Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft
File: rwmHHP1haABnerIynsumHed3V-Y.mft (raw, json)
Hash identifier: w0m5F05qtQYBBlBV2Xh6t/sj1q7yYz6EzM+cnx3Qi2c=
Subject key identifier: 40:92:4D:5E:A3:4E:25:45:D0:A6:DE:CA:41:D7:3E:4B:C0:42:47:06
Authority key identifier: AF:09:87:1C:FD:61:68:00:67:7A:B2:32:9E:CB:A6:1D:E7:77:57:E6
Certificate issuer: /CN=af09871cfd616800677ab2329ecba61de77757e6
Certificate serial: 019A706EA72A5939AB5CE401F54135DB4408
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft
Manifest number: 0286
Signing time: Tue 11 Nov 2025 01:01:31 +0000
Manifest this update: Tue 11 Nov 2025 01:01:31 +0000
Manifest next update: Wed 12 Nov 2025 01:01:31 +0000
Files and hashes: 1: _TdfyDspFjo8HcBVAH4tKaY1ryc.roa (hash: HRin1YqVyIdAgsGnpfqM25NMMm45zP4o3p+MrSb9sdE=)
2: rwmHHP1haABnerIynsumHed3V-Y.crl (hash: KiNe+2rXmzmqbmG3QIRrD1DltFhTpbKtvIPM5Jt+/MI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:a7:2a:59:39:ab:5c:e4:01:f5:41:35:db:44:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af09871cfd616800677ab2329ecba61de77757e6
Validity
Not Before: Nov 11 01:01:31 2025 GMT
Not After : Nov 12 01:01:31 2025 GMT
Subject: CN=40924d5ea34e2545d0a6deca41d73e4bc0424706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0c:97:cb:1c:a4:3b:34:21:73:39:35:ed:88:
10:f2:17:f6:88:59:a5:2e:fe:f1:73:fa:d5:d4:59:
47:6f:f3:ba:02:11:10:77:45:e3:75:df:cb:aa:27:
6d:10:cf:04:cb:d8:85:78:f9:73:86:7d:d8:9b:0a:
9f:5d:f5:10:7b:b9:bc:08:86:18:7c:5a:ad:8d:9f:
ea:e5:da:d4:03:17:de:7d:0b:f8:a4:0f:bc:a2:c1:
c2:81:7a:62:1f:1a:5e:97:73:80:c0:10:cb:0b:5c:
23:ea:be:33:d8:00:bd:84:d5:1e:c4:37:3a:5b:4d:
d2:8f:7c:ca:17:ef:b1:a4:5c:80:8c:a8:49:32:af:
14:89:a5:d9:d7:6d:a1:60:32:1f:6c:52:a6:42:ad:
dd:7c:77:3e:c4:8c:c2:ea:f2:99:6c:07:a6:fd:ce:
6b:43:d5:58:67:3f:af:56:07:77:7c:26:7e:b8:b9:
ee:f2:33:e9:b1:5e:00:ea:51:ec:e3:4f:c3:79:26:
09:b4:3d:fc:61:b4:ea:1f:26:ae:09:94:62:da:fc:
45:ce:9b:b5:0a:91:57:d9:2c:31:70:e8:f4:1e:b6:
5a:ad:3c:18:e7:1a:48:7b:d2:f6:5d:8e:93:0c:5a:
e4:68:19:11:1d:b2:03:68:32:b7:fa:b4:8b:50:98:
7c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:92:4D:5E:A3:4E:25:45:D0:A6:DE:CA:41:D7:3E:4B:C0:42:47:06
X509v3 Authority Key Identifier:
keyid:AF:09:87:1C:FD:61:68:00:67:7A:B2:32:9E:CB:A6:1D:E7:77:57:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:67:94:48:c1:f6:e8:11:44:73:69:fd:2f:c1:fe:7b:d5:93:
81:23:cb:92:8b:be:10:47:6c:00:fe:97:92:83:4c:df:ba:a5:
d7:14:c3:31:bb:02:e0:60:3f:e9:c4:23:51:c0:ad:1c:ce:fd:
a0:11:02:69:74:ce:3e:cc:44:4c:67:8a:f3:e3:29:c5:65:14:
bb:57:16:22:81:f5:dc:ec:7f:ac:75:7b:38:c6:57:fa:5a:2c:
09:b3:6e:86:f0:3e:6d:cb:d6:ca:6b:89:88:dd:3a:2f:90:b9:
3d:42:63:e2:be:b3:f9:63:3e:02:1d:b0:a8:62:4f:3e:86:3a:
fe:71:17:c6:ee:72:6a:03:45:29:6f:bb:7a:a0:d7:a2:ea:d0:
f7:b5:31:2c:55:b8:c5:63:4a:9c:95:6f:58:01:ec:42:c0:25:
5e:d4:a7:57:a2:b4:db:0c:13:0d:04:2e:88:65:17:94:f2:3b:
f3:52:3f:40:3a:10:33:e7:4a:b2:36:a8:d4:24:d4:3d:68:a6:
26:f5:af:28:eb:cc:0a:a8:64:fd:02:e5:11:7a:ed:50:64:31:
07:f7:9b:8b:63:4d:9f:11:71:81:d7:82:66:8f:79:bc:96:b6:
19:66:0b:87:c8:54:c4:c1:bd:03:4c:bd:b6:4c:51:08:e7:af:
86:1d:86:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbqcqWTmrXOQB9UE120QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDk4NzFjZmQ2MTY4MDA2NzdhYjIzMjllY2JhNjFkZTc3
NzU3ZTYwHhcNMjUxMTExMDEwMTMxWhcNMjUxMTEyMDEwMTMxWjAzMTEwLwYDVQQD
Eyg0MDkyNGQ1ZWEzNGUyNTQ1ZDBhNmRlY2E0MWQ3M2U0YmMwNDI0NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgyXyxykOzQhczk17YgQ8hf2iFml
Lv7xc/rV1FlHb/O6AhEQd0Xjdd/LqidtEM8Ey9iFePlzhn3YmwqfXfUQe7m8CIYY
fFqtjZ/q5drUAxfefQv4pA+8osHCgXpiHxpel3OAwBDLC1wj6r4z2AC9hNUexDc6
W03Sj3zKF++xpFyAjKhJMq8UiaXZ122hYDIfbFKmQq3dfHc+xIzC6vKZbAem/c5r
Q9VYZz+vVgd3fCZ+uLnu8jPpsV4A6lHs40/DeSYJtD38YbTqHyauCZRi2vxFzpu1
CpFX2SwxcOj0HrZarTwY5xpIe9L2XY6TDFrkaBkRHbIDaDK3+rSLUJh8lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECSTV6jTiVF0KbeykHXPkvAQkcGMB8GA1UdIwQY
MBaAFK8Jhxz9YWgAZ3qyMp7Lph3nd1fmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny84YWQ5YjMtMGI5Zi00MjI0LTkwOWIt
YjQzZGJmODk1Y2ZlLzEvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny84YWQ5YjMtMGI5Zi00MjI0LTkwOWItYjQzZGJmODk1Y2Zl
LzEvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlmeUSMH2
6BFEc2n9L8H+e9WTgSPLkou+EEdsAP6XkoNM37ql1xTDMbsC4GA/6cQjUcCtHM79
oBECaXTOPsxETGeK8+MpxWUUu1cWIoH13Ox/rHV7OMZX+losCbNuhvA+bcvWymuJ
iN06L5C5PUJj4r6z+WM+Ah2wqGJPPoY6/nEXxu5yagNFKW+7eqDXourQ97UxLFW4
xWNKnJVvWAHsQsAlXtSnV6K02wwTDQQuiGUXlPI781I/QDoQM+dKsjao1CTUPWim
JvWvKOvMCqhk/QLlEXrtUGQxB/ebi2NNnxFxgdeCZo95vJa2GWYLh8hUxMG9A0y9
tkxRCOevhh2GmQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:39 2025 by rpki-client