Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
File: hEoXkcsH8dhhI8Y9w63P11TbEBs.mft (raw, json)
Hash identifier: dE4o7KgqGCb//U2rDuwZB/FuKkzliuPkgoD0OsGBGS4=
Subject key identifier: 78:41:60:3F:EC:90:CA:E8:12:16:F9:6D:22:4B:2C:70:5D:40:F8:72
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 019A722582CC50824215DB5FA513DFB539C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
Manifest number: 0B30
Signing time: Tue 11 Nov 2025 09:00:52 +0000
Manifest this update: Tue 11 Nov 2025 09:00:52 +0000
Manifest next update: Wed 12 Nov 2025 09:00:52 +0000
Files and hashes: 1: Ihp0VP8oRNeTGrBSGwpts6D1JhE.roa (hash: Qldf3LszJ2g2XwaE6LEoxPc+aR59tijRa50IN/mT6PY=)
2: gi2zaUr2ngLXfM8NV7jNPdt_PFI.roa (hash: pPPLz9b8ntu+6vKYV+GHcDLfS03p/6Pt+aGjIk5ADdw=)
3: hEoXkcsH8dhhI8Y9w63P11TbEBs.crl (hash: fUc99wfACkKbL33uWOZZ6+zjHePE8IaIrl1x4qpV170=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:82:cc:50:82:42:15:db:5f:a5:13:df:b5:39:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Nov 11 09:00:52 2025 GMT
Not After : Nov 12 09:00:52 2025 GMT
Subject: CN=7841603fec90cae81216f96d224b2c705d40f872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:07:27:e0:65:6e:20:37:62:b4:52:cd:d2:a9:
f5:0d:94:76:68:bf:82:4f:01:41:42:fd:a5:7c:af:
c0:8f:c1:ae:11:61:4c:00:8e:15:d6:c3:fc:88:49:
0f:81:06:10:b1:71:88:0d:17:71:f3:3e:df:ef:c4:
0a:63:ef:10:15:f0:24:fe:9f:34:0f:d6:8e:fb:2b:
66:6c:59:d2:b9:8b:aa:9d:8d:15:7a:1b:a1:b7:e2:
b5:2c:61:92:9d:f6:43:43:a2:b1:13:ae:51:59:b6:
2a:b4:ea:fa:ce:72:b0:ae:9c:7f:ab:8b:2e:1d:e3:
80:08:1e:eb:dc:2f:13:30:7e:a5:a9:0b:b5:ff:fb:
09:33:b3:3b:0b:48:73:ee:ac:7c:c9:12:7b:52:00:
b8:ab:31:d2:92:7a:58:bf:89:5e:06:2f:68:ed:76:
f9:b5:0d:f9:a5:22:89:c6:ea:cc:25:a9:09:ba:45:
b5:bb:0d:72:c2:85:f2:c8:59:dc:91:cd:ed:51:37:
bd:0e:90:6f:13:20:8a:a8:54:c2:65:12:1f:55:b0:
31:4a:8c:f7:40:7f:f9:68:75:0a:40:e0:03:e2:a4:
77:1c:84:c3:28:e4:06:d0:bc:ed:77:1d:03:7b:5c:
eb:c6:eb:bd:5e:d3:fa:45:06:84:97:31:64:f6:ef:
ef:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:41:60:3F:EC:90:CA:E8:12:16:F9:6D:22:4B:2C:70:5D:40:F8:72
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:a2:d4:66:fb:5d:a1:82:0c:8f:ed:29:00:6d:78:0d:69:81:
65:b0:b2:fc:1f:f1:28:82:79:f5:f2:f6:ba:03:6d:7d:18:d2:
55:24:08:39:82:74:22:05:b4:f9:a4:04:09:16:30:52:7f:31:
3a:33:02:1c:04:4c:5b:0e:1e:d7:16:7a:8c:16:13:56:ad:6b:
ae:36:a2:f7:5c:bf:f5:68:e2:d3:e1:a3:05:15:d8:2a:35:5d:
6a:52:0c:d1:a1:24:38:80:21:e5:11:0d:f1:03:22:d6:1f:e2:
6c:b4:cc:ee:83:48:c0:76:29:25:60:0e:0a:1c:db:3c:79:31:
4d:1f:16:0c:ce:95:26:23:dd:97:38:4a:4a:da:c1:da:5a:10:
ac:c8:84:a3:14:8d:3c:50:65:89:5a:e6:4b:b1:db:ab:0b:b8:
0b:79:df:b7:30:78:a9:84:7b:50:c7:1d:ed:b8:d6:cf:5f:3f:
26:0a:61:7e:11:d6:07:50:cb:66:32:68:de:c6:e0:69:a1:b1:
66:00:40:18:68:51:bb:90:58:94:1d:4c:4b:f1:e8:c3:6f:97:
ea:b0:63:fb:40:da:0d:10:88:e4:24:46:33:b6:7d:94:8c:4d:
3b:64:50:61:5c:cd:cb:68:4f:30:4e:84:59:76:64:03:92:90:
35:f0:81:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYLMUIJCFdtfpRPftTnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjUxMTExMDkwMDUyWhcNMjUxMTEyMDkwMDUyWjAzMTEwLwYDVQQD
Eyg3ODQxNjAzZmVjOTBjYWU4MTIxNmY5NmQyMjRiMmM3MDVkNDBmODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQcn4GVuIDditFLN0qn1DZR2aL+C
TwFBQv2lfK/Aj8GuEWFMAI4V1sP8iEkPgQYQsXGIDRdx8z7f78QKY+8QFfAk/p80
D9aO+ytmbFnSuYuqnY0Vehuht+K1LGGSnfZDQ6KxE65RWbYqtOr6znKwrpx/q4su
HeOACB7r3C8TMH6lqQu1//sJM7M7C0hz7qx8yRJ7UgC4qzHSknpYv4leBi9o7Xb5
tQ35pSKJxurMJakJukW1uw1ywoXyyFnckc3tUTe9DpBvEyCKqFTCZRIfVbAxSoz3
QH/5aHUKQOAD4qR3HITDKOQG0Lztdx0De1zrxuu9XtP6RQaElzFk9u/v8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhBYD/skMroEhb5bSJLLHBdQPhyMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6LUZvtd
oYIMj+0pAG14DWmBZbCy/B/xKIJ59fL2ugNtfRjSVSQIOYJ0IgW0+aQECRYwUn8x
OjMCHARMWw4e1xZ6jBYTVq1rrjai91y/9Wji0+GjBRXYKjVdalIM0aEkOIAh5REN
8QMi1h/ibLTM7oNIwHYpJWAOChzbPHkxTR8WDM6VJiPdlzhKStrB2loQrMiEoxSN
PFBliVrmS7Hbqwu4C3nftzB4qYR7UMcd7bjWz18/JgphfhHWB1DLZjJo3sbgaaGx
ZgBAGGhRu5BYlB1MS/How2+X6rBj+0DaDRCI5CRGM7Z9lIxNO2RQYVzNy2hPME6E
WXZkA5KQNfCB3A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:48:28 2025 by rpki-client