Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json)
Hash identifier: k6EDg8qky3xCuKHH1A7depnGwm68QwQZ6PxICQJGa+I=
Subject key identifier: 8C:0A:F9:F0:99:34:49:2E:1C:15:17:3E:C8:D6:B6:27:0A:A8:11:E3
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 019A4DE2207E30B2BE0EE4F4DD62FD2B729C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
Manifest number: 11A7
Signing time: Tue 04 Nov 2025 08:00:56 +0000
Manifest this update: Tue 04 Nov 2025 08:00:56 +0000
Manifest next update: Wed 05 Nov 2025 08:00:56 +0000
Files and hashes: 1: XLQfftOCYwZhCKWBFvPgcWtM3ng.roa (hash: e5IwRRubP2iih1RAenDvyf84x82YlIWC8mC3l2YoKV8=)
2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: txUaC2HmNXsE9JDzZd9lpWbBAfvFw6lttTUpPo231gM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:20:7e:30:b2:be:0e:e4:f4:dd:62:fd:2b:72:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Nov 4 08:00:56 2025 GMT
Not After : Nov 5 08:00:56 2025 GMT
Subject: CN=8c0af9f09934492e1c15173ec8d6b6270aa811e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c5:7e:54:61:b6:ba:fd:a7:b1:7c:36:0f:4a:
48:36:26:42:68:86:d7:18:94:77:84:bf:16:b8:01:
1b:5f:c1:c7:44:a0:88:81:60:41:2a:ef:62:e1:e7:
6f:b6:7f:d4:05:69:56:48:9f:d5:43:8d:4a:68:14:
d1:c9:67:6f:34:48:4c:5b:0a:b9:97:48:a3:5d:73:
68:d1:1c:da:f9:65:34:ab:c7:e9:46:7e:b2:7d:cf:
db:bc:68:f0:a0:c6:b1:7e:70:2f:38:25:bb:7e:54:
82:56:89:1b:1b:1b:7d:1d:9b:98:e8:3a:61:ba:9d:
34:41:3a:f6:3b:69:ec:27:0d:ae:7c:64:6f:e4:fa:
40:f3:72:4c:55:d7:cd:f2:fc:76:97:74:3e:46:e4:
d4:eb:ac:47:4a:47:c9:1b:4d:bf:f5:f3:82:fc:45:
33:ec:6f:84:07:d7:25:cf:6a:2d:06:d4:a1:68:3b:
43:a2:02:c0:65:ad:0f:58:ad:f6:89:c7:d2:1d:08:
a9:6e:9d:b4:85:7a:bb:47:a8:ce:52:28:00:87:02:
a1:11:79:92:13:60:41:1c:e9:76:f3:b2:5d:2f:1b:
ab:d3:87:a2:41:55:90:6d:39:bb:fa:a1:ef:08:1f:
05:cd:26:8e:66:af:19:0c:3e:2c:52:3a:51:08:0c:
f2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0A:F9:F0:99:34:49:2E:1C:15:17:3E:C8:D6:B6:27:0A:A8:11:E3
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:95:45:47:15:5f:0b:f5:6c:56:0b:ee:8f:3b:68:93:3e:58:
49:4b:e7:78:60:38:4f:ef:6f:fc:cf:43:01:6c:7c:4e:1c:c3:
c1:ce:52:5f:ba:c6:bf:da:56:08:99:90:82:0b:fc:4d:b7:4c:
b6:62:d6:57:06:3c:c0:1f:67:d0:d5:7d:45:6b:b4:2c:90:06:
25:ca:38:f1:2f:9b:d5:a7:a8:25:bc:72:55:87:e6:1f:e7:87:
92:37:3d:e1:1a:30:81:67:02:83:01:b5:ec:98:b4:fe:c2:7a:
9f:07:b0:f6:7c:15:6b:b6:40:84:fd:4a:cb:51:07:58:49:24:
c4:8b:f1:2d:28:62:e6:be:cf:d7:69:88:3a:a6:78:25:af:78:
dd:22:e0:25:29:eb:9f:dd:9a:34:2a:e3:4b:a7:9a:a6:66:1f:
b4:68:85:09:e7:dc:60:2f:f5:0a:94:2f:24:f5:a4:68:35:8f:
62:41:0e:8e:80:60:4c:43:44:01:aa:67:0f:91:6f:18:67:8e:
3d:6e:12:85:db:b4:08:1e:5c:f7:ae:18:1a:d2:78:f2:a8:30:
7f:59:6f:1f:ec:b4:2c:80:b7:87:32:bd:70:02:83:2a:9d:6b:
20:23:e6:ec:ca:a9:ae:28:a3:02:7f:6b:81:a5:4f:53:7c:d9:
3e:e9:74:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4iB+MLK+DuT03WL9K3KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw
M2FkMDAwHhcNMjUxMTA0MDgwMDU2WhcNMjUxMTA1MDgwMDU2WjAzMTEwLwYDVQQD
Eyg4YzBhZjlmMDk5MzQ0OTJlMWMxNTE3M2VjOGQ2YjYyNzBhYTgxMWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8V+VGG2uv2nsXw2D0pINiZCaIbX
GJR3hL8WuAEbX8HHRKCIgWBBKu9i4edvtn/UBWlWSJ/VQ41KaBTRyWdvNEhMWwq5
l0ijXXNo0Rza+WU0q8fpRn6yfc/bvGjwoMaxfnAvOCW7flSCVokbGxt9HZuY6Dph
up00QTr2O2nsJw2ufGRv5PpA83JMVdfN8vx2l3Q+RuTU66xHSkfJG02/9fOC/EUz
7G+EB9clz2otBtShaDtDogLAZa0PWK32icfSHQipbp20hXq7R6jOUigAhwKhEXmS
E2BBHOl287JdLxur04eiQVWQbTm7+qHvCB8FzSaOZq8ZDD4sUjpRCAzy7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwK+fCZNEkuHBUXPsjWticKqBHjMB8GA1UdIwQY
MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt
NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm
LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWpVFRxVf
C/VsVgvujztokz5YSUvneGA4T+9v/M9DAWx8ThzDwc5SX7rGv9pWCJmQggv8TbdM
tmLWVwY8wB9n0NV9RWu0LJAGJco48S+b1aeoJbxyVYfmH+eHkjc94RowgWcCgwG1
7Ji0/sJ6nwew9nwVa7ZAhP1Ky1EHWEkkxIvxLShi5r7P12mIOqZ4Ja943SLgJSnr
n92aNCrjS6eapmYftGiFCefcYC/1CpQvJPWkaDWPYkEOjoBgTENEAapnD5FvGGeO
PW4Shdu0CB5c964YGtJ48qgwf1lvH+y0LIC3hzK9cAKDKp1rICPm7MqpriijAn9r
gaVPU3zZPul0Yw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:47 2025 by rpki-client