Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.mft
File: H9e7sd5oCd9_blc_mrtk5gNhPKE.mft (raw, json)
Hash identifier: VGrkAQcgycajeO7P+s38lXbdN3G8hm6M4Y8bHlM1FEY=
Subject key identifier: 32:A8:0E:F7:9D:69:0E:95:03:07:A6:9D:8C:C3:5F:5A:D6:84:AE:51
Authority key identifier: 1F:D7:BB:B1:DE:68:09:DF:7F:6E:57:3F:9A:BB:64:E6:03:61:3C:A1
Certificate issuer: /CN=1fd7bbb1de6809df7f6e573f9abb64e603613ca1
Certificate serial: 019A71EEEF9EF76DE10850DCA7CBB951B321
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9e7sd5oCd9_blc_mrtk5gNhPKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 08:01:15 +0000
Manifest this update: Tue 11 Nov 2025 08:01:15 +0000
Manifest next update: Wed 12 Nov 2025 08:01:15 +0000
Files and hashes: 1: H9e7sd5oCd9_blc_mrtk5gNhPKE.crl (hash: cH3zxEqvfWcScsJDyRL0y687SISiDvYTzKL2GBDN8UM=)
2: hOjqFzmwDn3h8aF0jh7_FXo9ReI.roa (hash: CNoH2a1MzUmjFlMi/+aHXlooSM/YD9l7gB33O/u52sU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9e7sd5oCd9_blc_mrtk5gNhPKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ef:9e:f7:6d:e1:08:50:dc:a7:cb:b9:51:b3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd7bbb1de6809df7f6e573f9abb64e603613ca1
Validity
Not Before: Nov 11 08:01:15 2025 GMT
Not After : Nov 12 08:01:15 2025 GMT
Subject: CN=32a80ef79d690e950307a69d8cc35f5ad684ae51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:85:d8:b8:0e:e0:a5:4c:9c:4f:3a:f3:c2:c2:
c9:25:2d:bf:18:c6:62:62:9a:2b:1d:42:fd:8b:99:
af:4d:09:7a:ad:dd:65:4b:cb:1f:1e:18:47:51:ba:
63:54:51:96:47:3c:ec:c6:78:31:27:a1:56:3f:f8:
a9:16:e0:e8:f5:06:50:9a:50:e5:fb:84:64:cd:68:
d7:29:b7:15:4a:28:04:ce:4a:86:21:b0:f3:9b:28:
a2:b9:41:17:f0:82:06:72:69:da:dd:35:63:cd:09:
8f:18:12:0b:8f:39:0f:44:e8:ac:6f:c2:9d:06:14:
bc:c6:e4:d6:8e:9e:2b:65:2c:72:54:09:23:59:cc:
a0:b0:10:c9:e4:9e:ae:75:7d:f8:bd:17:73:a5:e6:
78:69:7f:82:ff:c9:4e:80:1b:93:a4:14:09:1e:64:
ba:63:a3:14:41:fa:9c:15:de:7f:92:32:6b:20:5f:
da:4f:d8:8b:0c:98:59:08:71:a8:c7:cd:cf:f2:44:
36:3d:7d:e4:34:02:ff:d9:c8:1a:4c:4b:52:9f:aa:
a9:3a:83:92:f4:1e:29:d3:2f:8e:8f:66:08:9f:39:
d9:19:70:d4:95:d5:23:5a:ec:24:14:81:cd:31:95:
81:c9:37:24:cb:1e:24:e3:9c:82:39:a2:ad:5d:0a:
6e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A8:0E:F7:9D:69:0E:95:03:07:A6:9D:8C:C3:5F:5A:D6:84:AE:51
X509v3 Authority Key Identifier:
keyid:1F:D7:BB:B1:DE:68:09:DF:7F:6E:57:3F:9A:BB:64:E6:03:61:3C:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9e7sd5oCd9_blc_mrtk5gNhPKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:73:8d:ec:c0:65:c2:f2:13:31:15:12:9e:4a:10:98:c1:66:
56:15:a2:82:99:61:0a:57:74:0f:65:b7:99:92:42:a6:0d:b4:
27:6d:d8:7a:8a:40:2b:ba:cc:08:e7:bb:68:b5:e4:f2:82:a3:
43:3f:08:05:aa:64:ca:e9:18:29:6b:4c:ee:f0:19:51:a0:7d:
01:1e:5b:fe:4a:f8:fe:f5:b3:0a:da:f6:90:0f:f3:48:6d:54:
4e:35:3b:31:d8:1a:eb:6c:ab:60:50:87:49:f0:09:ba:95:85:
da:2a:3e:fa:e2:07:97:d2:89:3b:31:c6:1b:6d:a7:97:30:2d:
63:30:8e:31:0c:da:4d:d0:7d:e1:fe:8e:67:6b:e8:68:24:22:
55:53:82:42:c3:2b:21:dc:e6:d3:c0:af:d3:b9:e2:c6:2e:54:
3e:ec:f7:2f:2b:61:68:43:32:1c:3a:f6:5e:c4:d0:dd:85:41:
43:6d:c3:b3:d3:33:32:ab:b6:a1:a5:ee:71:3e:a5:bb:fa:9b:
4f:61:df:29:b9:cd:8c:13:95:72:91:d2:68:fb:89:b2:0c:fc:
2e:bf:07:09:b1:de:81:3f:43:c5:43:01:9f:b7:24:c1:93:12:
53:da:ac:5f:b7:39:48:e8:76:32:68:fb:77:b2:03:60:2d:1b:
15:4f:0b:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7u+e923hCFDcp8u5UbMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDdiYmIxZGU2ODA5ZGY3ZjZlNTczZjlhYmI2NGU2MDM2
MTNjYTEwHhcNMjUxMTExMDgwMTE1WhcNMjUxMTEyMDgwMTE1WjAzMTEwLwYDVQQD
EygzMmE4MGVmNzlkNjkwZTk1MDMwN2E2OWQ4Y2MzNWY1YWQ2ODRhZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYXYuA7gpUycTzrzwsLJJS2/GMZi
YporHUL9i5mvTQl6rd1lS8sfHhhHUbpjVFGWRzzsxngxJ6FWP/ipFuDo9QZQmlDl
+4RkzWjXKbcVSigEzkqGIbDzmyiiuUEX8IIGcmna3TVjzQmPGBILjzkPROisb8Kd
BhS8xuTWjp4rZSxyVAkjWcygsBDJ5J6udX34vRdzpeZ4aX+C/8lOgBuTpBQJHmS6
Y6MUQfqcFd5/kjJrIF/aT9iLDJhZCHGox83P8kQ2PX3kNAL/2cgaTEtSn6qpOoOS
9B4p0y+Oj2YInznZGXDUldUjWuwkFIHNMZWByTckyx4k45yCOaKtXQpuBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKoDvedaQ6VAwemnYzDX1rWhK5RMB8GA1UdIwQY
MBaAFB/Xu7HeaAnff25XP5q7ZOYDYTyhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDllN3NkNW9DZDlfYmxjX21ydGs1Z05oUEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9mOGU4MDMtNDFmNS00NjY4LWFmYTUt
ZGIxM2FiYmU0ZTlhLzEvSDllN3NkNW9DZDlfYmxjX21ydGs1Z05oUEtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9mOGU4MDMtNDFmNS00NjY4LWFmYTUtZGIxM2FiYmU0ZTlh
LzEvSDllN3NkNW9DZDlfYmxjX21ydGs1Z05oUEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnON7MBl
wvITMRUSnkoQmMFmVhWigplhCld0D2W3mZJCpg20J23YeopAK7rMCOe7aLXk8oKj
Qz8IBapkyukYKWtM7vAZUaB9AR5b/kr4/vWzCtr2kA/zSG1UTjU7Mdga62yrYFCH
SfAJupWF2io++uIHl9KJOzHGG22nlzAtYzCOMQzaTdB94f6OZ2voaCQiVVOCQsMr
Idzm08Cv07nixi5UPuz3LythaEMyHDr2XsTQ3YVBQ23Ds9MzMqu2oaXucT6lu/qb
T2HfKbnNjBOVcpHSaPuJsgz8Lr8HCbHegT9DxUMBn7ckwZMSU9qsX7c5SOh2Mmj7
d7IDYC0bFU8L9A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:02 2025 by rpki-client