Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: t2HMLGMet9xQ4wCr2Rg0Ag6durQ1TG1f9MBRDn7X1uY=
Subject key identifier: 57:E0:00:71:55:B8:E7:DE:85:01:3F:17:66:B6:C9:91:A7:9F:AD:AA
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019A2176F060BA87FE8345BB34464A392D40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0B9A
Signing time: Sun 26 Oct 2025 17:00:34 +0000
Manifest this update: Sun 26 Oct 2025 17:00:34 +0000
Manifest next update: Mon 27 Oct 2025 17:00:34 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: OGypMJiuKb0+nqyMtTqu7wi89768D8dktISLA7A3QN4=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:76:f0:60:ba:87:fe:83:45:bb:34:46:4a:39:2d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Oct 26 17:00:34 2025 GMT
Not After : Oct 27 17:00:34 2025 GMT
Subject: CN=57e0007155b8e7de85013f1766b6c991a79fadaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:2e:42:18:f0:e6:64:7f:93:55:a6:c7:06:
68:5e:4a:61:d1:bd:21:4c:a9:10:ac:55:74:7a:06:
58:8f:15:be:eb:04:bd:77:a0:1d:53:9c:41:d2:e5:
a6:71:e5:a1:5f:27:e0:47:ba:4a:c0:c3:c1:ff:9c:
ca:04:29:70:00:ab:51:c5:66:a2:2e:b2:c7:0c:67:
10:95:60:4d:ca:28:a5:b8:60:d9:ae:c9:2b:10:92:
c4:84:8a:df:d8:cf:6d:a0:f7:c4:eb:cb:4d:4b:67:
c5:56:e3:04:4c:2d:c7:5e:bb:ea:f6:f4:fa:8d:66:
8a:bd:ca:27:f7:31:84:de:93:2e:74:04:76:0c:09:
46:7e:70:d1:0c:da:02:f6:09:b3:4a:35:ab:00:4f:
1f:90:50:f2:01:07:40:73:3c:78:c4:d0:4b:61:3c:
c1:81:f7:d1:12:af:72:7e:68:99:9e:8c:69:f1:72:
19:99:3a:60:8c:5a:31:e4:0f:45:5d:dc:d9:2e:e5:
d2:d4:a5:f4:1b:84:70:69:5f:ff:a4:91:7c:e2:0e:
7a:7a:a4:d9:cf:dc:80:cb:f7:bf:f2:bb:c8:db:33:
0e:2f:af:6c:bf:eb:3f:f7:66:3a:16:49:0b:de:32:
0a:b6:60:91:b6:49:a8:03:50:b7:db:14:6c:49:15:
e4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E0:00:71:55:B8:E7:DE:85:01:3F:17:66:B6:C9:91:A7:9F:AD:AA
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:20:4d:f0:bb:f6:ab:fa:e7:eb:b0:fc:1b:91:bd:61:55:5a:
0c:bc:d8:9e:9f:d0:cc:e9:1f:4d:30:58:33:84:c8:92:b5:77:
6d:e8:ce:83:9a:7b:09:c9:eb:ff:32:aa:f7:00:77:a8:6d:7d:
36:0b:07:c0:fe:c9:cc:4b:37:68:a2:9a:bf:8c:c8:97:19:6a:
1e:54:31:2d:51:8c:27:51:b7:fe:46:7a:f4:96:a3:ae:59:25:
d3:34:75:c5:6f:dc:44:7a:b7:97:36:e6:cd:45:d4:43:a6:07:
94:f4:5c:b6:e8:bc:83:b1:5f:d2:6b:87:ef:4c:f8:24:98:0c:
5a:33:b5:58:b9:9c:09:b7:ed:94:3d:07:d6:e9:f3:59:b4:6b:
ab:3b:2a:60:6c:34:3d:aa:ec:36:04:98:70:21:b3:e8:10:2f:
c3:1c:cc:a1:51:de:e3:92:16:4e:78:87:97:3c:a7:59:81:96:
6b:04:40:ac:b7:e8:d4:91:ff:3b:4c:20:e9:22:8c:3b:0f:a5:
99:6d:44:4e:79:4a:6b:f9:da:73:24:6d:4b:a1:2c:ee:f3:fe:
da:d7:21:52:dc:4a:64:e0:23:5e:3c:68:4d:8a:37:e6:32:5b:
f4:95:f7:3f:36:28:db:3b:36:7f:70:fd:44:c4:f0:e2:e6:a6:
4f:1e:d3:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohdvBguof+g0W7NEZKOS1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUxMDI2MTcwMDM0WhcNMjUxMDI3MTcwMDM0WjAzMTEwLwYDVQQD
Eyg1N2UwMDA3MTU1YjhlN2RlODUwMTNmMTc2NmI2Yzk5MWE3OWZhZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeguQhjw5mR/k1WmxwZoXkph0b0h
TKkQrFV0egZYjxW+6wS9d6AdU5xB0uWmceWhXyfgR7pKwMPB/5zKBClwAKtRxWai
LrLHDGcQlWBNyiiluGDZrskrEJLEhIrf2M9toPfE68tNS2fFVuMETC3HXrvq9vT6
jWaKvcon9zGE3pMudAR2DAlGfnDRDNoC9gmzSjWrAE8fkFDyAQdAczx4xNBLYTzB
gffREq9yfmiZnoxp8XIZmTpgjFox5A9FXdzZLuXS1KX0G4RwaV//pJF84g56eqTZ
z9yAy/e/8rvI2zMOL69sv+s/92Y6FkkL3jIKtmCRtkmoA1C32xRsSRXkaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfgAHFVuOfehQE/F2a2yZGnn62qMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyBN8Lv2
q/rn67D8G5G9YVVaDLzYnp/QzOkfTTBYM4TIkrV3bejOg5p7Ccnr/zKq9wB3qG19
NgsHwP7JzEs3aKKav4zIlxlqHlQxLVGMJ1G3/kZ69Jajrlkl0zR1xW/cRHq3lzbm
zUXUQ6YHlPRctui8g7Ff0muH70z4JJgMWjO1WLmcCbftlD0H1unzWbRrqzsqYGw0
ParsNgSYcCGz6BAvwxzMoVHe45IWTniHlzynWYGWawRArLfo1JH/O0wg6SKMOw+l
mW1ETnlKa/nacyRtS6Es7vP+2tchUtxKZOAjXjxoTYo35jJb9JX3PzYo2zs2f3D9
RMTw4uamTx7Tkw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:42:28 2025 by rpki-client