Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
File: h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft (raw, json)
Hash identifier: fTLXxfz7VNeN4rW29kONyr1PS7Dv4lP47vQN0MZ5pEM=
Subject key identifier: E4:9D:C7:52:3F:7E:13:D4:93:65:AB:7A:A0:B8:C1:91:15:C2:A2:2B
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 019A4E86B4B817432F447C2863211B7281E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 11:00:42 +0000
Manifest this update: Tue 04 Nov 2025 11:00:42 +0000
Manifest next update: Wed 05 Nov 2025 11:00:42 +0000
Files and hashes: 1: Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa (hash: 9IdU4NLUHr5S9QPXNXQfwW6+YPaEhUYFtSNkpxSH/2Q=)
2: h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl (hash: s5Cebt6fCGIYa4PMRgutpUrGr9Q5uqh18RVLLfGSPJE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:b4:b8:17:43:2f:44:7c:28:63:21:1b:72:81:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Nov 4 11:00:42 2025 GMT
Not After : Nov 5 11:00:42 2025 GMT
Subject: CN=e49dc7523f7e13d49365ab7aa0b8c19115c2a22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:14:51:7e:ca:46:23:0e:e1:7c:c4:b7:39:bd:
73:fa:54:3f:c1:42:e4:ca:9c:74:e1:88:28:5a:ab:
63:f1:3f:08:6c:58:6b:7e:64:07:4f:ec:07:41:f6:
01:d3:fc:12:29:3a:54:ba:4b:47:bc:67:ce:71:2f:
b5:4f:72:5b:ef:57:88:f2:90:ec:d9:3c:a5:3d:41:
b6:a2:99:6f:35:c1:ef:56:94:cd:18:da:a1:1c:b2:
81:ac:67:9e:06:cd:fb:14:23:43:e6:06:16:92:d2:
f4:89:a2:40:3a:20:f5:2d:44:b9:21:7e:7a:3b:06:
94:18:47:8e:9a:43:18:c7:e5:9a:d8:72:5d:39:c3:
b4:73:4d:0d:e0:19:5c:b5:a3:fc:ad:0e:7d:c1:b3:
fa:d8:00:3f:5d:91:6d:a7:8b:1e:c3:b5:68:05:b9:
ca:73:da:29:95:68:13:de:d5:62:11:1c:8b:0b:93:
d7:8f:80:97:f0:3d:ba:91:fe:b5:fa:c6:bc:b7:a9:
4e:37:f7:95:f4:3a:5d:6f:5e:59:b6:8b:8c:7d:88:
4d:70:8d:ae:b4:c7:8e:78:09:2d:81:62:51:af:f4:
45:b2:95:35:d5:52:0e:b0:b9:f0:6c:58:99:65:3f:
b4:e1:a8:4e:de:88:3b:66:75:f0:99:95:1e:2e:1c:
35:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9D:C7:52:3F:7E:13:D4:93:65:AB:7A:A0:B8:C1:91:15:C2:A2:2B
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:d5:d4:02:6c:c5:14:9f:f9:7f:a3:3b:8b:27:2d:8e:9d:bd:
2a:52:b3:43:8a:2e:71:81:61:6b:8f:d8:e0:31:0c:97:b1:5b:
d9:af:d7:40:a1:4b:54:78:25:c3:39:60:2d:1a:a2:9d:69:a9:
2c:d5:43:2a:96:24:87:9f:e6:c8:ce:61:72:56:7a:6d:eb:8c:
6e:93:c8:2f:59:7a:f6:0b:3c:47:9a:fb:47:4b:a2:8d:f7:1b:
b6:d1:6b:ca:61:c9:94:3b:4f:63:b0:da:34:d6:25:2c:37:48:
d7:6a:f8:46:7f:84:1a:72:b4:06:4d:94:15:47:b8:4d:19:47:
5e:ee:2e:e7:63:5f:79:9d:9a:75:ad:2e:14:96:07:c8:21:fc:
3a:09:12:02:02:55:4b:a4:61:b3:17:ef:52:a7:3d:c9:9d:f7:
6e:b4:19:f2:b4:fd:38:a1:09:0d:94:f9:98:12:e7:5e:c0:03:
65:2e:69:35:2d:e5:32:cb:76:86:82:2b:bd:37:74:2a:d6:dc:
78:0e:79:ce:b3:65:d1:e9:95:33:47:c7:72:36:7c:a8:70:ec:
f0:00:1a:7e:29:2c:6a:6c:f1:b5:c6:00:41:a7:d3:d6:b1:a5:
fe:81:df:3d:e0:b2:cb:6c:65:df:87:98:a3:0a:fd:06:77:d4:
27:68:f3:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhrS4F0MvRHwoYyEbcoHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjUxMTA0MTEwMDQyWhcNMjUxMTA1MTEwMDQyWjAzMTEwLwYDVQQD
EyhlNDlkYzc1MjNmN2UxM2Q0OTM2NWFiN2FhMGI4YzE5MTE1YzJhMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xRRfspGIw7hfMS3Ob1z+lQ/wULk
ypx04YgoWqtj8T8IbFhrfmQHT+wHQfYB0/wSKTpUuktHvGfOcS+1T3Jb71eI8pDs
2TylPUG2oplvNcHvVpTNGNqhHLKBrGeeBs37FCND5gYWktL0iaJAOiD1LUS5IX56
OwaUGEeOmkMYx+Wa2HJdOcO0c00N4BlctaP8rQ59wbP62AA/XZFtp4sew7VoBbnK
c9oplWgT3tViERyLC5PXj4CX8D26kf61+sa8t6lON/eV9Dpdb15ZtouMfYhNcI2u
tMeOeAktgWJRr/RFspU11VIOsLnwbFiZZT+04ahO3og7ZnXwmZUeLhw1FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSdx1I/fhPUk2WreqC4wZEVwqIrMB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG9XUAmzF
FJ/5f6M7iyctjp29KlKzQ4oucYFha4/Y4DEMl7Fb2a/XQKFLVHglwzlgLRqinWmp
LNVDKpYkh5/myM5hclZ6beuMbpPIL1l69gs8R5r7R0uijfcbttFrymHJlDtPY7Da
NNYlLDdI12r4Rn+EGnK0Bk2UFUe4TRlHXu4u52NfeZ2ada0uFJYHyCH8OgkSAgJV
S6RhsxfvUqc9yZ33brQZ8rT9OKEJDZT5mBLnXsADZS5pNS3lMst2hoIrvTd0Ktbc
eA55zrNl0emVM0fHcjZ8qHDs8AAafiksamzxtcYAQafT1rGl/oHfPeCyy2xl34eY
owr9BnfUJ2jz9A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:36:17 2025 by rpki-client