Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
File: h4R32LYtCfmui_29gSpT-X7UxXY.mft (raw, json)
Hash identifier: rUt3yQu/6MRuoqII0Hx1wQWZywXCdwxwjWu15j1bClE=
Subject key identifier: 45:E9:00:F3:30:46:E7:6C:30:88:3B:F7:AD:F1:0E:02:D3:BC:F8:00
Authority key identifier: 87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
Certificate issuer: /CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Certificate serial: 019A4F62545BAF53F87F2D072316D7BFEEF3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
Manifest number: 0535
Signing time: Tue 04 Nov 2025 15:00:35 +0000
Manifest this update: Tue 04 Nov 2025 15:00:35 +0000
Manifest next update: Wed 05 Nov 2025 15:00:35 +0000
Files and hashes: 1: 1-chTvEPLKpclBFunFsZudwhteCw.roa (hash: Mk7QbJ14tNyeCXu9wD1n7MpPtkSCXANni+lDYxJDiAk=)
2: h4R32LYtCfmui_29gSpT-X7UxXY.crl (hash: eeo9lIvUcZYu4IAdqYQ3s2zUzXd32lQwvgfqW4AziMw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:54:5b:af:53:f8:7f:2d:07:23:16:d7:bf:ee:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Validity
Not Before: Nov 4 15:00:35 2025 GMT
Not After : Nov 5 15:00:35 2025 GMT
Subject: CN=45e900f33046e76c30883bf7adf10e02d3bcf800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:a7:b4:83:39:98:ec:9e:3d:81:cd:bb:b8:
6f:7f:17:d9:97:e6:ac:f6:73:4f:20:25:e7:e5:3b:
26:12:a2:a5:96:da:e6:11:d5:5c:e8:a4:93:6a:20:
47:01:d5:22:39:82:18:d9:65:cc:c7:b2:8f:f0:07:
92:4a:f3:b3:2c:2d:3e:d0:5e:92:24:47:83:91:a3:
4d:bc:dc:f9:d5:c5:22:25:e1:b7:2f:1b:90:4a:be:
25:f1:e1:0c:e9:0a:52:0a:dc:1d:ef:b1:63:9a:37:
2a:e6:3d:5a:1e:e9:84:e0:4f:18:9b:b4:9b:af:81:
58:5d:db:76:16:01:71:95:07:a6:33:43:16:62:f1:
20:2c:12:09:04:43:c5:51:1b:61:10:64:67:d4:2e:
4e:61:e6:df:4b:b8:25:b8:55:a0:43:a7:eb:01:ae:
2b:01:ff:e9:d8:fd:dc:ca:9c:c0:c7:db:9e:95:6c:
16:c8:53:1a:1f:96:e4:6c:f8:84:37:6d:81:38:8c:
5a:c5:5b:74:8c:f4:dc:af:3f:00:58:5c:d8:44:fe:
f6:7a:0e:ef:c5:a8:d9:52:6f:f0:5f:4b:c8:e3:1b:
c6:2e:b9:b9:77:16:e0:ab:1f:97:ae:2a:c1:f3:7b:
b6:9f:74:2a:b3:e7:17:01:bc:44:7a:40:4c:97:44:
2b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E9:00:F3:30:46:E7:6C:30:88:3B:F7:AD:F1:0E:02:D3:BC:F8:00
X509v3 Authority Key Identifier:
keyid:87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:d3:24:9c:88:66:23:1b:67:a0:5f:69:5c:4c:ad:97:f7:61:
e4:e6:5b:85:ba:62:28:f0:85:d3:c2:54:f0:03:ea:9b:1d:69:
01:40:ef:d6:17:11:67:fd:74:2d:27:6f:08:26:aa:c2:eb:d3:
8f:3b:54:0d:f6:1e:90:b1:a9:fa:0b:26:24:fe:af:8b:60:58:
d5:bf:de:34:29:6c:8f:10:c1:27:3d:05:b7:91:8d:7e:65:f2:
d1:e9:0d:5a:af:c0:8d:69:74:ad:a5:9d:6d:79:da:83:bb:72:
02:95:f2:2d:4f:7a:95:ed:38:ff:73:aa:71:42:28:b7:71:31:
80:1b:61:3e:c7:ba:cc:84:84:ad:e8:90:91:5a:a8:b2:18:41:
bf:ab:a1:77:43:b6:2a:a8:5b:ec:58:d4:28:dd:30:88:30:78:
63:a8:5f:9e:5e:7f:79:35:30:bd:70:48:19:ff:cc:ad:33:38:
71:1e:ca:b0:f1:ce:fa:1c:1d:d9:46:07:31:08:98:34:54:d7:
79:87:82:0b:22:0e:f9:c4:a5:4f:cb:00:a0:5e:17:fd:22:77:
b4:71:a9:fa:ea:7f:94:d5:cb:f4:19:1b:b8:be:47:c4:ac:a9:
a9:a7:8d:83:52:f9:3f:d7:3f:b3:3e:10:26:10:d0:e0:8a:d9:
2b:14:0b:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYlRbr1P4fy0HIxbXv+7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ODQ3N2Q4YjYyZDA5ZjlhZThiZmRiZDgxMmE1M2Y5N2Vk
NGM1NzYwHhcNMjUxMTA0MTUwMDM1WhcNMjUxMTA1MTUwMDM1WjAzMTEwLwYDVQQD
Eyg0NWU5MDBmMzMwNDZlNzZjMzA4ODNiZjdhZGYxMGUwMmQzYmNmODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqGntIM5mOyePYHNu7hvfxfZl+as
9nNPICXn5TsmEqKlltrmEdVc6KSTaiBHAdUiOYIY2WXMx7KP8AeSSvOzLC0+0F6S
JEeDkaNNvNz51cUiJeG3LxuQSr4l8eEM6QpSCtwd77Fjmjcq5j1aHumE4E8Ym7Sb
r4FYXdt2FgFxlQemM0MWYvEgLBIJBEPFURthEGRn1C5OYebfS7gluFWgQ6frAa4r
Af/p2P3cypzAx9uelWwWyFMaH5bkbPiEN22BOIxaxVt0jPTcrz8AWFzYRP72eg7v
xajZUm/wX0vI4xvGLrm5dxbgqx+XrirB83u2n3Qqs+cXAbxEekBMl0QrnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXpAPMwRudsMIg7963xDgLTvPgAMB8GA1UdIwQY
MBaAFIeEd9i2LQn5rov9vYEqU/l+1MV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYt
ODg0MmU1ZWRjZTAyLzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYtODg0MmU1ZWRjZTAy
LzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNMknIhm
IxtnoF9pXEytl/dh5OZbhbpiKPCF08JU8APqmx1pAUDv1hcRZ/10LSdvCCaqwuvT
jztUDfYekLGp+gsmJP6vi2BY1b/eNClsjxDBJz0Ft5GNfmXy0ekNWq/AjWl0raWd
bXnag7tyApXyLU96le04/3OqcUIot3ExgBthPse6zISEreiQkVqoshhBv6uhd0O2
Kqhb7FjUKN0wiDB4Y6hfnl5/eTUwvXBIGf/MrTM4cR7KsPHO+hwd2UYHMQiYNFTX
eYeCCyIO+cSlT8sAoF4X/SJ3tHGp+up/lNXL9BkbuL5HxKypqaeNg1L5P9c/sz4Q
JhDQ4IrZKxQLUg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:07:09 2025 by rpki-client