Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
File: hn3QWtctwi--owKfzukOb7BjiQQ.mft (raw, json)
Hash identifier: id9MVWQh5k00l+MfQPYHIlSL956co0g8uVQVUDWdPn0=
Subject key identifier: 67:EE:45:6A:08:A4:5B:69:92:CC:17:D3:BC:52:6B:B0:AB:2E:0B:F4
Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Certificate serial: 019A4EF589A5826464C585AB0979A818D6C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 13:01:45 +0000
Manifest this update: Tue 04 Nov 2025 13:01:45 +0000
Manifest next update: Wed 05 Nov 2025 13:01:45 +0000
Files and hashes: 1: 1hbevT8gwbMVGXnU3oslqDok4xQ.roa (hash: PvOSpkQG3GMAcOSv9DP0juXGFg1PxvMowO3npVuSH5E=)
2: hn3QWtctwi--owKfzukOb7BjiQQ.crl (hash: S5x2E4CK5PSv6aIXY9jp/z31ZfxyvV3VIYnIFJ0D1fM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:89:a5:82:64:64:c5:85:ab:09:79:a8:18:d6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Validity
Not Before: Nov 4 13:01:45 2025 GMT
Not After : Nov 5 13:01:45 2025 GMT
Subject: CN=67ee456a08a45b6992cc17d3bc526bb0ab2e0bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:df:9e:48:27:c8:26:2a:c3:ff:1b:77:2c:b4:
eb:58:13:3e:54:6d:bb:af:8f:0b:cc:4a:16:ba:16:
c5:2f:fd:b7:76:cb:d8:18:2c:ea:19:f3:e5:61:fb:
a6:96:8c:02:90:95:86:46:22:8d:fc:f5:a6:a0:0e:
28:d7:bb:83:bd:e6:f7:15:fb:46:49:bc:bc:70:45:
3e:69:06:29:b0:f0:ea:64:a3:c2:24:92:cf:c4:02:
74:11:d5:00:13:a9:f4:57:a6:fb:d1:3e:2d:b7:bc:
c2:b1:ea:e9:7f:3f:4e:fe:28:3e:1d:78:3f:ff:8e:
ec:f7:a2:50:e3:9f:dc:b9:21:31:ea:6f:5c:cb:1e:
88:49:cd:f0:e1:14:34:e2:36:82:80:31:3d:aa:5c:
fb:96:b6:57:9f:3f:00:e6:01:18:0e:85:c4:c6:26:
51:c0:36:1e:af:64:c1:f2:08:7f:b9:7e:b9:d9:35:
f7:a6:3e:f0:48:81:b0:47:a1:a4:d2:c4:56:31:d9:
19:4f:c2:f1:cb:18:6f:94:40:4f:60:49:a2:2c:c0:
b6:c4:0c:fc:2d:9a:ab:bb:96:b5:70:cc:cb:c1:3f:
6f:91:67:36:aa:02:1b:db:84:e6:a8:c8:e6:77:28:
e8:3d:2c:a7:65:af:7c:c8:ac:06:5b:74:f1:bd:7e:
25:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:45:6A:08:A4:5B:69:92:CC:17:D3:BC:52:6B:B0:AB:2E:0B:F4
X509v3 Authority Key Identifier:
keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:01:53:4b:d3:b2:e8:55:68:82:81:bc:2a:18:f2:f4:a5:df:
cf:d5:84:82:7a:43:82:03:cc:28:38:d5:5e:ed:d9:bc:0f:13:
27:27:85:3f:80:4c:92:6b:2f:66:2c:d3:48:0a:24:00:d9:4a:
3c:2d:2b:85:0c:26:00:24:93:f2:af:8b:5b:ae:fb:f7:88:e9:
20:fe:d4:5a:52:a1:97:76:73:bc:9c:2c:38:f9:a1:2f:a9:06:
82:f6:71:db:1d:39:5e:fa:cb:1e:f8:6a:4c:b2:68:48:3f:af:
e2:ea:2b:ab:35:dd:4c:22:44:42:92:87:6f:4a:f9:53:b2:db:
60:d9:50:dc:03:ad:2d:bf:a2:7d:15:85:2f:32:3a:1d:a3:eb:
d7:5a:c0:ea:1c:c6:4a:37:98:82:4d:9c:0e:52:ce:9b:2d:e7:
c9:d8:69:c6:58:a1:ed:5a:c4:d6:53:79:44:3a:f3:e7:bb:b7:
0d:5e:47:71:4a:a0:ba:fb:a0:12:24:5d:28:80:c7:a5:2d:c6:
7e:85:de:b7:a7:18:83:cf:f1:63:69:61:5e:0f:2a:44:99:ed:
6e:12:0a:72:e5:6a:ac:7f:01:07:4f:cc:de:1f:1a:b3:87:9a:
de:cc:7e:1d:d5:16:ef:8d:d8:0e:f0:0f:28:89:8a:d5:09:d7:
3c:0e:97:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9YmlgmRkxYWrCXmoGNbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2
Mzg5MDQwHhcNMjUxMTA0MTMwMTQ1WhcNMjUxMTA1MTMwMTQ1WjAzMTEwLwYDVQQD
Eyg2N2VlNDU2YTA4YTQ1YjY5OTJjYzE3ZDNiYzUyNmJiMGFiMmUwYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9+eSCfIJirD/xt3LLTrWBM+VG27
r48LzEoWuhbFL/23dsvYGCzqGfPlYfumlowCkJWGRiKN/PWmoA4o17uDveb3FftG
Sby8cEU+aQYpsPDqZKPCJJLPxAJ0EdUAE6n0V6b70T4tt7zCserpfz9O/ig+HXg/
/47s96JQ45/cuSEx6m9cyx6ISc3w4RQ04jaCgDE9qlz7lrZXnz8A5gEYDoXExiZR
wDYer2TB8gh/uX652TX3pj7wSIGwR6Gk0sRWMdkZT8LxyxhvlEBPYEmiLMC2xAz8
LZqru5a1cMzLwT9vkWc2qgIb24TmqMjmdyjoPSynZa98yKwGW3TxvX4lpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfuRWoIpFtpkswX07xSa7CrLgv0MB8GA1UdIwQY
MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt
MjM5ZTVhYmZjYzZhLzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh
LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAFTS9Oy
6FVogoG8Khjy9KXfz9WEgnpDggPMKDjVXu3ZvA8TJyeFP4BMkmsvZizTSAokANlK
PC0rhQwmACST8q+LW67794jpIP7UWlKhl3ZzvJwsOPmhL6kGgvZx2x05XvrLHvhq
TLJoSD+v4uorqzXdTCJEQpKHb0r5U7LbYNlQ3AOtLb+ifRWFLzI6HaPr11rA6hzG
SjeYgk2cDlLOmy3nydhpxlih7VrE1lN5RDrz57u3DV5HcUqguvugEiRdKIDHpS3G
foXet6cYg8/xY2lhXg8qRJntbhIKcuVqrH8BB0/M3h8as4ea3sx+HdUW743YDvAP
KImK1QnXPA6XrA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:31:23 2025 by rpki-client