Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: gZBGL9wNi40XWTg9XhzWk94Y3F1Rj+XPBCd1gBilcHw=
Subject key identifier: EA:80:B6:CD:FE:E7:B4:C9:72:D4:5E:90:50:D0:2F:FB:1E:7D:2D:30
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019A4E4FF54EB921AFDF99BD8209E6596DDE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 169D
Signing time: Tue 04 Nov 2025 10:00:54 +0000
Manifest this update: Tue 04 Nov 2025 10:00:54 +0000
Manifest next update: Wed 05 Nov 2025 10:00:54 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: PlFTtjyKv5P68oST0+9TGOMauO8YVPmriOBAEJiZvHc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:f5:4e:b9:21:af:df:99:bd:82:09:e6:59:6d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Nov 4 10:00:54 2025 GMT
Not After : Nov 5 10:00:54 2025 GMT
Subject: CN=ea80b6cdfee7b4c972d45e9050d02ffb1e7d2d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a4:e1:2b:15:75:ef:49:31:08:78:0e:d7:5f:
55:69:e0:d9:9a:c3:45:9c:d0:b1:38:a0:23:fb:01:
95:00:5c:20:98:53:08:e8:54:b7:72:e6:4a:6b:c1:
c9:9b:b6:6d:7e:37:19:3d:83:89:a0:97:5f:4c:f0:
89:2a:99:f5:1f:1c:f9:07:ff:8c:f2:d9:73:6c:6e:
3e:60:a3:37:64:28:07:1c:27:c1:a7:49:eb:4e:a3:
0e:a8:9f:bf:aa:0c:d4:b4:fc:7d:e5:2a:29:21:59:
ea:3b:92:ca:f9:e5:12:be:2d:2d:79:ca:2b:a8:df:
16:a9:71:1d:aa:0e:32:eb:fa:98:d2:15:f0:f0:61:
39:8c:8a:d0:a2:7f:b9:62:5d:47:db:01:cb:6f:e6:
55:d0:d0:3e:71:b8:e6:22:11:c0:e5:28:f3:de:8f:
4e:b7:67:e4:da:7b:59:5c:ac:42:46:a8:ed:b4:ef:
63:f5:f2:0e:f0:ab:64:d5:44:7d:98:3b:4f:f1:f6:
31:43:a3:06:d3:33:b9:85:2b:03:e5:8a:e3:68:76:
77:03:53:ac:32:d9:37:30:f3:d7:71:e1:54:59:91:
bc:17:2f:c0:df:28:7e:94:23:46:df:70:78:a6:2f:
b5:cc:71:55:ff:55:b7:ff:2a:8e:c8:d5:45:ab:45:
99:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:80:B6:CD:FE:E7:B4:C9:72:D4:5E:90:50:D0:2F:FB:1E:7D:2D:30
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:e2:1a:0e:9e:26:66:f5:98:81:68:a1:75:e2:f7:31:b5:ba:
6d:6d:02:e2:74:7e:20:39:7f:ae:29:07:a9:89:9b:e9:34:4f:
6d:50:cd:0f:58:f8:b3:e1:e2:5f:22:43:a1:ee:a8:a3:d6:5b:
6e:5f:88:2d:e0:95:da:69:04:ec:c8:9b:8c:c2:77:62:7d:6b:
28:64:ff:cb:8f:89:b0:b4:29:d6:70:5f:8d:2f:b0:13:2d:ca:
0e:2f:fd:db:6a:53:68:38:8d:aa:f8:1f:f5:64:49:d4:0b:11:
b5:68:40:05:15:3a:4c:2c:8f:dc:ca:76:1d:b2:b2:bb:02:0c:
a7:7d:9c:a3:b4:55:42:28:91:0a:7b:df:74:cd:ce:b0:76:de:
86:0e:96:7e:40:d5:3f:d5:30:11:61:e4:dc:06:ff:14:fa:d3:
62:8f:9c:c7:47:bc:8d:a3:89:3a:e0:b2:16:88:bd:eb:98:c2:
1a:33:1e:78:ba:93:6c:f8:2c:79:72:aa:cf:8f:b3:b5:99:8e:
bc:a3:4d:59:6e:57:fb:8b:ee:bc:13:69:4e:85:22:78:d4:d6:
1b:7f:f3:67:9c:47:c4:fc:ed:45:38:17:fd:75:3e:65:e3:d7:
b2:29:ee:c6:eb:1e:a6:b1:0a:e9:7c:f2:6c:44:d8:44:7e:27:
d0:09:c0:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT/VOuSGv35m9ggnmWW3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUxMTA0MTAwMDU0WhcNMjUxMTA1MTAwMDU0WjAzMTEwLwYDVQQD
EyhlYTgwYjZjZGZlZTdiNGM5NzJkNDVlOTA1MGQwMmZmYjFlN2QyZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaThKxV170kxCHgO119VaeDZmsNF
nNCxOKAj+wGVAFwgmFMI6FS3cuZKa8HJm7ZtfjcZPYOJoJdfTPCJKpn1Hxz5B/+M
8tlzbG4+YKM3ZCgHHCfBp0nrTqMOqJ+/qgzUtPx95SopIVnqO5LK+eUSvi0tecor
qN8WqXEdqg4y6/qY0hXw8GE5jIrQon+5Yl1H2wHLb+ZV0NA+cbjmIhHA5Sjz3o9O
t2fk2ntZXKxCRqjttO9j9fIO8Ktk1UR9mDtP8fYxQ6MG0zO5hSsD5YrjaHZ3A1Os
Mtk3MPPXceFUWZG8Fy/A3yh+lCNG33B4pi+1zHFV/1W3/yqOyNVFq0WZUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqAts3+57TJctRekFDQL/sefS0wMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOIaDp4m
ZvWYgWihdeL3MbW6bW0C4nR+IDl/rikHqYmb6TRPbVDND1j4s+HiXyJDoe6oo9Zb
bl+ILeCV2mkE7MibjMJ3Yn1rKGT/y4+JsLQp1nBfjS+wEy3KDi/922pTaDiNqvgf
9WRJ1AsRtWhABRU6TCyP3Mp2HbKyuwIMp32co7RVQiiRCnvfdM3OsHbehg6WfkDV
P9UwEWHk3Ab/FPrTYo+cx0e8jaOJOuCyFoi965jCGjMeeLqTbPgseXKqz4+ztZmO
vKNNWW5X+4vuvBNpToUieNTWG3/zZ5xHxPztRTgX/XU+ZePXsinuxuseprEK6Xzy
bETYRH4n0AnAXw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:00:25 2025 by rpki-client