Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
File: hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft (raw, json)
Hash identifier: nu/DfYfcfKHv/pF3wypq8mcHj8SErR7PCgjVZfiZ6WQ=
Subject key identifier: BB:F1:13:3D:2F:FF:D3:AC:79:53:A5:51:7B:84:00:31:84:2C:E7:6C
Authority key identifier: 86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
Certificate issuer: /CN=863841506d026131965057409a1604a5671f0541
Certificate serial: 019A4EF4FCDA906D450AA0EC96D5413D15CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
Manifest number: 04D5
Signing time: Tue 04 Nov 2025 13:01:09 +0000
Manifest this update: Tue 04 Nov 2025 13:01:09 +0000
Manifest next update: Wed 05 Nov 2025 13:01:09 +0000
Files and hashes: 1: hXap7hNXLEAQarnfnwYswdCAdkQ.roa (hash: bNhK/WdUp/9xvJiGhX97CJWQhZiON1WPJ6uWrAYKvFI=)
2: hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl (hash: 6QGTA7Ivr6J3norZ0lrwrS8/at//yPoAYcfHyWBcga8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:fc:da:90:6d:45:0a:a0:ec:96:d5:41:3d:15:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=863841506d026131965057409a1604a5671f0541
Validity
Not Before: Nov 4 13:01:09 2025 GMT
Not After : Nov 5 13:01:09 2025 GMT
Subject: CN=bbf1133d2fffd3ac7953a5517b840031842ce76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:8b:14:5d:34:3c:31:6b:32:af:94:cc:85:
bf:2c:3f:44:74:ae:9e:4b:ea:00:73:14:43:7f:23:
3f:be:ac:39:12:75:0b:5b:1e:63:b9:9f:d3:21:1c:
0b:a1:29:ac:32:af:14:d4:d7:9a:2f:07:c8:e3:f5:
24:12:96:cc:11:36:0b:25:19:36:fc:ef:4c:b3:75:
2e:75:67:90:83:82:ba:c9:52:24:98:9d:1b:41:62:
8d:34:21:9e:e9:06:67:b4:d7:f0:4a:0c:c7:55:e9:
8b:11:ad:c7:72:7a:3f:4a:e5:dd:e6:1e:2e:80:fb:
a2:f2:e4:b8:f3:bf:f8:df:43:ab:45:15:60:38:fc:
3e:7a:97:4b:41:2b:06:09:ea:f9:a1:29:a5:4a:34:
93:e9:fc:ea:d5:23:e7:d7:e8:b6:19:95:bf:ea:49:
f0:71:61:98:d5:aa:e0:9b:3b:fe:1e:34:52:e1:53:
dc:3c:4d:37:55:df:24:ec:07:bb:63:39:df:5f:11:
74:b9:4d:b8:1c:77:9e:d9:80:32:05:22:76:6d:87:
43:5c:4d:d9:9d:89:d1:a6:a5:08:9c:bf:08:44:43:
01:fd:30:c3:47:1f:6a:04:a2:7b:6c:f6:24:17:f7:
b8:98:3a:2f:7f:96:18:fb:0c:94:2c:bd:c1:78:b8:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F1:13:3D:2F:FF:D3:AC:79:53:A5:51:7B:84:00:31:84:2C:E7:6C
X509v3 Authority Key Identifier:
keyid:86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:9c:2a:76:0c:c1:f8:31:ac:8c:7d:5c:0c:c4:53:9d:37:55:
9c:83:ed:f5:33:ff:89:f3:3a:8b:51:ed:d2:ef:42:c8:3b:fc:
40:ec:4e:26:03:ca:61:4a:24:ee:1b:ec:a7:33:f6:0a:a3:e9:
bd:75:33:af:05:ce:b8:de:08:ea:09:84:5c:42:dd:e3:a5:2f:
56:43:f7:f5:2c:d0:a4:e3:b6:af:6c:a8:a7:86:48:6a:87:ef:
63:e8:6c:0d:55:a7:b7:09:49:2d:9d:05:82:3a:01:24:b5:bc:
89:83:26:94:0f:5e:c9:03:bd:c3:ca:4b:0d:fa:82:db:92:60:
57:f5:4f:5c:74:84:b3:78:01:8d:db:e1:eb:de:f9:b5:52:e8:
e6:9f:f9:84:f2:78:93:c1:61:50:5f:35:ae:36:01:69:41:55:
d1:3a:18:ba:d6:07:7c:bd:e1:63:9f:45:f0:ba:9b:e1:77:de:
f6:cb:63:d9:57:0f:b4:29:39:c7:d2:7b:d8:9c:46:a8:7d:ae:
b8:98:bd:07:d6:0a:19:b3:6b:b9:5f:a5:d4:c7:c3:fe:b7:05:
01:87:ed:48:6e:07:5c:25:ba:aa:42:71:1a:f2:96:c8:a3:8e:
18:7f:f0:a9:32:23:5d:04:5f:45:ed:47:cf:47:bb:e7:b3:fb:
98:8c:83:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PzakG1FCqDsltVBPRXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Mzg0MTUwNmQwMjYxMzE5NjUwNTc0MDlhMTYwNGE1Njcx
ZjA1NDEwHhcNMjUxMTA0MTMwMTA5WhcNMjUxMTA1MTMwMTA5WjAzMTEwLwYDVQQD
EyhiYmYxMTMzZDJmZmZkM2FjNzk1M2E1NTE3Yjg0MDAzMTg0MmNlNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI6LFF00PDFrMq+UzIW/LD9EdK6e
S+oAcxRDfyM/vqw5EnULWx5juZ/TIRwLoSmsMq8U1NeaLwfI4/UkEpbMETYLJRk2
/O9Ms3UudWeQg4K6yVIkmJ0bQWKNNCGe6QZntNfwSgzHVemLEa3Hcno/SuXd5h4u
gPui8uS487/430OrRRVgOPw+epdLQSsGCer5oSmlSjST6fzq1SPn1+i2GZW/6knw
cWGY1argmzv+HjRS4VPcPE03Vd8k7Ae7YznfXxF0uU24HHee2YAyBSJ2bYdDXE3Z
nYnRpqUInL8IREMB/TDDRx9qBKJ7bPYkF/e4mDovf5YY+wyULL3BeLg7NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvxEz0v/9OseVOlUXuEADGELOdsMB8GA1UdIwQY
MBaAFIY4QVBtAmExllBXQJoWBKVnHwVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2Mt
M2JmYTA1MDkyMDFmLzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2MtM2JmYTA1MDkyMDFm
LzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpwqdgzB
+DGsjH1cDMRTnTdVnIPt9TP/ifM6i1Ht0u9CyDv8QOxOJgPKYUok7hvspzP2CqPp
vXUzrwXOuN4I6gmEXELd46UvVkP39SzQpOO2r2yop4ZIaofvY+hsDVWntwlJLZ0F
gjoBJLW8iYMmlA9eyQO9w8pLDfqC25JgV/VPXHSEs3gBjdvh6975tVLo5p/5hPJ4
k8FhUF81rjYBaUFV0ToYutYHfL3hY59F8Lqb4Xfe9stj2VcPtCk5x9J72JxGqH2u
uJi9B9YKGbNruV+l1MfD/rcFAYftSG4HXCW6qkJxGvKWyKOOGH/wqTIjXQRfRe1H
z0e757P7mIyD7g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:38:07 2025 by rpki-client