQ5NzZmZjBmODVk
Mzg5YWYwHhcNMjUxMTA0MDQwMDI5WhcNMjUxMTA1MDQwMDI5WjAzMTEwLwYDVQQD
EyhlNWNkNDM1ODU1YWJmNjg3YTVkN2NkYTc4OWNjMGFhYTc5MDk4YzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mKOhq8h776XlWNmpR07CSVhX7nv
o4ih1CB9/bcgNGAyryB/hYbaQz7aoq2wWLPNzd8t/1n2DjOcTN20NujUt72xIBp/
7IAWMvWtO20ZNk4A+NNXp6kLPFe/FE/Q4ND+GlOS6jwkkunyiWSpCwojUJKB4vMC
5REzIjACVWY2dv1OsUeLp9yKNlXnAnqAGoWWXh2eOINzWnFkHdFx7J7SWR8zf9/R
rbAH4944gnZv6Scqx8944YGTEdmPEu4Tj+zuHtwalrI/B5vyh1IsVAzcPHxJ+mE3
mojp5Tmr1L4Q5g7sMWfUsewUE4hmOHnCbTZsS2QMOBdkeCVIjzz+8+FhRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXNQ1hVq/aHpdfNp4nMCqp5CYxGMB8GA1UdIwQY
MBaAFB/1JodSy7UkvP5LWkl2/w+F04mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQt
OTc0NDg4YmNiNzIzLzEvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQtOTc0NDg4YmNiNzIz
LzEvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABIc5rWPi
lCkGLxDb2/0LWGEObM1iWmvijoAHohMbZqcaCCRyn2mhBrk6uxQVU3lMimLej2m6
On83yEM8Margcic6JMJAY1ullkhPxHsZzh+eqSSJc+2MKna2Z1LCwXpd+kjLCtgo
y1J5jcd3N7G7Xn8HGON4z1dpKyJLSV+4+azbjdDdeLCTXI1z7Q1plvg4hBTL5p9l
ZfKOcUxkTHnGDdJ4YZuuQvFVgTk5YdqCylnfYklGoondfl8JLa9qx+nVugbbPVVD
04PXq76mWlF5JSXTErWKFoqSLcXAjattWfjX8cmwSHlzOlTlhircmwi2aw8YvrwO
EXZGOC00LRukOg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:46:03 2025 by rpki-client