Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
File: hst0KgO8nIVQcheiUgTf_4L8zfk.mft (raw, json)
Hash identifier: mlYR6HQXnd9+ZIC5tNSmTwwbKLNDx9KwJWOGDDV2u7A=
Subject key identifier: 39:D1:C9:B7:83:9C:7C:81:93:08:EF:3C:3F:BC:8B:61:61:4D:7C:19
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 019A4DE1D1B77DD7F7FCB164121B7E75A0F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
Manifest number: 1019
Signing time: Tue 04 Nov 2025 08:00:36 +0000
Manifest this update: Tue 04 Nov 2025 08:00:36 +0000
Manifest next update: Wed 05 Nov 2025 08:00:36 +0000
Files and hashes: 1: 1-TKHNCKbZE8g4XJcuPLU9wUNwXw.roa (hash: 4YE3N5IWvrJIb1gbK5UKUvbBqNqAEHWjC5reIu6mjb8=)
2: KPSPKR5CERt24RgHkaAIVOQ-_3Y.roa (hash: /B2g+d8SvUFH1wq4gYFhblNg4apBCw0hfFmzBcRbekw=)
3: bFD1sjNrlT8-Exv5RMapq_1KPJ0.roa (hash: dms0tmgxNyDbB9rboVPonFSAfotpbIdMya/cvQRCIY0=)
4: hst0KgO8nIVQcheiUgTf_4L8zfk.crl (hash: F6M0Ed14aydH0Hgu/ZPIjWGS10Z/67QbEG1n5ucni4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:d1:b7:7d:d7:f7:fc:b1:64:12:1b:7e:75:a0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Nov 4 08:00:36 2025 GMT
Not After : Nov 5 08:00:36 2025 GMT
Subject: CN=39d1c9b7839c7c819308ef3c3fbc8b61614d7c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c7:fe:a4:4d:7f:82:25:ec:7b:ca:02:53:a8:
08:fb:a8:66:12:24:ef:b7:ff:43:ea:80:b1:8f:be:
65:14:28:7b:95:d3:cd:5f:2f:81:da:eb:88:bd:31:
d3:0b:6f:45:89:86:4a:9d:3a:84:fc:bd:32:0a:55:
86:53:b6:94:d3:9b:18:a9:f6:09:25:71:24:a1:60:
75:18:a7:36:91:74:42:eb:d1:12:89:42:d1:11:fb:
4d:7e:c3:a8:1f:9d:4b:d1:a3:73:17:89:29:90:be:
78:cf:36:73:23:83:92:9c:46:fb:1d:1a:db:71:fe:
2e:12:6e:ef:4e:ea:26:d9:99:ec:a5:7e:44:10:f3:
03:c5:01:c3:5d:60:e5:9e:c1:5b:15:18:cd:85:ae:
60:27:b8:da:d8:86:26:e0:d9:62:b6:5c:1b:14:3a:
16:94:7d:ac:72:52:a4:e0:42:12:62:f8:93:d8:80:
1a:fd:f5:66:a6:c2:0f:1d:56:ce:77:c0:60:23:fd:
3d:64:e3:70:1b:75:05:54:07:7e:35:42:58:31:df:
7d:9f:8d:7c:a9:76:f5:d9:81:b5:11:f5:d6:53:17:
85:dc:0d:aa:37:21:6f:41:70:be:bd:d1:73:35:0f:
8b:72:7a:35:94:51:c7:96:fe:f9:6d:86:c8:82:ae:
83:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D1:C9:B7:83:9C:7C:81:93:08:EF:3C:3F:BC:8B:61:61:4D:7C:19
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:a4:dd:d5:1d:a1:23:af:7a:51:60:02:ac:ab:98:83:a2:9d:
bf:f1:ab:80:a2:c3:0e:8b:ac:c7:1d:5b:aa:a3:b1:95:de:bb:
50:cf:5d:95:17:56:5b:b3:f8:59:9c:0c:fd:64:68:d1:c9:80:
e7:63:e4:8c:a8:fa:7c:22:b3:7e:c4:46:74:ea:91:61:ec:08:
d0:2b:2c:42:48:0e:38:6b:a7:9e:98:bb:64:52:14:82:d7:02:
25:da:74:4a:17:e6:13:2d:6e:1a:e2:b2:99:76:46:25:98:95:
dd:17:91:3b:15:17:38:1b:25:95:19:57:a7:5f:6a:9e:a2:d4:
fd:cf:40:32:7f:7c:e9:1c:0b:7e:63:78:f0:02:d5:35:0e:e4:
d2:4f:58:d2:75:1c:03:ec:6e:82:dd:ea:e4:e0:ba:47:ff:3f:
08:ce:8a:6b:0a:55:d1:ff:50:e5:dc:ce:c8:9b:33:3c:5a:3c:
9c:1a:a4:d2:fc:37:23:9e:1d:21:4d:92:32:a2:a5:e4:07:f1:
cd:c6:60:ed:c2:cc:56:d2:32:ac:6a:1c:53:da:ac:e1:66:4d:
49:d3:92:1f:05:61:97:12:91:6e:a9:27:48:80:97:75:af:05:
b0:95:e5:86:d7:9b:6e:f6:71:27:bd:49:46:c9:a0:b6:fd:62:
64:cc:88:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4dG3fdf3/LFkEht+daDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjUxMTA0MDgwMDM2WhcNMjUxMTA1MDgwMDM2WjAzMTEwLwYDVQQD
EygzOWQxYzliNzgzOWM3YzgxOTMwOGVmM2MzZmJjOGI2MTYxNGQ3YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMf+pE1/giXse8oCU6gI+6hmEiTv
t/9D6oCxj75lFCh7ldPNXy+B2uuIvTHTC29FiYZKnTqE/L0yClWGU7aU05sYqfYJ
JXEkoWB1GKc2kXRC69ESiULREftNfsOoH51L0aNzF4kpkL54zzZzI4OSnEb7HRrb
cf4uEm7vTuom2ZnspX5EEPMDxQHDXWDlnsFbFRjNha5gJ7ja2IYm4NlitlwbFDoW
lH2sclKk4EISYviT2IAa/fVmpsIPHVbOd8BgI/09ZONwG3UFVAd+NUJYMd99n418
qXb12YG1EfXWUxeF3A2qNyFvQXC+vdFzNQ+Lcno1lFHHlv75bYbIgq6DTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnRybeDnHyBkwjvPD+8i2FhTXwZMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxKTd1R2h
I696UWACrKuYg6Kdv/GrgKLDDousxx1bqqOxld67UM9dlRdWW7P4WZwM/WRo0cmA
52PkjKj6fCKzfsRGdOqRYewI0CssQkgOOGunnpi7ZFIUgtcCJdp0ShfmEy1uGuKy
mXZGJZiV3ReROxUXOBsllRlXp19qnqLU/c9AMn986RwLfmN48ALVNQ7k0k9Y0nUc
A+xugt3q5OC6R/8/CM6KawpV0f9Q5dzOyJszPFo8nBqk0vw3I54dIU2SMqKl5Afx
zcZg7cLMVtIyrGocU9qs4WZNSdOSHwVhlxKRbqknSICXda8FsJXlhtebbvZxJ71J
Rsmgtv1iZMyIPg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:21:23 2025 by rpki-client