Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File: gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier: Ec6ny/UBQVhlvmzVgkRqwsb6f0ijJz8WHkugxZ95Rlc=
Subject key identifier: 43:5D:20:75:77:2C:7A:25:7B:66:AB:7A:7F:19:AA:22:EF:C7:A4:FE
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer: /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial: 019A725C718F80B940D717DE88A602266407
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number: 0B36
Signing time: Tue 11 Nov 2025 10:00:52 +0000
Manifest this update: Tue 11 Nov 2025 10:00:52 +0000
Manifest next update: Wed 12 Nov 2025 10:00:52 +0000
Files and hashes: 1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=)
2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: jE0p3mCVgOoAEerFBcf82SRF2E8ZA4oiOH9vdFSTW1g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:71:8f:80:b9:40:d7:17:de:88:a6:02:26:64:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Validity
Not Before: Nov 11 10:00:52 2025 GMT
Not After : Nov 12 10:00:52 2025 GMT
Subject: CN=435d2075772c7a257b66ab7a7f19aa22efc7a4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:42:a0:30:a3:01:07:3e:99:84:ef:28:72:ed:
db:21:d6:24:a5:f6:91:d6:3b:29:f0:40:81:a8:b4:
2a:3e:5c:30:9b:18:31:c5:bf:39:8b:56:97:1a:ad:
ad:82:ea:a4:31:b0:c7:27:3e:57:31:d4:3f:7e:77:
5f:dd:7e:d2:89:5f:08:94:08:a6:f6:29:70:13:d7:
af:58:24:76:03:5f:f5:7f:6c:98:41:b7:b6:fd:4d:
8d:f5:27:4a:91:67:61:72:78:ef:01:de:67:09:c3:
5e:24:50:fa:51:bd:95:21:16:59:26:93:50:34:0c:
09:2f:ef:26:3c:ac:83:56:10:c1:a7:e9:ff:bf:89:
96:79:bb:dc:0f:6f:0f:52:60:50:13:54:99:5f:7c:
0d:d2:0d:3a:ae:4d:84:5b:e0:5c:5b:7e:c0:c9:99:
71:f4:88:cf:aa:63:59:00:c7:9b:05:c6:ec:3b:5e:
58:0f:d9:df:02:c7:ed:b6:c8:64:02:63:0b:03:50:
f4:59:20:2f:08:1f:c5:b6:96:ef:9a:db:3a:16:dc:
3c:aa:46:46:52:c4:e5:d6:55:6c:dd:cf:45:7b:e1:
50:46:23:3d:91:36:0a:d5:0f:42:69:04:ea:3d:b6:
13:13:49:49:c5:a0:7c:b8:52:a7:36:9a:20:f5:3e:
f0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5D:20:75:77:2C:7A:25:7B:66:AB:7A:7F:19:AA:22:EF:C7:A4:FE
X509v3 Authority Key Identifier:
keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:79:ef:cd:ef:56:4e:d2:9c:27:99:21:a9:ee:e9:4b:42:96:
d8:db:2a:b9:7e:2e:e2:ec:71:1f:57:59:bd:02:4b:b0:13:ac:
a3:b6:66:8f:a3:ff:47:24:28:28:a6:21:fe:a7:50:e3:75:3e:
db:69:4b:df:df:5b:7a:d1:96:b3:80:f9:d4:10:3e:a6:f9:b2:
be:83:71:26:f8:6b:d0:57:c4:54:34:9b:9f:75:bb:8b:82:80:
df:c8:a8:90:63:04:a4:39:60:db:10:a7:52:fb:a7:34:2a:9a:
14:49:80:13:b0:f9:e4:0c:c4:c9:cf:39:b8:b2:1c:75:65:0d:
b4:2f:a7:22:67:dd:5f:f4:b4:4a:7b:17:f9:2f:8c:52:61:d4:
e3:87:e4:fa:24:c3:fe:48:bb:21:13:b8:9a:ac:a6:99:f7:c7:
4e:97:db:dc:6b:ba:d5:7a:a9:a4:75:15:c6:5d:09:7f:0c:56:
14:83:0f:ee:df:ea:3a:f8:61:52:ce:c7:d1:26:fc:9f:e0:36:
93:3c:1a:38:8a:50:a4:7d:b3:2e:05:0e:51:9c:10:d2:b8:dc:
66:53:4f:df:5a:87:5f:95:3a:e5:b6:01:52:bc:8a:5f:13:a7:
3c:e6:03:e2:2e:9a:40:5f:5f:6a:12:ef:f8:16:51:db:c6:12:
73:bc:bb:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXHGPgLlA1xfeiKYCJmQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjUxMTExMTAwMDUyWhcNMjUxMTEyMTAwMDUyWjAzMTEwLwYDVQQD
Eyg0MzVkMjA3NTc3MmM3YTI1N2I2NmFiN2E3ZjE5YWEyMmVmYzdhNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0KgMKMBBz6ZhO8ocu3bIdYkpfaR
1jsp8ECBqLQqPlwwmxgxxb85i1aXGq2tguqkMbDHJz5XMdQ/fndf3X7SiV8IlAim
9ilwE9evWCR2A1/1f2yYQbe2/U2N9SdKkWdhcnjvAd5nCcNeJFD6Ub2VIRZZJpNQ
NAwJL+8mPKyDVhDBp+n/v4mWebvcD28PUmBQE1SZX3wN0g06rk2EW+BcW37AyZlx
9IjPqmNZAMebBcbsO15YD9nfAsfttshkAmMLA1D0WSAvCB/Ftpbvmts6Ftw8qkZG
UsTl1lVs3c9Fe+FQRiM9kTYK1Q9CaQTqPbYTE0lJxaB8uFKnNpog9T7wvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENdIHV3LHole2aren8ZqiLvx6T+MB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXnvze9W
TtKcJ5khqe7pS0KW2NsquX4u4uxxH1dZvQJLsBOso7Zmj6P/RyQoKKYh/qdQ43U+
22lL399betGWs4D51BA+pvmyvoNxJvhr0FfEVDSbn3W7i4KA38iokGMEpDlg2xCn
UvunNCqaFEmAE7D55AzEyc85uLIcdWUNtC+nImfdX/S0SnsX+S+MUmHU44fk+iTD
/ki7IRO4mqymmffHTpfb3Gu61XqppHUVxl0JfwxWFIMP7t/qOvhhUs7H0Sb8n+A2
kzwaOIpQpH2zLgUOUZwQ0rjcZlNP31qHX5U65bYBUryKXxOnPOYD4i6aQF9fahLv
+BZR28YSc7y73w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:02 2025 by rpki-client