Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: xMal0cDUq94fMblfEQvYcp+QA37N8PG3y48HfER4eq4=
Subject key identifier: 2D:06:8D:AF:C8:77:B8:8B:51:FF:66:91:B0:21:D2:3D:EC:E4:F4:C5
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 019A52D0FBDCE79CBE6928F6FA559B79F9A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 0A05
Signing time: Wed 05 Nov 2025 07:00:18 +0000
Manifest this update: Wed 05 Nov 2025 07:00:18 +0000
Manifest next update: Thu 06 Nov 2025 07:00:18 +0000
Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=)
2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: R4YodkgTWrVaiQVoxYRg2nWQ0t2VX6fp26ncFqDcrT4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d0:fb:dc:e7:9c:be:69:28:f6:fa:55:9b:79:f9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Nov 5 07:00:18 2025 GMT
Not After : Nov 6 07:00:18 2025 GMT
Subject: CN=2d068dafc877b88b51ff6691b021d23dece4f4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:8f:4c:1b:dd:b3:e5:7b:0b:7f:6f:99:7f:
90:8a:5a:ba:8d:55:b5:00:0e:ee:35:0e:d3:2a:4c:
2c:08:14:0a:da:4f:88:96:ff:76:2f:a4:29:df:60:
39:02:7c:df:30:d6:94:59:fa:26:e2:c3:7c:6e:2d:
d5:d9:59:2b:ab:74:15:37:51:38:af:c8:6f:d6:ad:
ec:74:1c:9c:c3:54:3a:97:d7:8b:b2:6f:10:39:c7:
4d:fd:31:1e:26:a1:30:23:f6:11:65:a4:02:f3:c2:
bd:35:b2:eb:40:63:6d:84:d6:3b:2c:b6:1e:6b:98:
9e:8f:86:75:ab:e2:e6:f0:c4:2e:87:a0:4a:fb:8a:
7c:c3:05:7e:b2:a9:b3:1a:ed:ce:be:22:4b:ad:a7:
71:b3:de:aa:99:fc:32:08:20:8d:b2:7c:87:d4:f6:
91:a7:ab:c7:21:60:68:2f:fb:14:e1:16:46:81:a2:
c4:41:72:da:bd:ec:3f:92:18:f4:0f:9d:16:2c:87:
97:26:b0:dd:1f:2a:bb:53:6d:e2:95:ac:a3:b8:9c:
f3:34:56:f2:34:d9:e6:99:a7:7d:f6:1b:ab:1f:5f:
99:6a:25:4b:60:5f:0c:a2:47:53:04:c9:bd:5c:56:
12:cb:41:79:93:24:0f:10:54:90:d0:98:67:c3:b1:
21:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:06:8D:AF:C8:77:B8:8B:51:FF:66:91:B0:21:D2:3D:EC:E4:F4:C5
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:08:69:bc:46:53:64:55:15:40:ea:ce:55:f2:ad:e7:08:41:
d6:c4:9c:2c:33:74:de:16:40:fd:3a:c0:4b:31:78:9e:56:6d:
ce:97:b3:9f:d8:37:c7:4d:c2:9b:20:36:a1:2b:ff:58:d9:8a:
e1:d1:9c:e5:cd:aa:81:c9:d3:3b:5a:cb:40:b3:dd:68:19:b6:
7c:bf:7e:8a:67:e3:83:52:80:c0:ec:ab:3c:0f:f6:cb:17:39:
69:c3:71:12:4c:e6:b2:69:69:b5:93:80:ab:84:84:95:6d:f0:
38:56:25:1e:5b:56:07:56:24:9e:19:27:e8:79:7d:c2:bb:74:
e3:d1:ad:bd:fd:6e:cb:49:36:23:6d:49:57:8d:bf:17:8d:09:
0d:e7:8e:95:bc:ba:bc:15:15:e4:87:db:26:69:bb:36:a8:d4:
9d:e4:02:60:30:91:8d:ef:c2:fd:fa:5d:60:44:34:62:f8:73:
fa:a5:c5:09:ee:d2:dd:f1:d4:74:43:b7:f0:4c:46:05:8c:75:
c5:92:c5:9c:fe:6e:e6:2f:f1:b0:cf:d1:c9:84:5a:08:40:0f:
07:5a:27:20:9e:46:87:c3:76:f4:e9:18:ce:76:33:8e:e9:be:
23:18:44:37:c3:53:34:84:bb:8e:8b:37:e9:54:cd:5a:35:bb:
26:56:7c:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0Pvc55y+aSj2+lWbefmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjUxMTA1MDcwMDE4WhcNMjUxMTA2MDcwMDE4WjAzMTEwLwYDVQQD
EygyZDA2OGRhZmM4NzdiODhiNTFmZjY2OTFiMDIxZDIzZGVjZTRmNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6mPTBvds+V7C39vmX+Qilq6jVW1
AA7uNQ7TKkwsCBQK2k+Ilv92L6Qp32A5AnzfMNaUWfom4sN8bi3V2Vkrq3QVN1E4
r8hv1q3sdBycw1Q6l9eLsm8QOcdN/TEeJqEwI/YRZaQC88K9NbLrQGNthNY7LLYe
a5iej4Z1q+Lm8MQuh6BK+4p8wwV+sqmzGu3OviJLradxs96qmfwyCCCNsnyH1PaR
p6vHIWBoL/sU4RZGgaLEQXLavew/khj0D50WLIeXJrDdHyq7U23ilayjuJzzNFby
NNnmmad99hurH1+ZaiVLYF8MokdTBMm9XFYSy0F5kyQPEFSQ0Jhnw7EhzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0Gja/Id7iLUf9mkbAh0j3s5PTFMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHwhpvEZT
ZFUVQOrOVfKt5whB1sScLDN03hZA/TrASzF4nlZtzpezn9g3x03CmyA2oSv/WNmK
4dGc5c2qgcnTO1rLQLPdaBm2fL9+imfjg1KAwOyrPA/2yxc5acNxEkzmsmlptZOA
q4SElW3wOFYlHltWB1Yknhkn6Hl9wrt049Gtvf1uy0k2I21JV42/F40JDeeOlby6
vBUV5IfbJmm7NqjUneQCYDCRje/C/fpdYEQ0Yvhz+qXFCe7S3fHUdEO38ExGBYx1
xZLFnP5u5i/xsM/RyYRaCEAPB1onIJ5Gh8N29OkYznYzjum+IxhEN8NTNIS7jos3
6VTNWjW7JlZ8NQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:20:56 2025 by rpki-client