Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: CQgTHeT5Oawa6FfsOZKNPOVoVcLh48d4TZnJ+4uXR/U=
Subject key identifier: 73:2C:08:E5:E7:D2:E7:E1:F1:1B:36:50:64:A3:26:49:AE:F7:35:98
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019A4C613D442C69F5B93CB5189986C8EC2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 04D7
Signing time: Tue 04 Nov 2025 01:00:32 +0000
Manifest this update: Tue 04 Nov 2025 01:00:32 +0000
Manifest next update: Wed 05 Nov 2025 01:00:32 +0000
Files and hashes: 1: Q_kLSJOWLJDEhyzkodJRQWJEfMU.roa (hash: 2p8AahImaC704aSN2Sau8pFCrbFVUG9Dz60aJg9x1m8=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: 3V9Hh+QmaK/fMov88kTyPy7Y7NC5WOYJFAL6W7uFShQ=)
3: hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa (hash: GoC7lm4BXzEaLJBGVeCTSYenfrijER5VgtT8WvoxW4g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:61:3d:44:2c:69:f5:b9:3c:b5:18:99:86:c8:ec:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Nov 4 01:00:32 2025 GMT
Not After : Nov 5 01:00:32 2025 GMT
Subject: CN=732c08e5e7d2e7e1f11b365064a32649aef73598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:78:f1:0a:13:c4:87:79:a1:0c:0f:30:57:
75:b9:f3:b8:73:56:b2:ed:16:ab:40:3a:0b:95:16:
01:68:4a:09:25:66:f4:43:46:4f:c9:7d:b5:bd:79:
e3:3b:26:bf:11:bd:19:d3:bc:03:a7:a1:1f:d6:fc:
1f:34:15:c0:cc:a7:c1:c3:13:36:91:af:38:cc:46:
3e:3d:bd:a3:16:9a:54:bd:15:4b:fe:f9:0b:61:20:
3d:3c:e9:7b:74:e8:2c:41:44:0e:a9:35:a7:39:23:
5c:73:1b:ca:57:10:0e:4b:a2:1c:5b:19:63:fd:11:
c9:30:27:72:5a:49:b0:f7:37:3e:32:0b:43:9b:f6:
c8:67:e7:3d:e3:5e:ad:3f:51:5c:b7:bb:03:0d:64:
c1:f7:7c:99:fb:3c:54:50:ea:e7:98:b2:2e:8b:2c:
20:e8:17:49:93:87:34:a9:4b:07:0c:f8:90:fc:2e:
96:ce:79:2f:aa:11:38:3d:5b:d0:a8:c0:c3:95:d6:
f1:5f:f3:b2:26:09:9f:64:e8:69:5c:b9:62:a3:14:
bd:56:c1:f5:df:0d:9d:89:4f:a9:72:79:11:fc:0a:
e4:67:47:f7:2d:65:8e:44:06:7c:6d:0f:b5:e5:3d:
1c:07:c1:21:50:0a:c7:80:e6:1e:bf:61:07:19:7f:
e9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2C:08:E5:E7:D2:E7:E1:F1:1B:36:50:64:A3:26:49:AE:F7:35:98
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:74:20:80:6b:b3:a3:c7:b4:6a:d7:07:93:cb:88:13:e2:da:
cb:6c:7d:d6:93:5e:1f:11:7f:33:df:9c:49:05:2d:04:70:56:
2d:c6:70:ce:4e:84:eb:f4:1b:22:6f:24:06:7c:e6:4c:95:b7:
8f:5d:44:bd:62:5b:0f:3b:25:18:5f:4e:27:5b:ca:f1:f3:15:
fb:6a:d2:69:8d:19:d4:95:e5:eb:01:05:a4:a3:81:42:87:73:
cd:53:e1:51:f9:22:85:8b:f7:62:58:d0:af:55:68:54:2e:80:
25:60:ed:5c:72:75:38:4d:1f:3c:03:51:b2:fe:d8:4f:d6:ff:
f2:b6:78:5f:e5:e0:5a:ba:91:36:bc:28:08:f4:0e:19:71:75:
01:46:ba:9e:72:29:bd:e1:68:88:68:95:46:c5:25:e1:47:73:
7c:91:df:06:18:5b:85:a5:f1:5b:ec:90:5e:af:f5:4b:ef:ba:
01:8e:6b:6b:c2:d7:36:ab:c9:83:19:5d:69:a7:3f:7d:c3:ae:
e8:21:b1:fe:ab:78:13:ec:52:0b:85:51:18:28:cb:33:c1:58:
d5:81:61:63:d7:00:71:fd:56:24:87:29:b7:e7:ba:24:89:3f:
72:e0:0e:70:c1:22:5a:c4:9f:20:1e:4e:d6:2c:bc:58:8d:af:
ba:b3:11:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYT1ELGn1uTy1GJmGyOwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjUxMTA0MDEwMDMyWhcNMjUxMTA1MDEwMDMyWjAzMTEwLwYDVQQD
Eyg3MzJjMDhlNWU3ZDJlN2UxZjExYjM2NTA2NGEzMjY0OWFlZjczNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO148QoTxId5oQwPMFd1ufO4c1ay
7RarQDoLlRYBaEoJJWb0Q0ZPyX21vXnjOya/Eb0Z07wDp6Ef1vwfNBXAzKfBwxM2
ka84zEY+Pb2jFppUvRVL/vkLYSA9POl7dOgsQUQOqTWnOSNccxvKVxAOS6IcWxlj
/RHJMCdyWkmw9zc+MgtDm/bIZ+c9416tP1Fct7sDDWTB93yZ+zxUUOrnmLIuiywg
6BdJk4c0qUsHDPiQ/C6WznkvqhE4PVvQqMDDldbxX/OyJgmfZOhpXLlioxS9VsH1
3w2diU+pcnkR/ArkZ0f3LWWORAZ8bQ+15T0cB8EhUArHgOYev2EHGX/pIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMsCOXn0ufh8Rs2UGSjJkmu9zWYMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwnQggGuz
o8e0atcHk8uIE+Lay2x91pNeHxF/M9+cSQUtBHBWLcZwzk6E6/QbIm8kBnzmTJW3
j11EvWJbDzslGF9OJ1vK8fMV+2rSaY0Z1JXl6wEFpKOBQodzzVPhUfkihYv3YljQ
r1VoVC6AJWDtXHJ1OE0fPANRsv7YT9b/8rZ4X+XgWrqRNrwoCPQOGXF1AUa6nnIp
veFoiGiVRsUl4UdzfJHfBhhbhaXxW+yQXq/1S++6AY5ra8LXNqvJgxldaac/fcOu
6CGx/qt4E+xSC4VRGCjLM8FY1YFhY9cAcf1WJIcpt+e6JIk/cuAOcMEiWsSfIB5O
1iy8WI2vurMRJQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 04:01:10 2025 by rpki-client