Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: NrQWIcYvJOGkxzWSPbJ3KYH4vochcjiJdLmzgInNWx0=
Subject key identifier: 63:E9:BF:A6:93:BE:87:25:71:B3:09:02:F4:55:ED:80:5D:CD:A1:A6
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019A4D73C0398F607ADA7ADB2CCF45BE398F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 12B8
Signing time: Tue 04 Nov 2025 06:00:22 +0000
Manifest this update: Tue 04 Nov 2025 06:00:22 +0000
Manifest next update: Wed 05 Nov 2025 06:00:22 +0000
Files and hashes: 1: EgrdXaLN-vc8C2zZS8RN3DywvDo.roa (hash: hzm54PDUPW3onP/qtSLZRsQOvKv3wuQ4riGx7IRQcQA=)
2: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: QD2r0D7YjTGYz+hb3aDdDVSCrEYC736LQIfXmqQK2nA=)
3: rAaiXMvO9i5snovqluPbyo_QCN0.roa (hash: pt3vDzVbNzSpy4PSZ8+XX3gpZBn6uEG/ZRILx9TbDQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:c0:39:8f:60:7a:da:7a:db:2c:cf:45:be:39:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Nov 4 06:00:22 2025 GMT
Not After : Nov 5 06:00:22 2025 GMT
Subject: CN=63e9bfa693be872571b30902f455ed805dcda1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:a3:89:e8:58:ac:33:02:02:84:9d:1a:3b:
a9:d0:94:21:9c:e7:86:fa:12:89:07:66:41:54:62:
26:74:6b:97:0f:73:1d:f7:6e:06:7c:01:20:f4:f8:
66:30:91:4e:22:2f:e5:ad:7a:6b:bd:7d:63:91:16:
d9:5b:01:99:7f:c1:c6:b2:21:7e:e7:7b:0f:4d:1a:
da:8b:f1:52:5f:a6:e3:6e:a8:27:b7:1f:d4:b0:b4:
5d:c2:5b:ce:c0:ba:79:16:aa:ce:e7:62:c7:89:29:
45:b1:90:37:8a:6d:f8:f7:ac:3a:c7:18:d5:4e:15:
f0:45:d9:bf:9c:ee:40:ec:27:fc:c7:f1:f2:20:1b:
78:99:98:3c:7a:32:ec:72:28:f2:fa:81:70:5c:a8:
33:9e:1a:91:27:ca:b5:39:bb:54:4e:10:df:a9:29:
22:9a:f4:69:4d:ac:1b:e3:01:8e:ca:8e:27:1f:78:
72:7a:13:94:f8:80:14:03:c9:e6:2b:42:ec:66:6c:
f7:73:73:cb:db:67:7f:14:33:ae:0e:08:eb:07:88:
af:84:94:6b:f7:f0:dc:8b:01:00:5f:9c:93:20:69:
2d:47:5e:40:c8:e8:fd:b5:4d:23:12:ae:a3:e3:b1:
5e:af:c7:96:59:aa:ec:82:6f:81:0f:eb:96:e0:d5:
36:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E9:BF:A6:93:BE:87:25:71:B3:09:02:F4:55:ED:80:5D:CD:A1:A6
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:26:7e:95:e1:ac:c6:4f:9a:12:40:95:3c:25:d2:f1:fe:0d:
b8:12:ef:c6:24:d2:f1:3e:06:88:78:5c:e9:cd:03:a6:2a:13:
d3:4a:52:79:1d:34:01:b6:48:92:e9:4c:de:64:00:a2:f5:42:
cd:4e:fe:41:00:f8:9d:1c:68:4f:c8:ce:41:e1:1e:10:ad:49:
66:00:06:db:fa:a9:85:e9:df:2e:dc:fb:9b:01:38:76:92:ca:
a5:b9:d7:0b:b6:bc:83:05:f3:f5:00:c1:6d:99:98:5a:53:56:
6b:fa:82:b0:eb:89:38:23:a2:66:c1:de:08:d1:7c:a2:0b:b1:
c0:42:fb:01:34:81:dc:be:39:e9:06:20:cc:bf:24:3b:a0:94:
25:ab:30:71:23:38:d8:a3:ed:2a:96:e8:21:b4:8b:bb:d0:f0:
02:9d:7d:7a:18:20:e5:fe:54:39:c2:d6:ad:0f:5e:84:0c:06:
9e:60:17:fb:f1:21:e3:63:aa:06:39:23:09:ae:dd:e9:81:9e:
37:ba:ba:86:f1:cd:fa:66:61:b7:e7:5d:a1:72:6d:c3:01:48:
9c:5c:61:29:13:b8:c2:47:c0:35:d4:40:3b:4c:c8:f7:70:a0:
4e:0b:83:28:b8:e9:5d:56:ea:4b:9a:c1:31:38:86:4a:fc:59:
ee:5d:80:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc8A5j2B62nrbLM9FvjmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjUxMTA0MDYwMDIyWhcNMjUxMTA1MDYwMDIyWjAzMTEwLwYDVQQD
Eyg2M2U5YmZhNjkzYmU4NzI1NzFiMzA5MDJmNDU1ZWQ4MDVkY2RhMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhmjiehYrDMCAoSdGjup0JQhnOeG
+hKJB2ZBVGImdGuXD3Md924GfAEg9PhmMJFOIi/lrXprvX1jkRbZWwGZf8HGsiF+
53sPTRrai/FSX6bjbqgntx/UsLRdwlvOwLp5FqrO52LHiSlFsZA3im3496w6xxjV
ThXwRdm/nO5A7Cf8x/HyIBt4mZg8ejLscijy+oFwXKgznhqRJ8q1ObtUThDfqSki
mvRpTawb4wGOyo4nH3hyehOU+IAUA8nmK0LsZmz3c3PL22d/FDOuDgjrB4ivhJRr
9/DciwEAX5yTIGktR15AyOj9tU0jEq6j47Fer8eWWarsgm+BD+uW4NU25wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPpv6aTvoclcbMJAvRV7YBdzaGmMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCZ+leGs
xk+aEkCVPCXS8f4NuBLvxiTS8T4GiHhc6c0DpioT00pSeR00AbZIkulM3mQAovVC
zU7+QQD4nRxoT8jOQeEeEK1JZgAG2/qphenfLtz7mwE4dpLKpbnXC7a8gwXz9QDB
bZmYWlNWa/qCsOuJOCOiZsHeCNF8oguxwEL7ATSB3L456QYgzL8kO6CUJaswcSM4
2KPtKpboIbSLu9DwAp19ehgg5f5UOcLWrQ9ehAwGnmAX+/Eh42OqBjkjCa7d6YGe
N7q6hvHN+mZht+ddoXJtwwFInFxhKRO4wkfANdRAO0zI93CgTguDKLjpXVbqS5rB
MTiGSvxZ7l2A5A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:07:45 2025 by rpki-client