Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
File: pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json)
Hash identifier: fl+Wgc7aY61XzYXGgQSJnemI0Ps/93s1Xdp4fvkuxfc=
Subject key identifier: 4B:0E:5F:41:C3:0E:5D:5E:F1:FF:86:31:47:C0:BD:C5:FC:2D:29:36
Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
Certificate issuer: /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Certificate serial: 019A4D73F102DF8EB1ACEF5CBB25D4348950
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
Manifest number: 0AA9
Signing time: Tue 04 Nov 2025 06:00:35 +0000
Manifest this update: Tue 04 Nov 2025 06:00:35 +0000
Manifest next update: Wed 05 Nov 2025 06:00:35 +0000
Files and hashes: 1: H2ciew030YT_ZKL58SNBSDs0iQc.roa (hash: dr7FPAyraTf1nqxR0HjlvGsow4ZxkGibDCSpB0tZ3CU=)
2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: iCkwzKgXAlUTGtX2+8TZF/WiIRwpGko9ry8cHGLcwkE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:f1:02:df:8e:b1:ac:ef:5c:bb:25:d4:34:89:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Validity
Not Before: Nov 4 06:00:35 2025 GMT
Not After : Nov 5 06:00:35 2025 GMT
Subject: CN=4b0e5f41c30e5d5ef1ff863147c0bdc5fc2d2936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:87:8e:9b:98:da:ea:ba:b2:15:35:76:aa:
fe:8f:cc:12:ba:2d:2e:0c:e3:5b:df:47:84:14:27:
40:0c:17:ec:d5:ee:62:a9:ed:5c:1b:c3:d1:61:63:
ea:30:9a:6a:5f:89:c7:bd:58:b6:98:82:a6:c1:81:
1e:08:ca:c9:68:43:4b:81:12:1d:01:a8:e0:f2:0a:
59:3a:2a:3c:d0:c3:a7:2b:1a:47:91:ec:97:30:da:
61:7d:46:a5:65:73:2d:48:3e:27:14:3d:96:11:90:
1c:ee:19:5a:67:a2:71:bd:68:22:3e:91:a2:f6:68:
5c:54:9a:32:ff:13:47:9e:3e:ae:97:d2:ee:a8:2f:
1d:5c:26:69:60:22:f5:fd:de:7d:81:b7:04:fc:ba:
46:1b:a3:61:6f:00:25:d0:bf:de:d2:8b:8a:64:17:
a1:2a:11:94:6e:26:b6:44:22:76:de:6b:5c:22:a3:
bc:b8:e0:92:3d:93:69:b3:e9:2f:f6:cb:2b:8a:c5:
68:6e:86:5e:18:dc:1e:f2:7f:5c:58:f6:99:ea:2f:
2c:cf:7d:27:44:35:e5:6a:43:ae:41:43:b1:82:70:
0a:7a:81:9a:bb:4e:bf:dc:39:17:a8:86:97:67:67:
e5:d5:a7:41:60:6d:9a:ad:a1:ba:8b:21:b7:f5:21:
24:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0E:5F:41:C3:0E:5D:5E:F1:FF:86:31:47:C0:BD:C5:FC:2D:29:36
X509v3 Authority Key Identifier:
keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:0b:59:39:35:f6:33:57:6a:8c:3c:4e:89:3b:f5:fc:3a:82:
8c:d2:42:90:e0:7e:51:58:d1:14:8f:ad:3d:6b:1e:fa:8b:73:
5e:b4:99:0d:ef:1e:e2:0a:41:6a:25:c0:94:63:ec:03:61:80:
e3:34:06:db:b8:74:06:92:b4:4f:ce:f1:f8:00:69:7b:72:2c:
d0:14:43:b9:5e:97:27:72:d1:8e:b8:05:60:df:89:52:e4:16:
14:3d:80:07:4c:a0:77:5a:23:bc:29:bd:59:f7:bd:94:10:e3:
48:ac:03:6a:d8:a7:5a:17:bb:85:fd:26:b1:f9:0a:cb:fa:08:
a0:56:36:af:0d:c4:20:2b:84:d2:a5:00:2f:c8:0f:54:be:e3:
1a:a0:15:39:1f:95:80:5d:98:2b:8a:b2:a9:d9:37:32:b5:24:
7d:ed:eb:fc:ca:69:ff:fb:2a:a9:ce:12:a4:ea:46:28:ce:4f:
8b:e5:ed:f7:c2:e3:20:34:ca:52:b1:28:e3:85:35:6c:aa:ce:
9a:3d:22:44:07:34:ef:5f:a4:09:28:84:50:44:13:0a:4b:db:
1c:fd:25:fb:15:c8:d1:8a:05:df:56:93:bd:9b:0b:87:2f:d7:
3a:2b:d0:1b:8e:2a:4e:43:a4:a7:40:0c:2a:8e:3d:2f:b2:d6:
06:a4:ad:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc/EC346xrO9cuyXUNIlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx
Yzk0MzMwHhcNMjUxMTA0MDYwMDM1WhcNMjUxMTA1MDYwMDM1WjAzMTEwLwYDVQQD
Eyg0YjBlNWY0MWMzMGU1ZDVlZjFmZjg2MzE0N2MwYmRjNWZjMmQyOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd2HjpuY2uq6shU1dqr+j8wSui0u
DONb30eEFCdADBfs1e5iqe1cG8PRYWPqMJpqX4nHvVi2mIKmwYEeCMrJaENLgRId
Aajg8gpZOio80MOnKxpHkeyXMNphfUalZXMtSD4nFD2WEZAc7hlaZ6JxvWgiPpGi
9mhcVJoy/xNHnj6ul9LuqC8dXCZpYCL1/d59gbcE/LpGG6NhbwAl0L/e0ouKZBeh
KhGUbia2RCJ23mtcIqO8uOCSPZNps+kv9ssrisVoboZeGNwe8n9cWPaZ6i8sz30n
RDXlakOuQUOxgnAKeoGau06/3DkXqIaXZ2fl1adBYG2araG6iyG39SEkrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsOX0HDDl1e8f+GMUfAvcX8LSk2MB8GA1UdIwQY
MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt
MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy
LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQtZOTX2
M1dqjDxOiTv1/DqCjNJCkOB+UVjRFI+tPWse+otzXrSZDe8e4gpBaiXAlGPsA2GA
4zQG27h0BpK0T87x+ABpe3Is0BRDuV6XJ3LRjrgFYN+JUuQWFD2AB0ygd1ojvCm9
Wfe9lBDjSKwDatinWhe7hf0msfkKy/oIoFY2rw3EICuE0qUAL8gPVL7jGqAVOR+V
gF2YK4qyqdk3MrUkfe3r/Mpp//sqqc4SpOpGKM5Pi+Xt98LjIDTKUrEo44U1bKrO
mj0iRAc071+kCSiEUEQTCkvbHP0l+xXI0YoF31aTvZsLhy/XOivQG44qTkOkp0AM
Ko49L7LWBqStyQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:00 2025 by rpki-client