Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
File: hWhAcEemLmSDAMUYKik1P_WOsF8.mft (raw, json)
Hash identifier: CAKmF9noyz/aI9MmJUGVWfuYbvk8HAYdnd5HL0Wh6+w=
Subject key identifier: 5C:63:56:9A:59:2E:DF:B9:09:71:60:27:F5:29:82:A5:36:02:1D:CF
Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f
Certificate serial: 019A4DE1D04A671B66577D401B4C8030C528
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
Manifest number: 045D
Signing time: Tue 04 Nov 2025 08:00:35 +0000
Manifest this update: Tue 04 Nov 2025 08:00:35 +0000
Manifest next update: Wed 05 Nov 2025 08:00:35 +0000
Files and hashes: 1: 0nvhqw7aFiUkSIOiOEerDMnQ_ZQ.roa (hash: HMe62SGaPYEENwRxXbOtER7G/ZP8W5TpI/QjfFDw0sg=)
2: hWhAcEemLmSDAMUYKik1P_WOsF8.crl (hash: LXpWmef8mXac343G1bag1cVDUvr9MoTTNE6ce9TNKtY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:d0:4a:67:1b:66:57:7d:40:1b:4c:80:30:c5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f
Validity
Not Before: Nov 4 08:00:35 2025 GMT
Not After : Nov 5 08:00:35 2025 GMT
Subject: CN=5c63569a592edfb909716027f52982a536021dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:88:7d:0a:1c:3f:fb:f3:bc:7d:18:a7:70:
02:bd:50:c1:9b:55:90:de:40:d6:47:8d:e5:ea:40:
87:95:16:f7:bb:af:1f:ab:df:fa:f7:e0:19:52:12:
12:3e:06:bc:5e:fb:5d:07:86:f6:2d:51:01:98:fe:
2a:18:e1:e6:a4:be:1f:cc:83:e0:f7:de:f5:33:5d:
6f:cd:5b:91:b4:a9:05:df:1e:92:0d:39:16:80:5d:
d1:6f:44:52:28:5c:08:cd:8d:2b:72:54:73:73:20:
03:d8:23:1d:25:1c:61:4e:09:24:93:a9:68:e6:08:
b7:ab:4a:1f:a2:1a:8c:87:53:60:15:23:50:39:f1:
3d:8f:4e:d2:51:fe:05:0c:36:5f:cf:70:4d:e9:1b:
26:18:ec:fd:3e:60:bd:d3:3b:5a:6c:c1:06:13:f8:
9f:25:e7:fd:3f:a6:64:74:88:1c:04:86:d3:d2:fe:
96:a5:67:49:87:c0:86:27:0a:e2:4f:cd:d6:2f:75:
61:06:46:9e:33:16:fb:04:23:b2:90:60:24:4e:97:
cc:3c:f3:41:22:f6:1d:ca:43:06:8b:78:aa:65:af:
02:5f:d4:34:0e:df:c5:f7:c2:5e:ce:d4:7f:f4:64:
24:61:d1:ab:43:27:a9:44:67:d1:c0:d0:24:71:22:
27:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:63:56:9A:59:2E:DF:B9:09:71:60:27:F5:29:82:A5:36:02:1D:CF
X509v3 Authority Key Identifier:
keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:8c:9b:0c:b5:cb:8e:2d:f5:de:c3:d9:93:2c:63:c7:11:7f:
8b:f9:0f:6f:3e:4d:50:dd:34:1b:b7:bf:f0:41:e0:2b:e6:cc:
38:44:df:be:34:18:17:ac:dd:7a:8e:01:e7:58:bb:77:e1:0d:
c4:04:7e:e9:5f:a8:65:1e:db:2b:27:f3:5d:bd:98:aa:44:ea:
d1:14:22:94:e9:be:97:e2:99:91:e3:e1:9a:1b:8a:56:af:d5:
cf:62:dc:3f:d7:3a:06:99:60:06:e2:3e:00:55:f9:b4:7f:64:
6b:d1:d2:8f:2b:dc:30:11:4d:33:05:67:93:47:dc:81:83:74:
d3:e3:e2:2c:b7:e4:cb:1c:46:51:57:3a:8e:9c:10:84:4d:d7:
a4:8d:6e:e3:fe:d2:a8:8c:4e:88:93:ee:3c:d6:78:62:08:35:
75:60:e9:57:be:90:73:81:df:16:79:89:f9:a9:be:ce:fb:ef:
ec:06:c5:75:85:a6:df:9f:21:2e:f0:88:8f:fb:81:75:12:6d:
1a:28:84:d5:66:8a:40:67:e6:c1:9f:26:9a:8c:1c:9d:d8:98:
c1:f1:61:76:a9:51:60:74:59:dd:bf:72:2e:91:53:5f:5a:bd:
32:a3:a9:fe:73:da:e1:69:b0:c9:26:69:10:a8:18:aa:f7:a3:
9e:cb:db:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4dBKZxtmV31AG0yAMMUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4
ZWIwNWYwHhcNMjUxMTA0MDgwMDM1WhcNMjUxMTA1MDgwMDM1WjAzMTEwLwYDVQQD
Eyg1YzYzNTY5YTU5MmVkZmI5MDk3MTYwMjdmNTI5ODJhNTM2MDIxZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA6IfQocP/vzvH0Yp3ACvVDBm1WQ
3kDWR43l6kCHlRb3u68fq9/69+AZUhISPga8XvtdB4b2LVEBmP4qGOHmpL4fzIPg
9971M11vzVuRtKkF3x6SDTkWgF3Rb0RSKFwIzY0rclRzcyAD2CMdJRxhTgkkk6lo
5gi3q0ofohqMh1NgFSNQOfE9j07SUf4FDDZfz3BN6RsmGOz9PmC90ztabMEGE/if
Jef9P6ZkdIgcBIbT0v6WpWdJh8CGJwriT83WL3VhBkaeMxb7BCOykGAkTpfMPPNB
IvYdykMGi3iqZa8CX9Q0Dt/F98JeztR/9GQkYdGrQyepRGfRwNAkcSInkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxjVppZLt+5CXFgJ/UpgqU2Ah3PMB8GA1UdIwQY
MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt
ZWQzZTk4YzY1NmUxLzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx
LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp4ybDLXL
ji313sPZkyxjxxF/i/kPbz5NUN00G7e/8EHgK+bMOETfvjQYF6zdeo4B51i7d+EN
xAR+6V+oZR7bKyfzXb2YqkTq0RQilOm+l+KZkePhmhuKVq/Vz2LcP9c6BplgBuI+
AFX5tH9ka9HSjyvcMBFNMwVnk0fcgYN00+PiLLfkyxxGUVc6jpwQhE3XpI1u4/7S
qIxOiJPuPNZ4Ygg1dWDpV76Qc4HfFnmJ+am+zvvv7AbFdYWm358hLvCIj/uBdRJt
GiiE1WaKQGfmwZ8mmowcndiYwfFhdqlRYHRZ3b9yLpFTX1q9MqOp/nPa4WmwySZp
EKgYqvejnsvbeg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:51:09 2025 by rpki-client