Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
File: hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft (raw, json)
Hash identifier: UFkxjIHkYEsE+tifxli+q8GajODGbRBBmtZ1M/MRpFM=
Subject key identifier: 31:76:5C:96:E4:88:67:A0:CC:28:EC:03:09:CB:14:5A:6B:05:BF:EE
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 019A4F998138F37BF903EE778DE60F520BDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
Manifest number: 0D50
Signing time: Tue 04 Nov 2025 16:00:51 +0000
Manifest this update: Tue 04 Nov 2025 16:00:51 +0000
Manifest next update: Wed 05 Nov 2025 16:00:51 +0000
Files and hashes: 1: MWwCkyjKodNxojuXE4ToQXLtm5w.roa (hash: Ak0owLXzMtwfRek9KqA/lWNxi61mLQqKV5qpbUxSWP4=)
2: NLcJ1zHiWemoNGCQqxBLJZM1epY.roa (hash: sN7g+z3kFVXgkKd1egNCxj+JRztRoGDD2QPyWEFToRI=)
3: hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl (hash: eYLXsVaWrgs/mu+dU+SA6+ZGfgAwDH38evFNUYJHRNU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:81:38:f3:7b:f9:03:ee:77:8d:e6:0f:52:0b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Nov 4 16:00:51 2025 GMT
Not After : Nov 5 16:00:51 2025 GMT
Subject: CN=31765c96e48867a0cc28ec0309cb145a6b05bfee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:5a:07:78:56:5d:f6:eb:a6:58:21:49:2f:
5f:6d:69:0c:f6:6e:3b:6c:4f:05:9d:fd:2a:01:d8:
ac:01:ad:ba:2e:1a:7c:ed:61:ad:79:e0:e3:0b:03:
b3:65:f8:6a:dc:f9:cd:85:3f:61:9b:7a:3f:76:49:
22:a8:1c:80:d0:45:4c:d1:46:d1:36:4c:66:9b:9b:
5c:6c:04:31:83:71:3f:f2:f7:c6:93:d6:c5:38:56:
3b:cc:d3:83:50:81:a8:fb:a7:f7:f1:51:ef:cc:6a:
ae:a0:8e:47:1a:24:a4:ea:0e:0b:ef:c7:05:6b:0e:
58:cd:a5:bf:30:bb:f8:c0:0d:c2:11:55:99:4e:1f:
14:4f:1d:2e:38:24:2b:79:e0:75:bf:80:9e:72:ed:
a7:da:6a:22:b8:6b:a2:5d:64:18:9e:d7:da:43:8a:
75:bd:53:c5:f1:3f:a2:ff:8a:88:21:1e:08:51:d5:
93:70:3f:da:a3:3f:81:6a:9e:45:62:28:3e:59:d1:
5e:62:9a:50:9b:62:8e:4c:24:8c:48:da:b7:7f:77:
d7:6c:0e:3d:df:de:d9:21:8d:92:b7:66:fe:3d:fb:
6c:38:08:6c:7a:cd:6f:c8:52:ac:2d:d3:bf:9d:53:
cf:13:d5:1a:8a:97:6d:98:20:3f:86:c2:86:69:b2:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:5C:96:E4:88:67:A0:CC:28:EC:03:09:CB:14:5A:6B:05:BF:EE
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:9a:6b:7d:24:e2:70:ec:7b:ac:69:d3:02:c1:fe:68:aa:f5:
59:b1:4e:df:f9:a2:10:29:7d:da:ce:dc:44:0e:24:d6:67:bd:
1a:96:d1:a7:33:06:43:89:4e:2d:5a:df:17:39:bc:fe:5f:05:
cf:b1:a1:1f:e8:08:04:9b:9f:c2:6d:ed:15:6a:ca:21:ac:ef:
cc:34:2a:20:37:97:73:95:73:ea:91:65:13:d6:b3:65:22:08:
7c:ca:b9:fd:70:53:7a:b2:bd:6a:12:fd:e0:56:53:d9:d1:32:
a9:c2:ef:d7:ab:ec:52:c8:ec:d1:e8:d7:59:21:08:56:48:86:
03:6a:6e:19:88:cf:5f:d6:85:5c:be:a4:6c:df:57:56:04:65:
50:84:b3:c6:50:42:83:e3:b3:01:d0:fe:64:a4:93:18:a6:df:
75:1c:f6:d5:d2:54:f3:13:c2:23:29:58:fe:4b:96:10:06:0a:
a0:7a:75:88:a7:83:18:ad:7a:52:20:94:ef:44:75:1e:68:4c:
aa:e4:30:26:ce:1e:ad:98:33:41:01:d5:df:44:21:9b:f3:ee:
a4:88:58:34:64:25:e4:e5:44:40:a9:2e:b5:31:9c:a7:91:a8:
f8:83:dd:c1:c0:df:99:89:da:fa:d0:79:d3:5e:40:3d:a3:70:
e7:58:4f:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmYE483v5A+53jeYPUgvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjUxMTA0MTYwMDUxWhcNMjUxMTA1MTYwMDUxWjAzMTEwLwYDVQQD
EygzMTc2NWM5NmU0ODg2N2EwY2MyOGVjMDMwOWNiMTQ1YTZiMDViZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKhaB3hWXfbrplghSS9fbWkM9m47
bE8Fnf0qAdisAa26Lhp87WGteeDjCwOzZfhq3PnNhT9hm3o/dkkiqByA0EVM0UbR
Nkxmm5tcbAQxg3E/8vfGk9bFOFY7zNODUIGo+6f38VHvzGquoI5HGiSk6g4L78cF
aw5YzaW/MLv4wA3CEVWZTh8UTx0uOCQreeB1v4Cecu2n2moiuGuiXWQYntfaQ4p1
vVPF8T+i/4qIIR4IUdWTcD/aoz+Bap5FYig+WdFeYppQm2KOTCSMSNq3f3fXbA49
397ZIY2St2b+PftsOAhses1vyFKsLdO/nVPPE9UaipdtmCA/hsKGabKKvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDF2XJbkiGegzCjsAwnLFFprBb/uMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHJprfSTi
cOx7rGnTAsH+aKr1WbFO3/miECl92s7cRA4k1me9GpbRpzMGQ4lOLVrfFzm8/l8F
z7GhH+gIBJufwm3tFWrKIazvzDQqIDeXc5Vz6pFlE9azZSIIfMq5/XBTerK9ahL9
4FZT2dEyqcLv16vsUsjs0ejXWSEIVkiGA2puGYjPX9aFXL6kbN9XVgRlUISzxlBC
g+OzAdD+ZKSTGKbfdRz21dJU8xPCIylY/kuWEAYKoHp1iKeDGK16UiCU70R1HmhM
quQwJs4erZgzQQHV30Qhm/PupIhYNGQl5OVEQKkutTGcp5Go+IPdwcDfmYna+tB5
015APaNw51hPXg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:38:54 2025 by rpki-client