Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
File: hGzXvBkUIFasr5VzyqGvjehxgVY.mft (raw, json)
Hash identifier: SB1m1nh09Mb32pv0Xc8gYQblAf0KpDEMP6fe+4i+CBk=
Subject key identifier: E1:89:37:1B:C7:76:EA:13:09:8D:4B:AB:48:25:DF:1C:CB:A2:AD:88
Authority key identifier: 84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
Certificate issuer: /CN=846cd7bc19142056acaf9573caa1af8de8718156
Certificate serial: 019A5187A81672D501C01AF6F434E8C8BD3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
Manifest number: 025A
Signing time: Wed 05 Nov 2025 01:00:36 +0000
Manifest this update: Wed 05 Nov 2025 01:00:36 +0000
Manifest next update: Thu 06 Nov 2025 01:00:36 +0000
Files and hashes: 1: O5dJ1P8qPLvqN1TFZCJv-BCHVwE.roa (hash: 3xRQqmBaiPMEC6+BvwWE12p1a9per8d/4WLoxHZdLwY=)
2: hGzXvBkUIFasr5VzyqGvjehxgVY.crl (hash: gGfdnnTrnqZ8WJsy3dn/3LeEHjhzO1aKMY/5Ltca0Bo=)
3: hs1Ttmuuy8oKm2rJqVYgyDXaPIw.roa (hash: Byo6rO4TnKOVrKw6LlKH8flPLRHULJLiFuZMsf82Wv4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:a8:16:72:d5:01:c0:1a:f6:f4:34:e8:c8:bd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846cd7bc19142056acaf9573caa1af8de8718156
Validity
Not Before: Nov 5 01:00:36 2025 GMT
Not After : Nov 6 01:00:36 2025 GMT
Subject: CN=e189371bc776ea13098d4bab4825df1ccba2ad88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ac:a2:41:b5:56:04:09:6a:86:d1:3f:fd:78:
2e:4e:0b:40:7a:0a:c2:79:99:89:bc:7b:56:90:e3:
c9:f7:34:2a:a8:0d:96:5b:1c:80:9c:62:e7:79:98:
59:c2:0b:25:ec:54:48:bc:62:33:25:2e:dd:dd:4f:
a7:85:91:15:8c:a4:bf:97:df:ed:5a:3f:94:31:5d:
5e:6f:c5:16:53:d3:a8:c4:46:d3:94:c2:ab:65:f7:
8a:94:91:b0:4b:f2:db:37:db:9f:e6:2e:3e:52:da:
24:34:22:77:38:71:e0:ee:07:c0:c7:e7:fa:74:e8:
f7:8b:92:42:d3:a7:d6:b5:f5:22:47:b5:5a:5a:7c:
7f:e4:c0:ec:4d:69:50:e7:8b:cd:80:be:ee:c8:78:
a5:40:01:d6:4d:87:ef:ad:0e:63:13:50:76:e5:ee:
28:88:47:1d:8b:c0:a3:d3:f9:e1:bd:11:41:9c:c1:
33:ae:2b:52:a3:65:3a:96:98:bb:bf:be:7b:a8:55:
0a:27:db:d1:58:c4:7b:8b:c5:17:0b:1c:8f:18:10:
ae:8a:0d:83:35:08:41:bb:7a:a7:0f:48:04:a7:7e:
5d:dc:1a:8e:63:54:33:5f:ed:c0:fd:1e:36:c3:7b:
86:59:2d:ff:55:68:69:c6:ee:0f:4a:27:67:a6:a2:
17:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:89:37:1B:C7:76:EA:13:09:8D:4B:AB:48:25:DF:1C:CB:A2:AD:88
X509v3 Authority Key Identifier:
keyid:84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:bc:e2:72:72:71:91:4b:f8:d9:8f:2b:84:cf:8e:d3:13:71:
8b:57:09:df:cc:fc:35:b0:3d:67:f4:ae:d8:d8:94:82:a9:93:
9c:ae:47:9f:27:a6:26:8f:47:05:54:ff:c7:47:2c:2b:59:c3:
5c:26:c2:e8:15:0a:2e:52:82:c1:ad:fd:93:ef:ba:9b:e7:13:
43:88:60:b5:ed:9f:65:41:2d:6b:d7:d3:51:ea:b9:58:b3:64:
b5:36:f6:d0:e3:81:14:a8:5d:6b:13:14:43:81:cd:9e:b8:d2:
bd:2c:aa:97:d1:1e:8f:b6:f1:6f:57:28:02:f7:7a:61:16:28:
90:d4:25:03:13:27:dc:28:6d:8e:97:d6:62:97:ec:54:89:2e:
a4:1d:03:9c:54:05:3d:d9:bd:31:6b:a5:c2:f3:af:b5:45:54:
94:04:3e:23:4c:07:43:a7:87:ff:bd:0c:d6:f1:1a:0d:e1:77:
2b:f1:c0:90:d5:60:75:45:6d:fb:5a:2a:1d:46:db:81:2e:f0:
23:8c:65:4b:51:1f:fd:5f:a1:c6:7a:dc:88:96:6d:66:a0:66:
1b:f6:75:30:e4:13:2e:8e:04:c1:d1:18:06:f2:b4:54:d6:cf:
66:46:05:08:c8:97:4c:b1:66:2a:c4:a8:1b:f0:15:d0:63:94:
47:6b:91:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh6gWctUBwBr29DToyL08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNkN2JjMTkxNDIwNTZhY2FmOTU3M2NhYTFhZjhkZTg3
MTgxNTYwHhcNMjUxMTA1MDEwMDM2WhcNMjUxMTA2MDEwMDM2WjAzMTEwLwYDVQQD
EyhlMTg5MzcxYmM3NzZlYTEzMDk4ZDRiYWI0ODI1ZGYxY2NiYTJhZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqyiQbVWBAlqhtE//XguTgtAegrC
eZmJvHtWkOPJ9zQqqA2WWxyAnGLneZhZwgsl7FRIvGIzJS7d3U+nhZEVjKS/l9/t
Wj+UMV1eb8UWU9OoxEbTlMKrZfeKlJGwS/LbN9uf5i4+UtokNCJ3OHHg7gfAx+f6
dOj3i5JC06fWtfUiR7VaWnx/5MDsTWlQ54vNgL7uyHilQAHWTYfvrQ5jE1B25e4o
iEcdi8Cj0/nhvRFBnMEzritSo2U6lpi7v757qFUKJ9vRWMR7i8UXCxyPGBCuig2D
NQhBu3qnD0gEp35d3BqOY1QzX+3A/R42w3uGWS3/VWhpxu4PSidnpqIXGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGJNxvHduoTCY1Lq0gl3xzLoq2IMB8GA1UdIwQY
MBaAFIRs17wZFCBWrK+Vc8qhr43ocYFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMt
ZDE5NTlmM2UyZjc2LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMtZDE5NTlmM2UyZjc2
LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7zicnJx
kUv42Y8rhM+O0xNxi1cJ38z8NbA9Z/Su2NiUgqmTnK5HnyemJo9HBVT/x0csK1nD
XCbC6BUKLlKCwa39k++6m+cTQ4hgte2fZUEta9fTUeq5WLNktTb20OOBFKhdaxMU
Q4HNnrjSvSyql9Eej7bxb1coAvd6YRYokNQlAxMn3ChtjpfWYpfsVIkupB0DnFQF
Pdm9MWulwvOvtUVUlAQ+I0wHQ6eH/70M1vEaDeF3K/HAkNVgdUVt+1oqHUbbgS7w
I4xlS1Ef/V+hxnrciJZtZqBmG/Z1MOQTLo4EwdEYBvK0VNbPZkYFCMiXTLFmKsSo
G/AV0GOUR2uRFQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:29:40 2025 by rpki-client