Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: tuF0QOa9L87cIHJ8IALIQNMxRsSprc6sN/PDQohL7K8=
Subject key identifier: 45:3B:90:1F:44:60:FD:05:E0:47:1E:C1:DB:6E:92:7C:E6:2F:A1:0D
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 019A50AB8018D41A395DE60D3248C15EECF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 06DB
Signing time: Tue 04 Nov 2025 21:00:07 +0000
Manifest this update: Tue 04 Nov 2025 21:00:07 +0000
Manifest next update: Wed 05 Nov 2025 21:00:07 +0000
Files and hashes: 1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: q7kSwFBANph50xnxdvZ4OTE4DzrRmCk4zgkAx/6wdk4=)
2: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
3: x35TZBfjRzydIntP1wj4bzkffVI.roa (hash: m3lAcV9738Nh7P2x7upDgBTiTVZP/HAse993nyHmPOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 21:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:ab:80:18:d4:1a:39:5d:e6:0d:32:48:c1:5e:ec:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Nov 4 21:00:07 2025 GMT
Not After : Nov 5 21:00:07 2025 GMT
Subject: CN=453b901f4460fd05e0471ec1db6e927ce62fa10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:f1:50:00:27:a1:09:8e:ff:0c:1e:c6:76:
06:6f:f7:fd:35:a7:52:01:62:34:f4:cb:87:49:29:
6e:4a:3c:f9:43:98:98:20:7d:c5:48:90:ea:1b:e4:
72:88:38:27:d9:1f:c3:f5:c7:06:e2:42:22:ba:46:
4b:2f:79:c4:38:a2:29:07:45:95:da:83:f2:d3:61:
7b:ab:85:d1:0f:96:3d:a2:bd:b3:87:11:99:cd:18:
60:53:04:ae:3a:54:4f:e8:d5:6e:27:6a:f7:af:f2:
81:3a:79:ae:f6:ef:ff:3f:fd:11:ac:9c:17:1f:14:
36:d9:66:8c:99:b4:79:10:54:f5:44:1b:c5:c6:0c:
8f:d1:c6:e6:84:d0:aa:27:cd:f2:77:c5:bf:1b:f6:
4e:cc:46:2d:dd:9f:c4:0a:b0:f1:c7:f7:c0:2f:65:
d7:d2:d3:e3:13:53:a0:e2:a8:4d:53:c0:cb:c7:4a:
1a:a7:d1:2e:84:61:39:d3:ed:f8:db:38:e4:6e:1a:
bb:77:99:5d:e3:2e:20:df:43:c7:de:d9:1e:2a:ac:
28:4c:22:61:eb:80:3a:dc:92:11:d5:d6:f7:f6:a9:
c0:ae:a7:87:14:96:06:e9:77:e6:db:18:6a:40:97:
6b:e4:f3:38:f1:3a:67:48:99:98:80:d7:d1:c2:09:
08:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3B:90:1F:44:60:FD:05:E0:47:1E:C1:DB:6E:92:7C:E6:2F:A1:0D
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:27:11:1b:33:4a:33:c6:2b:99:a8:37:75:b5:c7:44:17:d0:
a9:b2:b7:e2:af:e4:44:6e:68:d8:28:25:72:d1:bf:99:c3:8f:
a2:a1:c8:71:77:dc:5f:0d:0b:b3:1b:5d:81:78:70:4a:21:6e:
9e:ed:14:50:7e:2b:5e:3d:fc:26:66:88:d1:18:3e:e6:8b:d7:
cb:d8:c5:f3:98:2a:24:6f:33:a6:c3:28:37:8a:e9:1e:b7:1d:
e8:92:68:23:40:61:fb:0c:4c:01:07:29:c6:42:bc:62:45:7d:
46:75:d7:80:55:94:7a:c3:1e:4d:5a:64:45:4b:3c:cd:c3:f6:
8b:db:db:fb:ad:8d:68:7d:ec:48:60:fb:40:0a:ca:ea:23:df:
d2:a5:c1:40:04:3c:53:3a:66:48:3a:91:d5:29:88:43:f3:21:
d9:47:18:89:dc:c1:01:4b:af:83:33:80:7f:fb:b0:22:80:d4:
9b:9b:54:42:25:52:cd:a7:76:98:f4:3a:34:a4:3d:31:41:65:
83:35:a3:4f:e7:f6:22:d6:b4:23:9d:39:84:b7:af:33:63:bf:
98:18:9a:b9:d8:4c:33:3a:75:61:0c:89:ee:49:3f:d5:5f:ff:
7e:cd:5e:c3:ee:2e:d6:3f:81:30:08:c7:28:a9:5a:98:df:88:
fa:4b:54:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQq4AY1Bo5XeYNMkjBXuz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUxMTA0MjEwMDA3WhcNMjUxMTA1MjEwMDA3WjAzMTEwLwYDVQQD
Eyg0NTNiOTAxZjQ0NjBmZDA1ZTA0NzFlYzFkYjZlOTI3Y2U2MmZhMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwDxUAAnoQmO/wwexnYGb/f9NadS
AWI09MuHSSluSjz5Q5iYIH3FSJDqG+RyiDgn2R/D9ccG4kIiukZLL3nEOKIpB0WV
2oPy02F7q4XRD5Y9or2zhxGZzRhgUwSuOlRP6NVuJ2r3r/KBOnmu9u//P/0RrJwX
HxQ22WaMmbR5EFT1RBvFxgyP0cbmhNCqJ83yd8W/G/ZOzEYt3Z/ECrDxx/fAL2XX
0tPjE1Og4qhNU8DLx0oap9EuhGE50+342zjkbhq7d5ld4y4g30PH3tkeKqwoTCJh
64A63JIR1db39qnArqeHFJYG6Xfm2xhqQJdr5PM48TpnSJmYgNfRwgkIGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEU7kB9EYP0F4EcewdtuknzmL6ENMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASCcRGzNK
M8Yrmag3dbXHRBfQqbK34q/kRG5o2CglctG/mcOPoqHIcXfcXw0LsxtdgXhwSiFu
nu0UUH4rXj38JmaI0Rg+5ovXy9jF85gqJG8zpsMoN4rpHrcd6JJoI0Bh+wxMAQcp
xkK8YkV9RnXXgFWUesMeTVpkRUs8zcP2i9vb+62NaH3sSGD7QArK6iPf0qXBQAQ8
UzpmSDqR1SmIQ/Mh2UcYidzBAUuvgzOAf/uwIoDUm5tUQiVSzad2mPQ6NKQ9MUFl
gzWjT+f2Ita0I505hLevM2O/mBiaudhMMzp1YQyJ7kk/1V//fs1ew+4u1j+BMAjH
KKlamN+I+ktUvg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:08:56 2025 by rpki-client