Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
File: _RHEZUr3AuWW61DRP6SG202bzgo.mft (raw, json)
Hash identifier: srMhgUSNSgMIPUg80UVsGFBTJEcUakxh1ZTIubPeeo8=
Subject key identifier: 0A:CA:E9:BB:66:C6:62:A8:AD:75:CF:5D:30:17:E8:C7:73:47:12:FD
Authority key identifier: FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
Certificate issuer: /CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Certificate serial: 019A4EF515F470FB8E3287B3EC4EA1972B3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 13:01:15 +0000
Manifest this update: Tue 04 Nov 2025 13:01:15 +0000
Manifest next update: Wed 05 Nov 2025 13:01:15 +0000
Files and hashes: 1: W3jKuxB_RcgliKc6SOrb-E9lQW4.roa (hash: flRFJj0cuA1GRJx+AJmEhdqQRbsG/XKga+ETKIMZCEI=)
2: _RHEZUr3AuWW61DRP6SG202bzgo.crl (hash: PjXOk+2nXprrS7+3JSs/iIh6EO/nS4cGy01Ytnpw4Aw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:15:f4:70:fb:8e:32:87:b3:ec:4e:a1:97:2b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Validity
Not Before: Nov 4 13:01:15 2025 GMT
Not After : Nov 5 13:01:15 2025 GMT
Subject: CN=0acae9bb66c662a8ad75cf5d3017e8c7734712fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bc:f3:d5:a4:8d:01:1f:fb:26:5c:b6:f8:94:
a2:5b:49:7d:15:5e:bb:27:01:5e:62:96:1b:19:95:
59:7e:22:c2:43:d7:c7:7c:88:fe:81:d7:6d:92:06:
12:49:84:e8:95:2e:19:48:0b:cb:de:e2:5a:22:02:
3f:87:cd:54:34:86:55:1d:67:d3:b9:49:56:17:bb:
43:bc:ec:55:4f:35:c2:b3:c5:f2:b7:3c:20:aa:59:
7a:10:f7:b1:05:82:95:53:c5:60:41:5b:08:20:ff:
28:e4:ce:2f:d8:45:ec:a1:ca:2a:4f:37:c3:8c:6c:
16:59:ef:2b:87:03:00:e6:d4:c1:5d:50:8b:a2:14:
ce:59:5e:56:cd:31:47:18:a0:8b:b9:8c:f9:f9:4c:
de:3c:ba:ae:6f:38:d8:52:4e:1f:ee:87:2b:1f:1b:
92:3e:36:93:6f:f5:19:76:8e:50:75:aa:bb:7b:8f:
eb:fc:0c:6b:3e:f1:ca:46:68:a5:78:63:ed:8a:5d:
dc:b4:cd:99:e7:ad:49:1f:db:9f:4b:de:b0:14:dc:
1c:57:f7:e9:77:38:16:cd:7c:68:78:a5:f7:01:f0:
91:12:33:27:c7:c8:fe:a8:c6:32:16:60:d8:66:3b:
21:7d:8e:c1:8b:2c:18:c4:1d:29:9c:1e:82:38:ad:
cb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CA:E9:BB:66:C6:62:A8:AD:75:CF:5D:30:17:E8:C7:73:47:12:FD
X509v3 Authority Key Identifier:
keyid:FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:1a:32:32:7c:0a:97:ab:43:c8:09:6d:81:1e:65:8c:db:1a:
8e:3e:79:a6:6f:8d:5a:0d:99:a7:09:57:d6:ed:9c:b7:a7:7d:
71:d0:f6:dd:0c:6c:d1:9d:9e:f6:06:52:62:2f:e0:c0:2c:9e:
70:ff:ef:ce:3d:ab:c7:8e:cb:d1:99:2a:0f:2a:cc:ad:4e:df:
9f:ca:98:53:d4:5f:3c:4e:06:fa:9f:2b:70:f3:c6:08:58:9d:
d3:44:e7:b5:79:2d:24:9f:04:df:56:d3:6f:af:de:4c:be:bf:
78:a7:b8:90:8c:8b:42:71:a4:34:56:6e:a9:ec:73:ac:0c:46:
0f:41:ae:31:b1:a6:f7:67:22:25:f5:09:5e:1c:fa:eb:0b:1e:
cd:8e:c7:33:6a:0b:81:11:7f:c8:c5:07:da:44:49:fa:ad:fd:
1a:2d:e6:83:b8:a0:11:4e:e9:5f:87:e1:59:10:fc:d6:93:3d:
06:5a:54:1f:85:e9:7d:35:c5:12:08:f2:d9:db:15:c3:0e:9d:
31:81:31:57:8a:24:9b:68:c2:4b:1c:d1:bf:d1:97:ec:a4:e1:
c7:bd:cf:cf:be:9e:0f:00:31:c0:e3:65:1f:3b:26:3b:66:18:
aa:b3:45:d5:36:28:f4:71:49:1a:39:51:94:b4:29:d4:16:b9:
fc:a4:41:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9RX0cPuOMoez7E6hlys+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTFjNDY1NGFmNzAyZTU5NmViNTBkMTNmYTQ4NmRiNGQ5
YmNlMGEwHhcNMjUxMTA0MTMwMTE1WhcNMjUxMTA1MTMwMTE1WjAzMTEwLwYDVQQD
EygwYWNhZTliYjY2YzY2MmE4YWQ3NWNmNWQzMDE3ZThjNzczNDcxMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrzz1aSNAR/7Jly2+JSiW0l9FV67
JwFeYpYbGZVZfiLCQ9fHfIj+gddtkgYSSYTolS4ZSAvL3uJaIgI/h81UNIZVHWfT
uUlWF7tDvOxVTzXCs8Xytzwgqll6EPexBYKVU8VgQVsIIP8o5M4v2EXsocoqTzfD
jGwWWe8rhwMA5tTBXVCLohTOWV5WzTFHGKCLuYz5+UzePLqubzjYUk4f7ocrHxuS
PjaTb/UZdo5Qdaq7e4/r/AxrPvHKRmileGPtil3ctM2Z561JH9ufS96wFNwcV/fp
dzgWzXxoeKX3AfCREjMnx8j+qMYyFmDYZjshfY7BiywYxB0pnB6COK3LfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArK6btmxmKorXXPXTAX6MdzRxL9MB8GA1UdIwQY
MBaAFP0RxGVK9wLllutQ0T+khttNm84KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQt
Yzk1M2UzMzk4YzYzLzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQtYzk1M2UzMzk4YzYz
LzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAERoyMnwK
l6tDyAltgR5ljNsajj55pm+NWg2ZpwlX1u2ct6d9cdD23Qxs0Z2e9gZSYi/gwCye
cP/vzj2rx47L0ZkqDyrMrU7fn8qYU9RfPE4G+p8rcPPGCFid00TntXktJJ8E31bT
b6/eTL6/eKe4kIyLQnGkNFZuqexzrAxGD0GuMbGm92ciJfUJXhz66wsezY7HM2oL
gRF/yMUH2kRJ+q39Gi3mg7igEU7pX4fhWRD81pM9BlpUH4XpfTXFEgjy2dsVww6d
MYExV4okm2jCSxzRv9GX7KThx73Pz76eDwAxwONlHzsmO2YYqrNF1TYo9HFJGjlR
lLQp1Ba5/KRBpA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:51:10 2025 by rpki-client