Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
File: hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft (raw, json)
Hash identifier: 9miwukjZNUojNNgT1xungQfW9ku9VqwTwXCwIPc1r8Q=
Subject key identifier: 07:DB:98:8B:69:92:76:0A:6E:6B:99:C6:7D:04:63:C5:A0:78:F8:DA
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 019A4DAAB46D2BC05CD7B3AA2AB1D16BD338
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
Manifest number: 099C
Signing time: Tue 04 Nov 2025 07:00:24 +0000
Manifest this update: Tue 04 Nov 2025 07:00:24 +0000
Manifest next update: Wed 05 Nov 2025 07:00:24 +0000
Files and hashes: 1: 5iC1C_l2xnIVtV_ynL6awoKgYMQ.roa (hash: c0Zm1e9RjgR5PBfasK6Q1TzGKpfYhKyszQz9aW+gUGA=)
2: K2099PO4iAtvBzGlnwl1axWP2hE.roa (hash: 6aTZlr/sfRYyJqs+vE8kRpR5W2QDPbSiPNBoLmmWJlA=)
3: hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl (hash: KHQHkCf4mlW3FFEBbU3HmAi5rHpPdO6f74khWKfY45w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:b4:6d:2b:c0:5c:d7:b3:aa:2a:b1:d1:6b:d3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Nov 4 07:00:24 2025 GMT
Not After : Nov 5 07:00:24 2025 GMT
Subject: CN=07db988b6992760a6e6b99c67d0463c5a078f8da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:18:08:1a:0f:55:2f:4f:74:aa:f6:f0:84:
c6:aa:27:36:80:0c:fc:c4:6e:6e:ca:c9:7b:f8:2a:
45:6e:9b:a0:a9:d1:29:23:44:ae:11:28:ce:56:5d:
74:45:6c:ca:41:31:f5:91:24:75:32:13:02:d8:7d:
22:d8:4a:c3:7b:98:29:5b:6e:db:02:de:18:41:f7:
0a:c7:ce:06:ab:7d:24:2f:bb:08:eb:a6:f9:50:2e:
da:a8:43:07:e6:13:7a:09:57:d7:ad:67:23:a9:27:
f1:eb:25:22:a8:d6:de:f6:c0:f1:fe:14:4e:33:87:
a9:56:e6:23:95:21:af:1d:c4:85:5c:d2:ed:78:e7:
cb:74:85:6b:55:89:65:30:93:e7:f4:cc:d7:e1:e7:
f9:b2:03:3f:7e:26:60:cc:5e:0e:8c:fb:b2:68:b8:
9b:93:4b:19:45:7c:25:ce:b1:2a:83:db:6d:fb:09:
58:00:78:4a:8b:91:c5:32:4a:ea:7b:b3:17:7e:cf:
dc:f6:d5:cd:f7:21:d0:13:91:b3:8d:ea:13:d3:4f:
43:dc:c1:c3:ee:d5:2d:ef:9d:17:6b:1f:0f:5f:cf:
7e:cf:e8:f6:37:17:6c:8e:26:41:e0:fa:39:a4:91:
2a:f2:05:62:9b:c5:3b:63:0b:fc:40:82:be:be:4d:
af:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DB:98:8B:69:92:76:0A:6E:6B:99:C6:7D:04:63:C5:A0:78:F8:DA
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:a8:42:3f:04:ed:82:44:f7:e9:0d:18:2a:3e:9a:de:52:6e:
af:bb:18:b3:fd:b1:b8:45:20:3a:b9:9c:3e:3e:a3:77:0a:54:
7e:0f:ba:02:67:69:2a:90:3a:90:3a:4e:63:1a:cb:2a:96:f1:
d4:28:ef:ec:9b:bc:36:41:9e:50:2b:aa:3c:00:61:05:a5:46:
c1:7a:0c:88:b3:bd:ee:b8:65:15:a4:7c:e4:ce:c4:51:2b:dd:
4f:e1:6c:19:7c:78:06:22:bc:63:81:26:8f:41:8c:fa:33:86:
8e:88:cc:b5:4e:19:d3:a9:21:a9:e7:39:b1:fc:2f:85:82:96:
24:9e:64:ca:fa:6d:30:e6:a4:03:ba:35:5c:d7:99:f5:66:1e:
84:8a:b1:1a:d4:05:c6:d0:13:c7:8f:8a:dd:b6:7f:7f:08:8f:
0d:1b:5e:73:05:12:1b:a2:a8:7d:71:e3:78:8a:80:d7:b0:eb:
b0:fb:29:53:2b:6e:2c:30:b4:fe:06:d9:10:e1:e7:28:98:0d:
3f:5a:f7:d1:f0:f8:3a:d1:b5:cb:e8:81:52:91:cc:8a:90:4d:
24:e1:d5:42:39:a1:13:1d:2f:3e:76:48:d8:d0:c9:73:60:0c:
2e:a6:fb:25:a4:a6:e5:43:d8:68:5c:50:50:0e:64:34:54:b6:
0c:27:54:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqrRtK8Bc17OqKrHRa9M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjUxMTA0MDcwMDI0WhcNMjUxMTA1MDcwMDI0WjAzMTEwLwYDVQQD
EygwN2RiOTg4YjY5OTI3NjBhNmU2Yjk5YzY3ZDA0NjNjNWEwNzhmOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudQYCBoPVS9PdKr28ITGqic2gAz8
xG5uysl7+CpFbpugqdEpI0SuESjOVl10RWzKQTH1kSR1MhMC2H0i2ErDe5gpW27b
At4YQfcKx84Gq30kL7sI66b5UC7aqEMH5hN6CVfXrWcjqSfx6yUiqNbe9sDx/hRO
M4epVuYjlSGvHcSFXNLteOfLdIVrVYllMJPn9MzX4ef5sgM/fiZgzF4OjPuyaLib
k0sZRXwlzrEqg9tt+wlYAHhKi5HFMkrqe7MXfs/c9tXN9yHQE5GzjeoT009D3MHD
7tUt750Xax8PX89+z+j2NxdsjiZB4Po5pJEq8gVim8U7Ywv8QIK+vk2vdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfbmItpknYKbmuZxn0EY8WgePjaMB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKhCPwTt
gkT36Q0YKj6a3lJur7sYs/2xuEUgOrmcPj6jdwpUfg+6AmdpKpA6kDpOYxrLKpbx
1Cjv7Ju8NkGeUCuqPABhBaVGwXoMiLO97rhlFaR85M7EUSvdT+FsGXx4BiK8Y4Em
j0GM+jOGjojMtU4Z06khqec5sfwvhYKWJJ5kyvptMOakA7o1XNeZ9WYehIqxGtQF
xtATx4+K3bZ/fwiPDRtecwUSG6KofXHjeIqA17DrsPspUytuLDC0/gbZEOHnKJgN
P1r30fD4OtG1y+iBUpHMipBNJOHVQjmhEx0vPnZI2NDJc2AMLqb7JaSm5UPYaFxQ
UA5kNFS2DCdU/g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:52:34 2025 by rpki-client