Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.mft
File: I_Hgnw5u2JGtF9bOSjxzKNdZtMg.mft (raw, json)
Hash identifier: 5Sw99jUUAeib4B8YOAj6RfapXjw55qZyNM09W7MOkAY=
Subject key identifier: B3:B3:2B:F9:04:5A:AC:95:43:F4:8E:DA:89:63:99:B5:77:ED:E4:15
Authority key identifier: 23:F1:E0:9F:0E:6E:D8:91:AD:17:D6:CE:4A:3C:73:28:D7:59:B4:C8
Certificate issuer: /CN=23f1e09f0e6ed891ad17d6ce4a3c7328d759b4c8
Certificate serial: 019A299E1A6A7C93E7BC8D5441D29C48604D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.mft
Manifest number: 16FA
Signing time: Tue 28 Oct 2025 07:00:18 +0000
Manifest this update: Tue 28 Oct 2025 07:00:18 +0000
Manifest next update: Wed 29 Oct 2025 07:00:18 +0000
Files and hashes: 1: I_Hgnw5u2JGtF9bOSjxzKNdZtMg.crl (hash: yoPE+iPHfj3CUK8Er5QNoTWGnZAeW9KaXZ9y+54THXc=)
2: Tp4BAItGYlXYP71Yl1jvkjdBkns.roa (hash: BUC2R1hzU4lwEDEogKCUTPLUZZa/Hz8pj9j9ce25uwk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 07:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:9e:1a:6a:7c:93:e7:bc:8d:54:41:d2:9c:48:60:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f1e09f0e6ed891ad17d6ce4a3c7328d759b4c8
Validity
Not Before: Oct 28 07:00:18 2025 GMT
Not After : Oct 29 07:00:18 2025 GMT
Subject: CN=b3b32bf9045aac9543f48eda896399b577ede415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:aa:a3:f1:ab:0f:58:e1:ab:9d:3b:2c:18:
b1:34:40:0a:46:2e:2e:cf:9e:f1:e9:20:c3:7d:79:
44:0b:52:3b:be:8e:23:8f:97:34:f2:be:92:7c:cc:
64:aa:12:5e:c1:2a:ce:45:6e:35:5f:c2:9a:e3:74:
29:4c:9f:8d:72:4a:d6:88:d1:5f:de:ff:c0:80:a5:
f0:69:9a:7c:c4:1f:1f:a5:d3:d9:25:73:63:a7:2c:
9f:81:db:a6:22:22:51:13:4c:21:b1:05:8d:3f:8f:
1f:f7:d7:b9:ba:8c:5f:bf:da:6b:0a:7f:d8:0d:67:
82:6f:c6:a0:61:b2:3b:de:b5:1c:d0:f5:79:ba:5f:
dd:e7:1c:85:59:c1:ee:c0:b0:72:df:5f:a5:ad:71:
8b:1d:30:ec:40:9f:8f:85:59:8d:ed:a3:fe:61:24:
b1:a0:c6:0d:18:5f:89:0e:0e:d6:aa:ca:b3:69:c6:
d2:12:73:19:5a:0e:a4:df:0d:e5:44:66:0e:7a:cb:
6e:3c:ed:2b:bc:36:1e:2d:32:18:69:1e:a8:82:9d:
7d:51:53:d8:66:04:79:11:6a:57:0d:68:11:f3:bd:
20:21:22:76:e1:00:3d:22:2b:7e:41:d5:c1:c1:9a:
92:3e:9a:9b:78:f8:f2:b1:9f:ba:a1:67:9a:e0:fe:
79:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B3:2B:F9:04:5A:AC:95:43:F4:8E:DA:89:63:99:B5:77:ED:E4:15
X509v3 Authority Key Identifier:
keyid:23:F1:E0:9F:0E:6E:D8:91:AD:17:D6:CE:4A:3C:73:28:D7:59:B4:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/955ed1-8b40-4185-84a9-2ddcf56a763e/1/I_Hgnw5u2JGtF9bOSjxzKNdZtMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:c9:8c:13:cf:ac:a3:af:7f:34:68:e2:ce:2d:52:44:04:cb:
ee:a2:a9:0d:b8:a3:27:c0:d2:f6:20:48:7e:f3:bd:7e:eb:3b:
ec:16:84:30:5b:49:4d:c8:19:36:a8:3d:4f:46:ee:8e:33:2e:
27:ad:8e:56:a8:4d:38:07:dc:84:9b:09:93:ab:88:79:cc:a1:
ba:66:39:3f:a7:e0:58:6d:a3:53:df:ef:8b:f2:38:5a:09:bf:
81:2c:d2:ad:ae:43:11:65:c3:2c:ab:af:40:6a:91:72:d0:35:
80:60:2f:94:d7:68:d0:f7:b0:8c:90:dc:d3:94:94:32:49:2a:
54:1a:3f:cd:e1:ac:54:28:41:11:66:f0:87:b4:36:e4:e9:b4:
1c:97:8c:0a:c0:20:b7:81:f2:48:15:eb:25:6b:b8:ef:46:ef:
a1:ce:b5:ba:2b:46:e3:f2:18:c3:46:c3:84:e1:fe:84:25:04:
35:8e:7e:c4:c3:fd:35:e9:f7:f3:28:eb:6c:db:7b:6b:67:9b:
97:5b:5b:57:b3:0f:3c:d1:7f:5e:94:7a:48:81:2b:2b:58:3e:
36:51:32:1a:d5:c2:03:0a:8e:a3:43:2b:23:2f:4d:bd:2c:bb:
4c:11:d1:20:9a:b0:d3:0c:18:9e:33:95:12:b3:fb:22:41:15:
1b:3f:f4:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopnhpqfJPnvI1UQdKcSGBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjFlMDlmMGU2ZWQ4OTFhZDE3ZDZjZTRhM2M3MzI4ZDc1
OWI0YzgwHhcNMjUxMDI4MDcwMDE4WhcNMjUxMDI5MDcwMDE4WjAzMTEwLwYDVQQD
EyhiM2IzMmJmOTA0NWFhYzk1NDNmNDhlZGE4OTYzOTliNTc3ZWRlNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsByqo/GrD1jhq507LBixNEAKRi4u
z57x6SDDfXlEC1I7vo4jj5c08r6SfMxkqhJewSrORW41X8Ka43QpTJ+NckrWiNFf
3v/AgKXwaZp8xB8fpdPZJXNjpyyfgdumIiJRE0whsQWNP48f99e5uoxfv9prCn/Y
DWeCb8agYbI73rUc0PV5ul/d5xyFWcHuwLBy31+lrXGLHTDsQJ+PhVmN7aP+YSSx
oMYNGF+JDg7WqsqzacbSEnMZWg6k3w3lRGYOestuPO0rvDYeLTIYaR6ogp19UVPY
ZgR5EWpXDWgR870gISJ24QA9Iit+QdXBwZqSPpqbePjysZ+6oWea4P55QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOzK/kEWqyVQ/SO2oljmbV37eQVMB8GA1UdIwQY
MBaAFCPx4J8ObtiRrRfWzko8cyjXWbTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9IZ253NXUySkd0RjliT1NqeHpLTmRadE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85NTVlZDEtOGI0MC00MTg1LTg0YTkt
MmRkY2Y1NmE3NjNlLzEvSV9IZ253NXUySkd0RjliT1NqeHpLTmRadE1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85NTVlZDEtOGI0MC00MTg1LTg0YTktMmRkY2Y1NmE3NjNl
LzEvSV9IZ253NXUySkd0RjliT1NqeHpLTmRadE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMmME8+s
o69/NGjizi1SRATL7qKpDbijJ8DS9iBIfvO9fus77BaEMFtJTcgZNqg9T0bujjMu
J62OVqhNOAfchJsJk6uIecyhumY5P6fgWG2jU9/vi/I4Wgm/gSzSra5DEWXDLKuv
QGqRctA1gGAvlNdo0PewjJDc05SUMkkqVBo/zeGsVChBEWbwh7Q25Om0HJeMCsAg
t4HySBXrJWu470bvoc61uitG4/IYw0bDhOH+hCUENY5+xMP9Nen38yjrbNt7a2eb
l1tbV7MPPNF/XpR6SIErK1g+NlEyGtXCAwqOo0MrIy9NvSy7TBHRIJqw0wwYnjOV
ErP7IkEVGz/0qA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 12:56:36 2025 by rpki-client