Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft
File: 0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft (raw, json)
Hash identifier: QqnTsrTbUvywwYUZdSfWzVUcvO0ohFgABQTwc5jyIgo=
Subject key identifier: 67:5E:9C:0E:20:71:C5:4E:5C:6E:EE:B9:17:F0:42:81:3D:DA:49:5E
Authority key identifier: D2:1A:59:40:72:2B:20:7B:29:D9:5A:6C:81:BE:0D:2B:F4:D4:10:CC
Certificate issuer: /CN=d21a5940722b207b29d95a6c81be0d2bf4d410cc
Certificate serial: 019A7226255A21615D226983E692A11CC61E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft
Manifest number: 08DA
Signing time: Tue 11 Nov 2025 09:01:33 +0000
Manifest this update: Tue 11 Nov 2025 09:01:33 +0000
Manifest next update: Wed 12 Nov 2025 09:01:33 +0000
Files and hashes: 1: 0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl (hash: hODDbZPhrxQNiuXu7w0AYPw2McxCcQJJSubtbAA8jcM=)
2: 50bo-j7HR95aUFz7is7MBLLkMsc.roa (hash: aYgErZR0B+wLx1tDGd7DRHlBnCECIPjEQvva1IOrhbs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:25:5a:21:61:5d:22:69:83:e6:92:a1:1c:c6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d21a5940722b207b29d95a6c81be0d2bf4d410cc
Validity
Not Before: Nov 11 09:01:33 2025 GMT
Not After : Nov 12 09:01:33 2025 GMT
Subject: CN=675e9c0e2071c54e5c6eeeb917f042813dda495e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:6b:43:04:5a:2e:93:93:58:9b:32:34:ad:
db:9c:53:90:56:fc:44:30:df:6a:49:9b:e7:3c:c1:
ca:3c:0b:88:7e:ef:b9:e3:22:63:3e:57:c3:f1:e2:
a0:4c:e8:e2:90:6e:58:bf:7f:65:8d:82:c7:80:d3:
5d:54:2e:ff:f1:6b:41:6d:30:6c:80:8c:95:a6:55:
6a:6a:56:d6:80:00:c5:85:39:4e:a5:0d:30:24:57:
ba:3c:02:6a:b9:f1:26:0f:73:e6:97:7f:80:13:c8:
07:56:3b:29:dd:be:fc:8b:8e:2e:49:f2:c4:6a:32:
24:8f:91:ba:25:86:f4:05:9b:36:c9:53:90:59:b8:
4f:7b:dd:ba:21:42:1b:71:b9:60:43:d2:b4:2e:7c:
fe:52:20:39:40:8a:23:8a:28:9f:0a:45:08:e4:3f:
44:28:da:42:7b:eb:01:ea:a2:11:3f:90:85:7a:96:
6e:28:b3:f7:30:32:f6:94:47:b1:a9:27:3e:bd:56:
54:a7:72:28:56:0c:fa:ae:63:12:dc:b3:bf:f6:1a:
dc:a1:4e:a4:81:5b:44:4c:ad:28:1a:74:03:e3:17:
fc:b8:7b:0e:79:f8:f2:48:3c:d2:97:99:af:36:d1:
f7:16:52:29:96:40:d2:05:f5:1c:fb:e4:8c:c1:37:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5E:9C:0E:20:71:C5:4E:5C:6E:EE:B9:17:F0:42:81:3D:DA:49:5E
X509v3 Authority Key Identifier:
keyid:D2:1A:59:40:72:2B:20:7B:29:D9:5A:6C:81:BE:0D:2B:F4:D4:10:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:89:ce:d6:89:da:28:cf:e0:35:83:47:4c:71:c6:2e:c7:64:
de:07:c0:2f:31:07:18:bb:56:f3:57:2d:ef:c8:f4:8a:10:0d:
b8:aa:41:93:fe:82:26:79:a2:9b:11:b9:9c:97:3f:c3:89:55:
7c:f0:00:1c:54:6f:ac:d9:f7:c3:f9:51:3b:61:be:e1:42:c4:
1b:55:38:9d:41:0c:aa:f5:74:98:1e:ee:cf:83:a3:7c:40:b1:
a3:47:a8:72:8b:7e:af:e0:c5:f6:67:c7:f8:80:b9:ae:b3:3b:
31:a5:b5:e4:43:4e:6a:45:91:9e:79:74:64:1e:77:4f:39:8b:
dd:ee:82:60:57:ea:c6:27:27:33:d6:f5:05:a7:50:ac:56:96:
da:2f:62:a9:eb:a9:41:87:82:da:d9:08:82:a5:0f:df:c1:cd:
bd:c6:5c:27:ed:04:bc:31:ee:f0:54:3e:98:90:b8:74:44:ad:
a0:0a:0a:7a:49:01:de:31:d0:f4:86:b6:79:02:64:ce:32:dc:
3c:37:57:f3:2e:33:59:e9:a7:f5:15:59:ee:f5:41:90:5a:95:
65:e1:dc:be:76:0d:ba:bd:2a:4f:71:17:f9:d5:19:80:2d:06:
4a:c4:be:66:c8:ce:46:27:17:54:dd:fd:a0:d2:95:95:de:3a:
fa:78:f5:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiVaIWFdImmD5pKhHMYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMWE1OTQwNzIyYjIwN2IyOWQ5NWE2YzgxYmUwZDJiZjRk
NDEwY2MwHhcNMjUxMTExMDkwMTMzWhcNMjUxMTEyMDkwMTMzWjAzMTEwLwYDVQQD
Eyg2NzVlOWMwZTIwNzFjNTRlNWM2ZWVlYjkxN2YwNDI4MTNkZGE0OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3ZrQwRaLpOTWJsyNK3bnFOQVvxE
MN9qSZvnPMHKPAuIfu+54yJjPlfD8eKgTOjikG5Yv39ljYLHgNNdVC7/8WtBbTBs
gIyVplVqalbWgADFhTlOpQ0wJFe6PAJqufEmD3Pml3+AE8gHVjsp3b78i44uSfLE
ajIkj5G6JYb0BZs2yVOQWbhPe926IUIbcblgQ9K0Lnz+UiA5QIojiiifCkUI5D9E
KNpCe+sB6qIRP5CFepZuKLP3MDL2lEexqSc+vVZUp3IoVgz6rmMS3LO/9hrcoU6k
gVtETK0oGnQD4xf8uHsOefjySDzSl5mvNtH3FlIplkDSBfUc++SMwTcBRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdenA4gccVOXG7uuRfwQoE92kleMB8GA1UdIwQY
MBaAFNIaWUByKyB7KdlabIG+DSv01BDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81NjQzM2EtMGE3MC00ZWFlLTlmOWQt
OGNmYmRiNzk5Mjg0LzEvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81NjQzM2EtMGE3MC00ZWFlLTlmOWQtOGNmYmRiNzk5Mjg0
LzEvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYnO1ona
KM/gNYNHTHHGLsdk3gfALzEHGLtW81ct78j0ihANuKpBk/6CJnmimxG5nJc/w4lV
fPAAHFRvrNn3w/lRO2G+4ULEG1U4nUEMqvV0mB7uz4OjfECxo0eocot+r+DF9mfH
+IC5rrM7MaW15ENOakWRnnl0ZB53TzmL3e6CYFfqxicnM9b1BadQrFaW2i9iqeup
QYeC2tkIgqUP38HNvcZcJ+0EvDHu8FQ+mJC4dEStoAoKekkB3jHQ9Ia2eQJkzjLc
PDdX8y4zWemn9RVZ7vVBkFqVZeHcvnYNur0qT3EX+dUZgC0GSsS+ZsjORicXVN39
oNKVld46+nj1Lw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:04 2025 by rpki-client