Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
File: hyELNM4ALjCgpU-r-ivKxG36cig.mft (raw, json)
Hash identifier: SUd4dGZ41CC3oOJASbwSYPE3oN61rhAS/8Pf83uw6ZA=
Subject key identifier: 86:D9:BB:FB:70:14:D7:90:C2:D7:3A:4C:B3:BF:F1:10:4B:D4:76:1F
Authority key identifier: 87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
Certificate issuer: /CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Certificate serial: 019A4C9869CAA3715EA97B3FE1C8CCD814DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
Manifest number: 052A
Signing time: Tue 04 Nov 2025 02:00:48 +0000
Manifest this update: Tue 04 Nov 2025 02:00:48 +0000
Manifest next update: Wed 05 Nov 2025 02:00:48 +0000
Files and hashes: 1: Oi0Mexif2IU5YWgRrWRDGcE4Aw4.roa (hash: hcI8ATUfRYduE8yCuLSr8RsjKUn++KtzCI3lWbIhr1A=)
2: RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa (hash: YH3jUp9Z5jmgiTgvLayfiplIuhfqDKTG69/LcYMXnX0=)
3: hyELNM4ALjCgpU-r-ivKxG36cig.crl (hash: 0u8CLijOa5c3Dgfc7ucmspUzCQpGGaIuNyF9VYyGPaA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:98:69:ca:a3:71:5e:a9:7b:3f:e1:c8:cc:d8:14:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Validity
Not Before: Nov 4 02:00:48 2025 GMT
Not After : Nov 5 02:00:48 2025 GMT
Subject: CN=86d9bbfb7014d790c2d73a4cb3bff1104bd4761f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:1f:a5:1b:3c:97:6d:d9:96:81:d8:40:c5:
5d:58:6e:e3:94:49:99:f0:84:1d:24:dc:29:50:6a:
ca:d5:db:b4:65:8f:76:45:cd:ec:bb:9a:29:96:9c:
b8:9c:59:c3:3d:a8:6a:91:e4:58:cb:e9:a3:7b:bf:
4d:f6:5d:43:fe:0b:f6:9e:09:74:31:4b:12:08:79:
fe:78:d0:86:94:ab:21:e1:9c:63:56:ac:fc:a5:21:
f0:76:6a:02:bd:48:83:39:83:2b:2d:00:34:c9:bf:
ae:e7:b7:1d:20:f2:55:ee:34:88:e1:d2:87:6c:d7:
ed:06:fe:c2:18:46:14:f8:88:1f:c9:9e:63:86:e3:
3e:3b:eb:9d:55:eb:fe:9e:dc:a9:f2:a3:d6:01:c9:
48:96:8d:81:be:30:81:d9:80:56:42:57:5e:69:20:
cd:f4:29:36:23:f1:03:5f:0a:ef:3d:27:9b:89:e8:
17:de:1c:6a:bf:57:68:59:48:e6:1d:e3:43:bd:3d:
f0:a2:5f:ac:0c:0c:8e:58:d4:f5:c8:71:12:e6:c5:
ac:e1:56:ae:8a:17:80:66:6f:95:62:94:44:26:16:
9b:4b:8c:6d:d0:01:ba:5a:56:69:fc:65:1a:64:cf:
7c:b1:7e:a3:35:8d:9d:b9:3a:c1:ee:14:cb:9c:59:
87:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D9:BB:FB:70:14:D7:90:C2:D7:3A:4C:B3:BF:F1:10:4B:D4:76:1F
X509v3 Authority Key Identifier:
keyid:87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:a7:2c:77:87:55:06:ef:38:8d:13:27:ec:01:a0:c1:02:b6:
7f:1a:38:31:84:2d:55:91:38:74:97:0d:9b:f3:ec:c5:e2:bb:
c3:5c:8d:62:6d:49:47:d0:c1:e3:8a:b1:1d:ee:b0:7f:d7:72:
34:46:2f:1b:9a:16:f5:aa:25:60:c7:82:be:d6:fb:fc:4c:20:
bd:15:ab:6e:a1:86:28:36:f1:b6:ef:df:e8:22:05:de:d3:a5:
74:a0:85:f3:ae:f4:c9:7c:74:37:26:d4:8b:6b:36:c9:5d:b7:
42:de:4b:a1:5b:9e:b0:a3:bd:a3:6f:55:6e:82:1c:54:9f:c4:
72:d9:71:d6:92:d4:63:62:ce:b8:6c:93:35:57:78:73:e4:9c:
23:03:a7:0e:d4:98:99:11:18:26:fe:20:35:80:90:c4:c1:e5:
ea:0a:d1:b1:09:6a:69:4b:08:ed:4a:a5:29:82:3c:7c:e6:53:
ec:5c:3c:78:25:db:7d:cd:21:e3:31:f5:a4:dc:ff:65:62:74:
ad:d0:05:cd:a0:3c:37:84:1f:8e:48:f7:22:12:21:9e:2c:47:
ef:32:07:80:ec:45:8b:5f:ac:51:e5:39:3c:25:01:ac:1a:66:
21:75:9e:fb:5f:40:60:88:a3:24:a9:08:1f:09:65:dd:10:b9:
f1:b8:54:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMmGnKo3FeqXs/4cjM2BTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjEwYjM0Y2UwMDJlMzBhMGE1NGZhYmZhMmJjYWM0NmRm
YTcyMjgwHhcNMjUxMTA0MDIwMDQ4WhcNMjUxMTA1MDIwMDQ4WjAzMTEwLwYDVQQD
Eyg4NmQ5YmJmYjcwMTRkNzkwYzJkNzNhNGNiM2JmZjExMDRiZDQ3NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1YfpRs8l23ZloHYQMVdWG7jlEmZ
8IQdJNwpUGrK1du0ZY92Rc3su5oplpy4nFnDPahqkeRYy+mje79N9l1D/gv2ngl0
MUsSCHn+eNCGlKsh4ZxjVqz8pSHwdmoCvUiDOYMrLQA0yb+u57cdIPJV7jSI4dKH
bNftBv7CGEYU+IgfyZ5jhuM+O+udVev+ntyp8qPWAclIlo2BvjCB2YBWQldeaSDN
9Ck2I/EDXwrvPSebiegX3hxqv1doWUjmHeNDvT3wol+sDAyOWNT1yHES5sWs4Vau
iheAZm+VYpREJhabS4xt0AG6WlZp/GUaZM98sX6jNY2duTrB7hTLnFmH3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbZu/twFNeQwtc6TLO/8RBL1HYfMB8GA1UdIwQY
MBaAFIchCzTOAC4woKVPq/orysRt+nIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAt
MzY2OWQxYjU2OWQ2LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAtMzY2OWQxYjU2OWQ2
LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQacsd4dV
Bu84jRMn7AGgwQK2fxo4MYQtVZE4dJcNm/PsxeK7w1yNYm1JR9DB44qxHe6wf9dy
NEYvG5oW9aolYMeCvtb7/EwgvRWrbqGGKDbxtu/f6CIF3tOldKCF8670yXx0NybU
i2s2yV23Qt5LoVuesKO9o29VboIcVJ/Ectlx1pLUY2LOuGyTNVd4c+ScIwOnDtSY
mREYJv4gNYCQxMHl6grRsQlqaUsI7UqlKYI8fOZT7Fw8eCXbfc0h4zH1pNz/ZWJ0
rdAFzaA8N4Qfjkj3IhIhnixH7zIHgOxFi1+sUeU5PCUBrBpmIXWe+19AYIijJKkI
Hwll3RC58bhU3A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:47:43 2025 by rpki-client