Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft
File: VmHZZN9KhtuP-5mqiVgtpoowkIw.mft (raw, json)
Hash identifier: 2CdmBMro23qRxo/Cedw6bnFAqEAYDMjJSbhvWC4wF20=
Subject key identifier: 22:4B:19:99:A6:5B:A8:8B:7E:52:3D:CE:68:D4:8F:08:A4:2F:EB:4D
Authority key identifier: 56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C
Certificate issuer: /CN=5661d964df4a86db8ffb99aa89582da68a30908c
Certificate serial: 019A53E414B018F198745A4AAB8DAA3DBE5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft
Manifest number: 02A5
Signing time: Wed 05 Nov 2025 12:00:47 +0000
Manifest this update: Wed 05 Nov 2025 12:00:47 +0000
Manifest next update: Thu 06 Nov 2025 12:00:47 +0000
Files and hashes: 1: VmHZZN9KhtuP-5mqiVgtpoowkIw.crl (hash: 5cDBazBiEJRNKHNC36450xtKdjrdirntSMK+S4CET3U=)
2: xMdRmutHFokxkkQckhp-estBVrY.roa (hash: B+GeVyXFQ8LdKQlX7fXVWpcWBfpc+XAscpHvCnfEhnA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:14:b0:18:f1:98:74:5a:4a:ab:8d:aa:3d:be:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5661d964df4a86db8ffb99aa89582da68a30908c
Validity
Not Before: Nov 5 12:00:47 2025 GMT
Not After : Nov 6 12:00:47 2025 GMT
Subject: CN=224b1999a65ba88b7e523dce68d48f08a42feb4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fa:2d:7e:27:d4:66:63:78:7f:9e:00:11:6e:
6f:01:18:d5:4c:76:52:54:65:2e:e6:e1:68:33:48:
6b:4c:29:20:8a:de:93:a6:b8:10:68:c8:48:99:5f:
aa:73:f2:2b:f2:6e:df:dc:e1:e8:39:1b:36:30:84:
19:f6:93:e1:09:76:2e:e5:b9:8e:7b:8d:c0:35:6d:
e7:3f:8d:97:4d:3a:3e:95:53:5a:ef:f4:7c:e7:b4:
e6:4d:54:d3:22:14:70:19:71:16:c7:e6:7f:ec:91:
48:cb:b1:4c:4e:d7:dd:39:90:2f:66:d3:4d:fb:3b:
d2:eb:7e:c2:f5:96:8e:a2:82:18:b0:29:2c:65:65:
af:e3:13:0a:da:8d:3b:d5:56:0e:13:aa:2d:49:1c:
d5:10:50:74:47:da:85:10:b3:d3:a0:1d:c5:99:42:
2e:63:7c:f0:c6:75:1c:e4:e5:7c:78:16:b1:9c:9f:
41:2d:dd:2d:2e:1a:d1:07:38:38:0d:48:48:ef:af:
78:d0:da:e0:ba:f0:ce:61:7c:a5:11:50:0a:e3:25:
d6:f6:98:e7:24:0f:d5:73:48:91:c7:51:99:5b:04:
bd:83:68:bf:48:d5:fa:66:80:2e:3d:68:2b:fe:da:
28:6e:d7:d7:1a:2e:31:3e:c3:84:6c:50:6b:d0:fa:
89:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:4B:19:99:A6:5B:A8:8B:7E:52:3D:CE:68:D4:8F:08:A4:2F:EB:4D
X509v3 Authority Key Identifier:
keyid:56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:35:41:6f:6e:fe:8b:e8:01:36:0c:d9:22:94:01:97:5e:88:
46:69:73:e4:05:eb:86:94:19:98:54:35:a5:85:0d:6c:ba:60:
be:ad:44:2b:4f:7d:1b:2c:ed:a0:31:d6:68:3a:48:51:5c:92:
86:26:72:94:9b:eb:af:28:5c:6f:82:67:0b:4d:90:71:1c:03:
17:cf:70:2a:5a:3c:e5:9c:a5:0a:d4:c2:89:2a:27:1a:02:99:
2e:01:62:a8:c8:4d:18:26:52:1d:ce:8b:f0:01:9b:39:a4:20:
ae:68:8e:6b:11:dc:be:9b:89:3e:54:29:9b:d2:68:95:7d:89:
b1:1f:c1:3a:5a:f4:95:61:fa:3d:62:b9:c1:a6:a6:cb:96:fb:
3c:25:41:54:a3:03:8d:36:d8:10:58:f2:ae:63:2e:f6:d8:43:
cd:c8:72:c3:b9:c1:9c:2a:79:9f:56:62:10:9d:00:9b:f9:5e:
4e:40:a0:c8:f3:be:0f:05:14:0e:f8:cd:90:83:3a:2f:5d:88:
30:64:ce:43:b0:f9:14:32:4a:b9:98:a9:cb:7e:83:09:ab:79:
cf:12:0d:e7:61:ed:70:fe:f9:30:b0:6c:ed:40:2c:36:e2:46:
06:ff:ce:6a:7a:df:b8:c2:48:36:75:2b:31:76:a5:4e:3e:42:
e6:dd:3f:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5BSwGPGYdFpKq42qPb5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NjFkOTY0ZGY0YTg2ZGI4ZmZiOTlhYTg5NTgyZGE2OGEz
MDkwOGMwHhcNMjUxMTA1MTIwMDQ3WhcNMjUxMTA2MTIwMDQ3WjAzMTEwLwYDVQQD
EygyMjRiMTk5OWE2NWJhODhiN2U1MjNkY2U2OGQ0OGYwOGE0MmZlYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfotfifUZmN4f54AEW5vARjVTHZS
VGUu5uFoM0hrTCkgit6TprgQaMhImV+qc/Ir8m7f3OHoORs2MIQZ9pPhCXYu5bmO
e43ANW3nP42XTTo+lVNa7/R857TmTVTTIhRwGXEWx+Z/7JFIy7FMTtfdOZAvZtNN
+zvS637C9ZaOooIYsCksZWWv4xMK2o071VYOE6otSRzVEFB0R9qFELPToB3FmUIu
Y3zwxnUc5OV8eBaxnJ9BLd0tLhrRBzg4DUhI76940NrguvDOYXylEVAK4yXW9pjn
JA/Vc0iRx1GZWwS9g2i/SNX6ZoAuPWgr/toobtfXGi4xPsOEbFBr0PqJxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJLGZmmW6iLflI9zmjUjwikL+tNMB8GA1UdIwQY
MBaAFFZh2WTfSobbj/uZqolYLaaKMJCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYt
M2Q0MzliN2NkZTcyLzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYtM2Q0MzliN2NkZTcy
LzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjVBb27+
i+gBNgzZIpQBl16IRmlz5AXrhpQZmFQ1pYUNbLpgvq1EK099GyztoDHWaDpIUVyS
hiZylJvrryhcb4JnC02QcRwDF89wKlo85ZylCtTCiSonGgKZLgFiqMhNGCZSHc6L
8AGbOaQgrmiOaxHcvpuJPlQpm9JolX2JsR/BOlr0lWH6PWK5waamy5b7PCVBVKMD
jTbYEFjyrmMu9thDzchyw7nBnCp5n1ZiEJ0Am/leTkCgyPO+DwUUDvjNkIM6L12I
MGTOQ7D5FDJKuZipy36DCat5zxIN52HtcP75MLBs7UAsNuJGBv/OanrfuMJINnUr
MXalTj5C5t0/3A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:31:59 2025 by rpki-client