Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.mft
File: hLDKyDjyguBClI-dKyzVdU0ujEc.mft (raw, json)
Hash identifier: mWhTYUSGmWo1kXselmnKUKPPWzXZ3tZ3nNctyHt4vNQ=
Subject key identifier: 30:72:1A:B7:59:96:6C:34:0D:3F:82:13:2F:A8:92:E8:E8:A6:B9:2D
Authority key identifier: 84:B0:CA:C8:38:F2:82:E0:42:94:8F:9D:2B:2C:D5:75:4D:2E:8C:47
Certificate issuer: /CN=84b0cac838f282e042948f9d2b2cd5754d2e8c47
Certificate serial: 019A72CA419DAC33D8F2582592A89CEB5108
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLDKyDjyguBClI-dKyzVdU0ujEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 12:00:48 +0000
Manifest this update: Tue 11 Nov 2025 12:00:48 +0000
Manifest next update: Wed 12 Nov 2025 12:00:48 +0000
Files and hashes: 1: hLDKyDjyguBClI-dKyzVdU0ujEc.crl (hash: tFFZiQq3K7bR72BCn/haygDnHI79cLvikRfYkkcNObo=)
2: mq2WK1BWz4a2Yo_KhLxZIcR7xCc.roa (hash: Qcby8Wr2h6htBY3phdXczNrS5qR9unpp5KemIo49KRI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLDKyDjyguBClI-dKyzVdU0ujEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:41:9d:ac:33:d8:f2:58:25:92:a8:9c:eb:51:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b0cac838f282e042948f9d2b2cd5754d2e8c47
Validity
Not Before: Nov 11 12:00:48 2025 GMT
Not After : Nov 12 12:00:48 2025 GMT
Subject: CN=30721ab759966c340d3f82132fa892e8e8a6b92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5b:67:7a:bc:e7:4c:9b:4d:29:66:ae:82:d0:
cf:4f:8e:6a:ba:bb:60:db:8e:67:2b:75:80:d8:63:
64:2b:c1:79:49:12:23:b0:24:b1:b3:5a:69:51:84:
d6:c4:58:14:b0:e3:22:94:a8:9e:79:36:c2:a6:61:
03:b3:9d:79:f2:fc:77:53:50:39:32:16:f0:c7:c4:
71:c6:8c:d8:bb:fa:68:b6:52:4d:e6:10:46:80:53:
ed:b2:dc:44:48:ce:a4:0d:1f:96:d8:a4:2e:15:c9:
c5:a8:a9:29:52:2e:26:40:1a:75:20:04:79:f0:d3:
32:b2:47:d3:78:19:b0:41:64:0e:67:85:74:0a:ad:
e4:51:8d:c1:c6:12:15:c0:2b:55:4c:8e:6b:68:00:
77:54:52:d4:da:aa:fd:22:58:b4:6e:95:46:18:46:
f9:a0:10:a2:15:1b:74:be:f3:a4:fb:11:3e:7c:e5:
3e:e3:1b:a5:5e:f6:24:08:5f:37:4a:88:03:16:54:
19:cc:c1:83:b5:dd:76:04:6b:9e:8c:f2:e0:d1:c2:
fd:28:53:6c:25:13:82:5c:a7:46:14:78:cd:6e:00:
95:63:a7:ae:1b:b6:e0:3b:f7:3f:fd:16:76:fb:af:
f8:ac:76:6a:3c:ca:d6:d1:42:46:66:6a:e6:96:86:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:72:1A:B7:59:96:6C:34:0D:3F:82:13:2F:A8:92:E8:E8:A6:B9:2D
X509v3 Authority Key Identifier:
keyid:84:B0:CA:C8:38:F2:82:E0:42:94:8F:9D:2B:2C:D5:75:4D:2E:8C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLDKyDjyguBClI-dKyzVdU0ujEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:9b:76:ba:f1:3f:32:5e:b5:87:22:4d:ba:ae:74:95:75:f3:
3b:70:20:38:78:ab:53:75:f9:2a:c9:4c:e1:cc:89:7c:c4:51:
34:c3:fe:a3:08:7c:75:03:1c:a0:d9:b1:0b:44:b8:84:49:48:
8a:02:b2:52:57:17:ff:a2:d4:27:78:45:dc:22:3c:38:97:95:
5c:1f:2f:55:4d:cd:d7:a4:5b:83:5d:e0:09:da:05:f2:c7:a6:
9e:79:fd:7a:95:0f:0e:de:b3:31:f9:a0:16:6b:1b:b7:fd:8c:
63:5c:ee:63:d5:c7:35:38:54:54:07:58:80:a4:8d:ef:5d:a4:
7e:39:50:9d:d1:20:38:1d:2e:ee:de:2a:d1:87:3a:6a:bd:d6:
ea:6f:8d:aa:15:97:94:fa:1d:79:e9:99:4d:29:e0:37:f0:de:
a9:8f:db:98:be:77:bb:24:d8:bf:82:e2:28:93:57:6e:b6:38:
03:c9:5c:93:6d:b6:38:e9:62:e4:9d:d2:c7:bb:dc:9f:08:ff:
ed:5e:e9:ba:c6:59:f0:74:ca:79:67:17:9c:4b:9d:9a:34:2f:
d7:94:10:96:25:ba:a7:41:03:6f:6f:99:03:f1:28:7e:1f:4a:
25:64:f7:1e:22:e1:36:0e:6e:fd:9a:fc:21:2f:bc:1e:ac:64:
08:b7:36:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykGdrDPY8lglkqic61EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjBjYWM4MzhmMjgyZTA0Mjk0OGY5ZDJiMmNkNTc1NGQy
ZThjNDcwHhcNMjUxMTExMTIwMDQ4WhcNMjUxMTEyMTIwMDQ4WjAzMTEwLwYDVQQD
EygzMDcyMWFiNzU5OTY2YzM0MGQzZjgyMTMyZmE4OTJlOGU4YTZiOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFtnerznTJtNKWaugtDPT45qurtg
245nK3WA2GNkK8F5SRIjsCSxs1ppUYTWxFgUsOMilKieeTbCpmEDs5158vx3U1A5
Mhbwx8RxxozYu/potlJN5hBGgFPtstxESM6kDR+W2KQuFcnFqKkpUi4mQBp1IAR5
8NMyskfTeBmwQWQOZ4V0Cq3kUY3BxhIVwCtVTI5raAB3VFLU2qr9Ili0bpVGGEb5
oBCiFRt0vvOk+xE+fOU+4xulXvYkCF83SogDFlQZzMGDtd12BGuejPLg0cL9KFNs
JROCXKdGFHjNbgCVY6euG7bgO/c//RZ2+6/4rHZqPMrW0UJGZmrmloYFhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDByGrdZlmw0DT+CEy+okujoprktMB8GA1UdIwQY
MBaAFISwysg48oLgQpSPnSss1XVNLoxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExES3lEanlndUJDbEktZEt5elZkVTB1akVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lOTQ4N2YtZmRjNy00MGE3LThhNjct
MWJlNjljYTM5M2JhLzEvaExES3lEanlndUJDbEktZEt5elZkVTB1akVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lOTQ4N2YtZmRjNy00MGE3LThhNjctMWJlNjljYTM5M2Jh
LzEvaExES3lEanlndUJDbEktZEt5elZkVTB1akVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZt2uvE/
Ml61hyJNuq50lXXzO3AgOHirU3X5KslM4cyJfMRRNMP+owh8dQMcoNmxC0S4hElI
igKyUlcX/6LUJ3hF3CI8OJeVXB8vVU3N16Rbg13gCdoF8semnnn9epUPDt6zMfmg
Fmsbt/2MY1zuY9XHNThUVAdYgKSN712kfjlQndEgOB0u7t4q0Yc6ar3W6m+NqhWX
lPodeemZTSngN/DeqY/bmL53uyTYv4LiKJNXbrY4A8lck222OOli5J3Sx7vcnwj/
7V7pusZZ8HTKeWcXnEudmjQv15QQliW6p0EDb2+ZA/Eofh9KJWT3HiLhNg5u/Zr8
IS+8HqxkCLc21A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:23:50 2025 by rpki-client