Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json)
Hash identifier: h4yFJVrvEWnD8mSvnlfbcDHjU2S417hzQ8iyMzM/7TM=
Subject key identifier: AA:66:97:A5:76:D7:FE:A0:9C:50:F1:0D:9C:8B:74:7D:B7:0F:2F:3A
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 019A4E18FAF371DE8CA6842091813269B06A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
Manifest number: 120D
Signing time: Tue 04 Nov 2025 09:00:51 +0000
Manifest this update: Tue 04 Nov 2025 09:00:51 +0000
Manifest next update: Wed 05 Nov 2025 09:00:51 +0000
Files and hashes: 1: ZjB1G19DDx_6Q5oScLG5jMaC8XA.roa (hash: 7/c0oLP47xBtzbpIYR3dJCRfL58YizRnGJk+IU5Vsgc=)
2: bckQXnbwfKXBuJ2fgXGJ6V-6Qfk.roa (hash: v7e6EIu7w13jemXrMUjQBx6+ZKi093MMCQO7o8uB3rY=)
3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: vRtnhklREzpsZl5tkXl2o8XvTGt7sRAeAYDNfWAqGdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:fa:f3:71:de:8c:a6:84:20:91:81:32:69:b0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Nov 4 09:00:51 2025 GMT
Not After : Nov 5 09:00:51 2025 GMT
Subject: CN=aa6697a576d7fea09c50f10d9c8b747db70f2f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:f2:40:bb:5a:19:49:a2:ff:ec:77:ab:c8:
3a:d0:5e:da:82:2a:cb:83:e0:97:55:f9:2c:b3:12:
cf:a1:cc:0a:64:56:61:7a:e0:03:f6:59:15:37:5d:
5f:f3:88:7c:4a:09:62:97:c0:5e:6b:9f:24:2d:43:
ea:8d:f7:5b:cf:f7:e0:7d:6b:31:f7:19:1d:fb:1f:
0c:52:6f:fb:2d:20:14:3e:e6:8b:02:40:1e:30:6b:
36:f0:90:56:a6:a4:38:28:e5:d6:8a:85:e7:10:ed:
8b:8e:c2:18:dd:83:7f:b2:21:45:e9:3a:82:70:b8:
8f:7f:5f:9d:df:d5:f2:e7:1b:53:95:43:f8:9b:e4:
5d:73:03:0f:dd:da:18:eb:3a:c6:c6:58:f0:cd:c7:
31:5f:c7:6c:8a:e8:5f:f7:c9:b0:94:52:48:12:56:
0b:71:ba:e2:23:78:1b:c9:29:0b:4e:9b:28:fe:3a:
65:5c:6e:60:88:d6:ae:7f:b4:d1:88:29:7a:d1:95:
67:38:09:ac:1a:10:28:94:d4:f0:2f:d2:b6:ac:8d:
ba:20:60:21:24:ee:b0:32:37:d2:91:b0:58:d5:9d:
3e:25:71:5e:0c:4f:22:45:a9:21:13:8f:03:26:12:
9b:87:d8:bd:af:8b:bb:f4:e8:62:ef:a7:cf:02:e9:
76:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:66:97:A5:76:D7:FE:A0:9C:50:F1:0D:9C:8B:74:7D:B7:0F:2F:3A
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:3b:9f:bc:46:02:48:68:56:8f:d2:63:d0:24:64:ff:21:55:
4c:d2:17:86:3b:63:ef:fc:99:fc:29:81:2c:75:30:c7:f5:1a:
64:99:d0:ce:56:6e:fa:75:07:20:0e:c5:3e:43:ef:06:01:64:
02:14:0a:30:3b:24:53:b2:dd:35:46:b2:2f:b8:81:ca:a2:77:
59:8d:80:7b:3e:87:14:84:16:15:29:2d:0d:f5:38:ab:30:e7:
e7:10:a4:34:14:69:80:e4:c7:53:bc:1a:45:99:32:6e:7d:8e:
b7:b9:38:aa:21:ab:81:d7:e9:91:de:e0:22:ff:92:b4:ba:6a:
cd:fc:18:96:e9:8f:31:e1:3e:f1:3c:30:3a:28:a6:e3:dc:11:
bb:e2:9d:61:da:9a:51:46:ca:11:ac:bd:6b:14:82:e2:35:04:
27:94:14:e4:3f:02:37:93:f9:85:85:ac:88:8c:e2:e4:87:8a:
ea:8b:2a:f9:b4:5e:d5:9d:d6:37:f7:70:3d:39:84:de:14:55:
d8:83:cf:63:d2:26:63:0e:5b:f0:78:43:05:4b:d3:5b:a0:b5:
cd:f6:bd:f7:6d:fc:60:a5:2d:7d:12:bc:57:35:fe:44:9e:6a:
2f:29:fe:3e:2f:ac:99:f6:ff:4e:3d:6e:4f:9c:39:96:78:1a:
cc:b1:8b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGPrzcd6MpoQgkYEyabBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjUxMTA0MDkwMDUxWhcNMjUxMTA1MDkwMDUxWjAzMTEwLwYDVQQD
EyhhYTY2OTdhNTc2ZDdmZWEwOWM1MGYxMGQ5YzhiNzQ3ZGI3MGYyZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLjyQLtaGUmi/+x3q8g60F7agirL
g+CXVfkssxLPocwKZFZheuAD9lkVN11f84h8Sglil8Bea58kLUPqjfdbz/fgfWsx
9xkd+x8MUm/7LSAUPuaLAkAeMGs28JBWpqQ4KOXWioXnEO2LjsIY3YN/siFF6TqC
cLiPf1+d39Xy5xtTlUP4m+RdcwMP3doY6zrGxljwzccxX8dsiuhf98mwlFJIElYL
cbriI3gbySkLTpso/jplXG5giNauf7TRiCl60ZVnOAmsGhAolNTwL9K2rI26IGAh
JO6wMjfSkbBY1Z0+JXFeDE8iRakhE48DJhKbh9i9r4u79Ohi76fPAul29wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpml6V21/6gnFDxDZyLdH23Dy86MB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGzufvEYC
SGhWj9Jj0CRk/yFVTNIXhjtj7/yZ/CmBLHUwx/UaZJnQzlZu+nUHIA7FPkPvBgFk
AhQKMDskU7LdNUayL7iByqJ3WY2Aez6HFIQWFSktDfU4qzDn5xCkNBRpgOTHU7wa
RZkybn2Ot7k4qiGrgdfpkd7gIv+StLpqzfwYlumPMeE+8TwwOiim49wRu+KdYdqa
UUbKEay9axSC4jUEJ5QU5D8CN5P5hYWsiIzi5IeK6osq+bRe1Z3WN/dwPTmE3hRV
2IPPY9ImYw5b8HhDBUvTW6C1zfa99238YKUtfRK8VzX+RJ5qLyn+Pi+smfb/Tj1u
T5w5lngazLGLDQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:06:24 2025 by rpki-client