Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: 8smBfSDF6RmYl7Qwcs9XAxAkblAN4uT7N3bpV2m21G0=
Subject key identifier: E8:65:A4:B7:7F:2B:52:DA:54:09:19:43:46:C8:52:7D:BA:A1:CE:C4
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019A24AEE015B547F773F174620DFB3E3A9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 1688
Signing time: Mon 27 Oct 2025 08:00:31 +0000
Manifest this update: Mon 27 Oct 2025 08:00:31 +0000
Manifest next update: Tue 28 Oct 2025 08:00:31 +0000
Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: EncYhXINUvsrBpmNJon9wcKLToKNnkIZ1Riy0nSoz+o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:ae:e0:15:b5:47:f7:73:f1:74:62:0d:fb:3e:3a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Oct 27 08:00:31 2025 GMT
Not After : Oct 28 08:00:31 2025 GMT
Subject: CN=e865a4b77f2b52da5409194346c8527dbaa1cec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:bb:ba:3b:a1:35:8b:87:81:49:87:54:2a:
75:5f:a5:aa:a9:c3:15:79:12:5e:bd:e9:a0:11:f5:
fa:55:37:fd:5a:0b:c0:28:02:21:2c:66:8d:17:87:
96:3c:84:17:0b:a7:bd:8a:ad:fb:0d:3e:25:ea:9b:
54:14:f9:1a:80:97:78:af:a7:37:85:40:3a:ff:de:
6b:00:34:3f:db:fc:3c:22:21:06:23:1a:de:cd:84:
7c:61:ba:63:c5:ad:e3:6c:54:c1:60:94:dc:82:d3:
2f:a0:e5:7f:0c:a0:cb:12:79:0a:38:8b:b3:d7:aa:
9f:d9:83:6e:3c:7d:7f:3c:12:9c:54:41:c4:42:06:
61:18:95:d0:ee:99:77:23:14:31:35:d9:44:42:e4:
dd:95:0d:b7:37:fd:b5:f6:69:b6:3e:68:b5:94:09:
32:82:11:4f:22:a9:a8:77:58:60:22:36:fe:18:57:
5e:c8:89:77:6f:f4:d8:68:81:5a:8a:40:09:cb:32:
cd:a8:1f:81:e1:9a:a3:ec:b5:14:31:c9:14:fd:05:
5e:f6:5a:18:f2:fb:95:37:92:95:cb:fa:23:dc:ea:
67:da:67:2f:f1:5c:a0:4b:3d:b5:fc:7c:33:16:4d:
51:c6:16:ec:ff:30:5a:a7:54:25:eb:3e:d0:fe:b9:
ba:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:65:A4:B7:7F:2B:52:DA:54:09:19:43:46:C8:52:7D:BA:A1:CE:C4
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:5b:16:b2:09:58:bd:06:85:35:f9:e8:d8:84:d4:2e:2a:64:
1c:df:6a:d9:03:9b:7d:62:fd:a1:f4:d7:a2:bf:8b:76:97:8d:
66:b6:5f:ed:69:8a:18:f5:2c:a6:c3:ea:e5:9f:8a:6d:3e:90:
51:4f:54:fb:f2:67:e9:11:fe:c1:66:7d:82:11:77:e4:2b:07:
f6:98:bc:78:08:41:63:d7:eb:c0:53:67:47:b8:39:cd:fa:4e:
5e:10:dd:d5:c9:ad:4e:4a:3e:a4:7f:da:68:88:73:0e:bc:99:
20:cb:ee:a3:1b:31:40:bb:f4:a2:7f:d4:c2:ea:32:7c:f2:b6:
6f:16:87:fd:1d:d2:09:fa:d4:3f:8c:d3:60:1f:07:b3:29:46:
bc:8f:9f:bf:50:03:9f:0f:64:39:46:0a:fc:10:df:f5:14:7a:
0a:f9:8f:f8:17:03:32:70:fa:1b:8e:52:cf:c9:d8:fb:67:33:
9f:57:39:36:60:4c:ae:b8:9c:95:2c:b0:6e:5a:40:35:cc:97:
a7:32:a0:95:78:ad:f0:ef:41:77:a9:86:33:12:a4:8f:29:6a:
9a:50:3f:71:a5:ed:38:62:56:f8:ef:d9:3d:9e:1c:b2:3e:29:
dd:e6:9c:f5:44:b1:d7:46:4a:2d:b0:63:3c:f5:8d:d0:e4:1e:
51:45:5b:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokruAVtUf3c/F0Yg37PjqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUxMDI3MDgwMDMxWhcNMjUxMDI4MDgwMDMxWjAzMTEwLwYDVQQD
EyhlODY1YTRiNzdmMmI1MmRhNTQwOTE5NDM0NmM4NTI3ZGJhYTFjZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiW7ujuhNYuHgUmHVCp1X6WqqcMV
eRJevemgEfX6VTf9WgvAKAIhLGaNF4eWPIQXC6e9iq37DT4l6ptUFPkagJd4r6c3
hUA6/95rADQ/2/w8IiEGIxrezYR8Ybpjxa3jbFTBYJTcgtMvoOV/DKDLEnkKOIuz
16qf2YNuPH1/PBKcVEHEQgZhGJXQ7pl3IxQxNdlEQuTdlQ23N/219mm2Pmi1lAky
ghFPIqmod1hgIjb+GFdeyIl3b/TYaIFaikAJyzLNqB+B4Zqj7LUUMckU/QVe9loY
8vuVN5KVy/oj3Opn2mcv8VygSz21/HwzFk1Rxhbs/zBap1Ql6z7Q/rm6vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhlpLd/K1LaVAkZQ0bIUn26oc7EMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeVsWsglY
vQaFNfno2ITULipkHN9q2QObfWL9ofTXor+LdpeNZrZf7WmKGPUspsPq5Z+KbT6Q
UU9U+/Jn6RH+wWZ9ghF35CsH9pi8eAhBY9frwFNnR7g5zfpOXhDd1cmtTko+pH/a
aIhzDryZIMvuoxsxQLv0on/UwuoyfPK2bxaH/R3SCfrUP4zTYB8HsylGvI+fv1AD
nw9kOUYK/BDf9RR6CvmP+BcDMnD6G45Sz8nY+2czn1c5NmBMrriclSywblpANcyX
pzKglXit8O9Bd6mGMxKkjylqmlA/caXtOGJW+O/ZPZ4csj4p3eac9USx10ZKLbBj
PPWN0OQeUUVb6A==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:22:40 2025 by rpki-client