Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: N/QyKp+Vh3eH8XGgcKhiv3A/FYTa/BxeZRpD7a+SYH8=
Subject key identifier: AE:CC:B8:3C:35:71:CE:1D:DF:61:B9:95:AF:5D:86:0D:80:F7:04:0A
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 019A7225C3AB3720985832F92E998DAF30FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 116E
Signing time: Tue 11 Nov 2025 09:01:08 +0000
Manifest this update: Tue 11 Nov 2025 09:01:08 +0000
Manifest next update: Wed 12 Nov 2025 09:01:08 +0000
Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: fESwHRo2I0LAAD2aDZgfbwID2VPf1VXwecrBhKKqqDU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:c3:ab:37:20:98:58:32:f9:2e:99:8d:af:30:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Nov 11 09:01:08 2025 GMT
Not After : Nov 12 09:01:08 2025 GMT
Subject: CN=aeccb83c3571ce1ddf61b995af5d860d80f7040a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:62:2a:92:3a:0b:81:19:7f:12:7c:0d:33:64:
14:ef:b9:0f:45:bd:2e:28:42:6c:32:c0:16:d8:f5:
ad:0e:d4:43:1a:6c:d8:ac:8e:29:00:b0:dd:f2:fd:
0b:6e:ab:0c:da:ae:ca:c1:4e:c6:2d:ce:d8:41:e2:
81:d6:e8:4d:fb:60:cb:31:59:6f:e9:05:b7:bd:0a:
94:f8:c7:21:1a:8c:62:83:47:5d:5a:d2:24:3d:f8:
13:8e:50:21:f3:7f:7b:98:80:d6:32:55:49:c2:d6:
69:59:b7:8f:8c:be:0d:2f:a1:f6:4b:09:44:8b:86:
f8:0d:cd:52:08:d4:4d:3b:81:fc:14:f8:a8:e5:95:
09:32:88:82:a9:bf:eb:a0:e0:cd:f2:3d:14:f6:0b:
b0:a7:1a:d3:fe:90:20:f9:3f:2b:d6:b1:b6:9d:e9:
76:51:1e:5e:23:37:dd:3d:aa:90:8e:24:b0:6d:fe:
55:0b:01:ff:09:e1:89:ec:98:3b:a4:4d:af:d0:78:
eb:ff:73:09:ae:fb:fb:6e:85:81:f0:26:a8:69:00:
9e:20:3e:3b:ad:e8:2c:1c:f9:2e:8e:e4:e6:06:5d:
67:82:c4:65:22:35:08:43:0d:07:a2:52:e9:13:17:
3e:48:48:00:ff:ac:c9:3e:d2:ad:6e:5f:58:32:39:
4d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CC:B8:3C:35:71:CE:1D:DF:61:B9:95:AF:5D:86:0D:80:F7:04:0A
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:f1:b2:9a:bb:4a:1c:c0:00:48:7b:93:7e:6f:f8:45:d8:6d:
e8:ed:b8:55:b7:2d:a9:be:1f:de:b7:d8:56:23:aa:4b:07:a8:
1c:c1:1d:d4:2e:e3:4f:18:0a:69:36:bf:c8:3d:23:8d:74:dc:
7c:23:e7:ba:e3:e0:ce:4a:4b:2f:df:da:f6:b2:65:55:10:db:
c0:f5:a7:d9:60:6a:ee:65:74:61:af:96:b1:3f:4d:ba:37:44:
10:e0:11:e0:05:f9:29:7e:5e:41:e3:55:a8:f9:5d:43:e9:bc:
06:dd:38:41:e8:ff:62:7d:1e:93:8c:63:af:e9:40:64:5f:be:
34:d3:09:68:76:41:a5:93:56:b4:e0:91:35:87:4e:21:1b:73:
b0:eb:d6:54:58:1f:5b:c5:ff:f7:78:a1:3b:cd:31:a2:87:73:
09:06:8b:6f:af:aa:b1:74:7e:fd:08:14:fe:f0:a0:a1:54:ad:
6e:65:bd:74:98:7e:ad:35:50:96:07:3b:61:f3:be:4c:d6:c9:
93:36:16:58:d0:dd:6a:a8:03:df:5f:7b:ef:7c:eb:5b:39:d0:
80:dd:85:4c:43:fc:dc:f2:87:d6:d4:cf:5e:f2:6d:6d:a1:51:
fa:c9:d7:e0:54:5b:87:02:33:db:2d:99:9f:1a:3c:78:61:c7:
24:09:2f:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcOrNyCYWDL5LpmNrzD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjUxMTExMDkwMTA4WhcNMjUxMTEyMDkwMTA4WjAzMTEwLwYDVQQD
EyhhZWNjYjgzYzM1NzFjZTFkZGY2MWI5OTVhZjVkODYwZDgwZjcwNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2IqkjoLgRl/EnwNM2QU77kPRb0u
KEJsMsAW2PWtDtRDGmzYrI4pALDd8v0LbqsM2q7KwU7GLc7YQeKB1uhN+2DLMVlv
6QW3vQqU+MchGoxig0ddWtIkPfgTjlAh8397mIDWMlVJwtZpWbePjL4NL6H2SwlE
i4b4Dc1SCNRNO4H8FPio5ZUJMoiCqb/roODN8j0U9guwpxrT/pAg+T8r1rG2nel2
UR5eIzfdPaqQjiSwbf5VCwH/CeGJ7Jg7pE2v0Hjr/3MJrvv7boWB8CaoaQCeID47
regsHPkujuTmBl1ngsRlIjUIQw0HolLpExc+SEgA/6zJPtKtbl9YMjlNWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7MuDw1cc4d32G5la9dhg2A9wQKMB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPGymrtK
HMAASHuTfm/4Rdht6O24Vbctqb4f3rfYViOqSweoHMEd1C7jTxgKaTa/yD0jjXTc
fCPnuuPgzkpLL9/a9rJlVRDbwPWn2WBq7mV0Ya+WsT9NujdEEOAR4AX5KX5eQeNV
qPldQ+m8Bt04Qej/Yn0ek4xjr+lAZF++NNMJaHZBpZNWtOCRNYdOIRtzsOvWVFgf
W8X/93ihO80xoodzCQaLb6+qsXR+/QgU/vCgoVStbmW9dJh+rTVQlgc7YfO+TNbJ
kzYWWNDdaqgD319773zrWznQgN2FTEP83PKH1tTPXvJtbaFR+snX4FRbhwIz2y2Z
nxo8eGHHJAkvBQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:43 2025 by rpki-client