Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
File: h4q7KZd6ZbFAystucqskzt3U6MU.mft (raw, json)
Hash identifier: fb5Ge9y7SfgKnLw6iwaM3RBKIet15RUWRwAi1mktGsU=
Subject key identifier: 43:91:2A:4C:C9:9B:3F:58:16:46:9D:EF:FD:6D:59:55:51:6C:3C:09
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 019A4E4FE0C91454B74E235556D6E88FA20B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
Manifest number: 03AF
Signing time: Tue 04 Nov 2025 10:00:48 +0000
Manifest this update: Tue 04 Nov 2025 10:00:48 +0000
Manifest next update: Wed 05 Nov 2025 10:00:48 +0000
Files and hashes: 1: T0aOPCX5XYSn6JrgCpyyjqzOUBs.roa (hash: Srj8f3rTN/EncvR1RaIO7Y8ZljiDCWASxMYbAln2gsk=)
2: h4q7KZd6ZbFAystucqskzt3U6MU.crl (hash: VfrPOPHniTvT+41tM1tsLNyomxfUCzrJ8N1eOuIoQY8=)
3: ppcuybJ2dVTx8Oi4Rb_BK3tcepQ.roa (hash: kVGDPxLEKz3xBW5mOWtq1nIn17YH7foWW8L0WvSguOY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:e0:c9:14:54:b7:4e:23:55:56:d6:e8:8f:a2:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Nov 4 10:00:48 2025 GMT
Not After : Nov 5 10:00:48 2025 GMT
Subject: CN=43912a4cc99b3f5816469deffd6d5955516c3c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:86:47:a5:2c:47:07:20:70:c1:02:cc:c3:0e:
6b:43:99:89:ec:32:34:5b:75:84:dc:ae:6b:5d:c3:
52:17:a5:c3:88:36:5e:3a:68:cc:0a:19:f6:45:ce:
14:d0:d3:d9:6b:c2:a7:d6:85:07:b1:a7:c2:6a:81:
75:41:e0:b4:59:c1:6a:80:85:90:9c:09:3b:d9:6e:
5e:f4:3a:6c:e2:9d:bb:14:bf:08:06:3e:95:0e:4c:
8e:17:d3:bc:0b:dc:67:19:a5:4b:9e:8b:67:ce:6b:
1c:91:33:8c:5a:8c:8f:86:30:4e:d8:b9:84:32:2e:
f9:17:72:96:2e:cd:18:75:f5:c2:12:05:78:ad:76:
15:2f:a2:c6:4c:a4:f4:bb:93:b8:e2:d8:e1:4e:a7:
5a:e2:b9:22:e1:6f:b3:c1:00:0b:bd:01:21:25:ea:
88:30:c6:8c:4f:1f:84:0f:0b:01:63:11:46:b8:bc:
81:2c:b2:0c:e7:b7:55:21:1e:6e:3b:18:41:50:fa:
5d:c2:4c:7f:e2:94:e0:3d:05:4c:63:c4:1b:b2:72:
e6:db:b1:ff:45:e2:00:28:cd:7a:fe:61:38:29:86:
c8:d6:a0:1c:4a:16:a8:9c:76:76:cf:e0:06:51:d2:
02:f6:c2:09:66:7c:93:a6:1b:09:28:d4:a4:b1:95:
2f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:91:2A:4C:C9:9B:3F:58:16:46:9D:EF:FD:6D:59:55:51:6C:3C:09
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:9d:2d:78:3a:94:e8:a1:19:25:3b:0b:b8:4c:f4:2a:ba:55:
3c:07:7f:dd:69:3e:67:55:54:d6:55:21:df:ea:48:d2:ee:0e:
c8:05:97:f8:dd:20:98:b1:d9:2d:32:59:55:16:42:c5:df:54:
0f:87:9a:b5:ed:71:5e:4e:89:64:84:de:b0:49:a7:75:12:de:
f6:0d:ce:14:a3:df:71:76:e0:af:e4:17:f5:3f:97:c2:6a:31:
8d:a1:87:0d:26:8f:fd:10:58:da:6b:92:a2:ef:b9:2f:4e:18:
45:1b:e6:53:e4:28:f8:db:34:ae:7f:5b:bd:c5:b7:d9:18:be:
35:d3:55:93:3d:6e:ef:4b:60:a8:20:d3:bc:e8:7f:d9:45:a6:
89:67:45:4f:dc:e8:d7:6f:7c:f7:63:42:c2:66:2d:18:7e:1a:
62:13:c8:2c:76:f7:8c:6b:82:e0:cd:00:34:67:5a:b7:b8:88:
48:76:ac:c7:98:d2:3f:2a:16:82:d4:d7:e3:cb:56:18:9f:a8:
ca:cf:31:24:09:8f:b6:c1:8a:4b:81:af:82:7f:42:50:fe:38:
c5:59:54:e7:e6:a3:09:74:80:ca:ce:16:04:eb:fd:16:f5:de:
07:0a:3e:8c:8a:c9:be:d2:08:b0:aa:1a:1a:c3:fa:a3:49:2f:
ae:3d:41:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT+DJFFS3TiNVVtboj6ILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUxMTA0MTAwMDQ4WhcNMjUxMTA1MTAwMDQ4WjAzMTEwLwYDVQQD
Eyg0MzkxMmE0Y2M5OWIzZjU4MTY0NjlkZWZmZDZkNTk1NTUxNmMzYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oZHpSxHByBwwQLMww5rQ5mJ7DI0
W3WE3K5rXcNSF6XDiDZeOmjMChn2Rc4U0NPZa8Kn1oUHsafCaoF1QeC0WcFqgIWQ
nAk72W5e9Dps4p27FL8IBj6VDkyOF9O8C9xnGaVLnotnzmsckTOMWoyPhjBO2LmE
Mi75F3KWLs0YdfXCEgV4rXYVL6LGTKT0u5O44tjhTqda4rki4W+zwQALvQEhJeqI
MMaMTx+EDwsBYxFGuLyBLLIM57dVIR5uOxhBUPpdwkx/4pTgPQVMY8QbsnLm27H/
ReIAKM16/mE4KYbI1qAcShaonHZ2z+AGUdIC9sIJZnyTphsJKNSksZUvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEORKkzJmz9YFkad7/1tWVVRbDwJMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQp0teDqU
6KEZJTsLuEz0KrpVPAd/3Wk+Z1VU1lUh3+pI0u4OyAWX+N0gmLHZLTJZVRZCxd9U
D4eate1xXk6JZITesEmndRLe9g3OFKPfcXbgr+QX9T+XwmoxjaGHDSaP/RBY2muS
ou+5L04YRRvmU+Qo+Ns0rn9bvcW32Ri+NdNVkz1u70tgqCDTvOh/2UWmiWdFT9zo
129892NCwmYtGH4aYhPILHb3jGuC4M0ANGdat7iISHasx5jSPyoWgtTX48tWGJ+o
ys8xJAmPtsGKS4Gvgn9CUP44xVlU5+ajCXSAys4WBOv9FvXeBwo+jIrJvtIIsKoa
GsP6o0kvrj1BRw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:58 2025 by rpki-client