Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
File: hTodtQq3cdy1KTZ92VGmfKzEhSc.mft (raw, json)
Hash identifier: 65w0sEmhK/spkBqn6ykAYZbcSMGD3zFIK9TWl5asYXg=
Subject key identifier: FD:B5:2F:78:57:1B:09:25:3D:7D:5C:EE:0A:CA:70:AC:48:D8:25:CB
Authority key identifier: 85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
Certificate issuer: /CN=853a1db50ab771dcb529367dd951a67cacc48527
Certificate serial: 019A4F99593EA10692F48EAEA3A6D4C62005
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 16:00:41 +0000
Manifest this update: Tue 04 Nov 2025 16:00:41 +0000
Manifest next update: Wed 05 Nov 2025 16:00:41 +0000
Files and hashes: 1: KFxs769oKYSlN9E-IJj7uVI5-Jk.roa (hash: oeJ8lNpcZ8slOJ+v6lew9m45/w6Rj6vHO1zS6reB6dA=)
2: hTodtQq3cdy1KTZ92VGmfKzEhSc.crl (hash: 3RjxuNM3HH2rOa4pbatdjJvCdL1biyUqLFDILLmNk6I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:59:3e:a1:06:92:f4:8e:ae:a3:a6:d4:c6:20:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=853a1db50ab771dcb529367dd951a67cacc48527
Validity
Not Before: Nov 4 16:00:41 2025 GMT
Not After : Nov 5 16:00:41 2025 GMT
Subject: CN=fdb52f78571b09253d7d5cee0aca70ac48d825cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:92:c2:0b:b0:1e:f7:22:7f:a8:1a:84:ae:33:
56:18:d3:23:ee:95:d9:55:db:85:c4:61:03:e1:ea:
7a:2f:24:4b:6a:01:9b:bb:46:b3:56:b2:2c:44:7c:
e4:44:bd:44:d7:43:98:bd:9a:91:cf:61:42:ba:0c:
7d:76:ad:77:4d:0b:25:80:1f:50:54:03:a0:e1:54:
ca:ec:89:ab:e1:74:0c:d8:d7:26:ae:16:9d:6e:c8:
62:46:92:98:fa:9e:8c:1e:9f:b7:e0:5f:e7:6e:71:
2a:2d:05:82:c0:4f:5d:6e:03:01:3a:9b:f6:39:4a:
b7:88:30:2e:11:04:62:bb:30:95:f2:85:6d:31:19:
a6:19:a9:6f:c9:28:fe:2d:4c:3e:07:2b:9d:e8:26:
5f:20:7a:66:67:ec:8f:9b:e8:a5:f9:bb:c2:4c:e4:
89:a2:e2:a8:7b:e9:c9:b1:ff:1e:67:6e:25:9e:6f:
a3:71:69:e8:9f:5a:29:6b:10:0f:e4:63:95:89:60:
8c:74:25:19:83:09:3c:b1:2c:20:46:f6:46:86:50:
00:57:5d:2d:6e:93:6d:fb:f1:b3:fd:68:31:f6:0f:
97:07:a2:20:b5:4a:75:ca:81:a4:0b:ed:84:56:6c:
b1:f8:39:e9:13:41:3d:bd:8c:2c:02:b5:4a:d9:95:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B5:2F:78:57:1B:09:25:3D:7D:5C:EE:0A:CA:70:AC:48:D8:25:CB
X509v3 Authority Key Identifier:
keyid:85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:2c:9c:1e:50:47:41:01:bf:60:31:df:8a:65:6c:e7:07:86:
d9:bf:a6:9f:ac:bc:3e:62:0e:17:05:48:a1:ad:28:fc:c5:b7:
55:63:27:83:fd:89:85:3d:73:3b:25:39:df:f4:ff:79:f9:bf:
a2:cd:da:ec:33:eb:d5:98:c4:d6:4e:2d:0d:dc:8d:1c:86:59:
29:56:ce:aa:42:26:22:3b:78:c4:fb:65:e2:da:5b:bd:6e:fc:
fe:77:8c:4f:ab:03:e7:01:15:b7:88:c3:83:ab:6d:3d:78:72:
7d:a4:14:08:e1:f0:e9:b0:ce:d3:c6:92:ad:ea:3d:1f:84:10:
18:fb:00:08:be:f7:c7:25:0a:b2:7f:1a:1b:84:49:86:7a:5f:
2d:ab:ff:68:52:8e:8a:a5:09:08:ab:45:12:0a:cf:c5:df:4d:
97:7a:8a:9b:a5:19:13:ec:82:74:a7:55:8b:59:00:b6:4e:50:
83:80:b8:1d:18:2d:a1:8e:db:28:93:67:df:04:7a:90:86:2a:
fd:c9:e1:58:bb:5e:6a:f7:1c:2f:b9:60:91:97:be:ce:d6:89:
7c:69:60:1d:78:18:ed:5c:c8:35:6f:51:87:01:63:78:f3:b2:
a0:e4:06:6e:91:ff:ac:e4:7a:58:e4:51:94:9c:9d:26:3b:18:
ac:92:88:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmVk+oQaS9I6uo6bUxiAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2ExZGI1MGFiNzcxZGNiNTI5MzY3ZGQ5NTFhNjdjYWNj
NDg1MjcwHhcNMjUxMTA0MTYwMDQxWhcNMjUxMTA1MTYwMDQxWjAzMTEwLwYDVQQD
EyhmZGI1MmY3ODU3MWIwOTI1M2Q3ZDVjZWUwYWNhNzBhYzQ4ZDgyNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/ZLCC7Ae9yJ/qBqErjNWGNMj7pXZ
VduFxGED4ep6LyRLagGbu0azVrIsRHzkRL1E10OYvZqRz2FCugx9dq13TQslgB9Q
VAOg4VTK7Imr4XQM2NcmrhadbshiRpKY+p6MHp+34F/nbnEqLQWCwE9dbgMBOpv2
OUq3iDAuEQRiuzCV8oVtMRmmGalvySj+LUw+Byud6CZfIHpmZ+yPm+il+bvCTOSJ
ouKoe+nJsf8eZ24lnm+jcWnon1opaxAP5GOViWCMdCUZgwk8sSwgRvZGhlAAV10t
bpNt+/Gz/Wgx9g+XB6IgtUp1yoGkC+2EVmyx+DnpE0E9vYwsArVK2ZXkBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP21L3hXGwklPX1c7grKcKxI2CXLMB8GA1UdIwQY
MBaAFIU6HbUKt3HctSk2fdlRpnysxIUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgt
NzcyOTVjOWNlODY2LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgtNzcyOTVjOWNlODY2
LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKSycHlBH
QQG/YDHfimVs5weG2b+mn6y8PmIOFwVIoa0o/MW3VWMng/2JhT1zOyU53/T/efm/
os3a7DPr1ZjE1k4tDdyNHIZZKVbOqkImIjt4xPtl4tpbvW78/neMT6sD5wEVt4jD
g6ttPXhyfaQUCOHw6bDO08aSreo9H4QQGPsACL73xyUKsn8aG4RJhnpfLav/aFKO
iqUJCKtFEgrPxd9Nl3qKm6UZE+yCdKdVi1kAtk5Qg4C4HRgtoY7bKJNn3wR6kIYq
/cnhWLteavccL7lgkZe+ztaJfGlgHXgY7VzINW9RhwFjePOyoOQGbpH/rOR6WORR
lJydJjsYrJKIxg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:36:52 2025 by rpki-client