Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: LwpGlnauJuHAN2rehujWDfGbMIqF2SjOHaFsqNQi490=
Subject key identifier: 92:28:98:77:BE:1D:CF:E6:31:1D:D3:11:D3:81:EA:28:7D:FB:A4:ED
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 019A5299D3BF06B62435E25F4AA4EDA560CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 06DC
Signing time: Wed 05 Nov 2025 06:00:04 +0000
Manifest this update: Wed 05 Nov 2025 06:00:04 +0000
Manifest next update: Thu 06 Nov 2025 06:00:04 +0000
Files and hashes: 1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: SWpsugxFeLclHzdXPIgnQCev3aaJ44LjUZoLQDWCMv8=)
2: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
3: x35TZBfjRzydIntP1wj4bzkffVI.roa (hash: m3lAcV9738Nh7P2x7upDgBTiTVZP/HAse993nyHmPOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:99:d3:bf:06:b6:24:35:e2:5f:4a:a4:ed:a5:60:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Nov 5 06:00:04 2025 GMT
Not After : Nov 6 06:00:04 2025 GMT
Subject: CN=92289877be1dcfe6311dd311d381ea287dfba4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:12:20:ef:fc:9d:c9:b3:1c:1f:f5:ef:41:0f:
9f:f7:1b:aa:fd:80:0e:e3:72:a6:61:26:94:ae:d1:
31:56:b1:29:9e:32:e0:4b:ea:0c:0e:29:f3:ff:01:
88:ed:ad:70:cf:eb:a9:e5:e1:7d:8f:d5:b4:cd:f8:
40:b4:a2:ea:ab:18:c6:5f:5a:53:d6:f0:3c:fe:23:
d2:48:97:13:95:10:7f:c7:69:a6:93:83:5d:27:e0:
29:2f:67:2a:04:90:57:12:e9:93:99:f0:35:7d:09:
73:87:e3:89:ae:2b:e2:5e:53:3f:6b:48:f6:1f:69:
6c:c7:87:b9:9d:54:b0:af:95:2f:1d:fc:29:f4:22:
e8:bf:6a:e5:cd:61:83:3d:f8:60:9e:ac:8f:62:8b:
65:08:60:18:e4:d2:75:20:53:3a:56:c8:df:f5:8d:
c7:68:35:ac:54:3c:13:88:1a:c6:b3:fc:34:8d:28:
ee:da:9e:e4:0d:b2:ba:87:db:14:47:8c:ed:7e:5a:
2d:83:70:9c:83:59:b4:be:8c:c7:0c:1a:f3:fb:02:
34:40:91:30:d9:c6:87:8e:44:bb:da:7b:6b:01:7a:
bc:46:36:c7:d5:6f:8d:5c:46:bf:50:a8:63:0f:3b:
2b:71:f3:25:3c:1b:d5:b6:16:58:b5:9d:2f:88:ab:
d2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:28:98:77:BE:1D:CF:E6:31:1D:D3:11:D3:81:EA:28:7D:FB:A4:ED
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:91:73:30:4b:ce:31:03:a7:6c:41:d2:6d:c2:6f:e5:de:bf:
3c:50:b6:a4:88:cb:44:1d:09:cc:34:a9:87:8b:70:96:41:65:
cf:7f:de:fa:93:c4:da:a0:bb:54:fc:42:3a:cb:c3:10:d2:59:
c7:6a:5f:b0:52:84:ec:a8:c5:d3:d4:a7:b3:8f:51:73:ea:d5:
b8:70:ac:d1:fa:1a:48:f9:25:3f:71:09:50:91:c5:cc:c9:3a:
d3:25:07:68:e4:79:b2:14:e4:82:81:3e:d6:91:1f:48:f5:d9:
62:a8:39:2d:57:3c:b6:bd:77:4a:a3:08:9f:25:39:4c:26:01:
bd:34:4f:dd:78:90:aa:41:6c:fe:64:cd:00:c5:67:e1:09:a9:
24:c9:6b:54:4c:a6:49:bc:04:da:c0:03:0f:75:10:71:b0:f0:
be:45:b9:cb:36:c4:ea:ff:73:bf:b7:02:fa:7d:45:78:32:bd:
af:24:54:af:ba:eb:0c:50:08:4a:d7:3e:20:53:92:8f:a3:3b:
ba:88:b1:3f:e9:1a:e7:96:81:97:d4:93:7e:e7:44:4c:0f:2a:
79:09:db:0d:fa:ed:af:d8:bd:6c:99:56:5c:17:93:32:aa:4a:
fc:9b:d1:c5:e1:a4:70:f9:12:af:06:a4:0f:99:3f:8b:97:3a:
94:6c:88:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSmdO/BrYkNeJfSqTtpWDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUxMTA1MDYwMDA0WhcNMjUxMTA2MDYwMDA0WjAzMTEwLwYDVQQD
Eyg5MjI4OTg3N2JlMWRjZmU2MzExZGQzMTFkMzgxZWEyODdkZmJhNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xIg7/ydybMcH/XvQQ+f9xuq/YAO
43KmYSaUrtExVrEpnjLgS+oMDinz/wGI7a1wz+up5eF9j9W0zfhAtKLqqxjGX1pT
1vA8/iPSSJcTlRB/x2mmk4NdJ+ApL2cqBJBXEumTmfA1fQlzh+OJriviXlM/a0j2
H2lsx4e5nVSwr5UvHfwp9CLov2rlzWGDPfhgnqyPYotlCGAY5NJ1IFM6Vsjf9Y3H
aDWsVDwTiBrGs/w0jSju2p7kDbK6h9sUR4ztflotg3Ccg1m0vozHDBrz+wI0QJEw
2caHjkS72ntrAXq8RjbH1W+NXEa/UKhjDzsrcfMlPBvVthZYtZ0viKvSzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIomHe+Hc/mMR3TEdOB6ih9+6TtMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkZFzMEvO
MQOnbEHSbcJv5d6/PFC2pIjLRB0JzDSph4twlkFlz3/e+pPE2qC7VPxCOsvDENJZ
x2pfsFKE7KjF09Sns49Rc+rVuHCs0foaSPklP3EJUJHFzMk60yUHaOR5shTkgoE+
1pEfSPXZYqg5LVc8tr13SqMInyU5TCYBvTRP3XiQqkFs/mTNAMVn4QmpJMlrVEym
SbwE2sADD3UQcbDwvkW5yzbE6v9zv7cC+n1FeDK9ryRUr7rrDFAIStc+IFOSj6M7
uoixP+ka55aBl9STfudETA8qeQnbDfrtr9i9bJlWXBeTMqpK/JvRxeGkcPkSrwak
D5k/i5c6lGyIIA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:52:24 2025 by rpki-client