Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: X1/B8mStPPZxJzayGeqmn9LVC2aPedws7k7l1zu26S8=
Subject key identifier: 3E:BE:88:FC:F6:45:60:14:EB:09:E3:79:73:00:12:5E:E4:FB:0D:3B
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 019A22892BBC5F9A11B26240387110660EBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 09EC
Signing time: Sun 26 Oct 2025 22:00:06 +0000
Manifest this update: Sun 26 Oct 2025 22:00:06 +0000
Manifest next update: Mon 27 Oct 2025 22:00:06 +0000
Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=)
2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: DBspnyA14s4DqENfK6IaNr67dBNd6W+W1VtvoMRy2bw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:89:2b:bc:5f:9a:11:b2:62:40:38:71:10:66:0e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Oct 26 22:00:06 2025 GMT
Not After : Oct 27 22:00:06 2025 GMT
Subject: CN=3ebe88fcf6456014eb09e3797300125ee4fb0d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:87:46:3d:00:ae:6f:bc:5f:d0:a2:07:be:
cf:2c:2e:88:e0:67:1a:fb:5d:d3:85:60:50:e5:5a:
09:e3:9d:54:6c:fb:b7:b5:8e:c3:8c:c7:21:cb:99:
66:84:f9:18:e4:db:13:b7:5f:d3:1e:e7:40:57:4c:
68:a8:10:e3:b7:98:8c:e4:92:00:e0:42:da:4f:aa:
ca:70:18:7b:80:69:5e:8c:3d:bb:2d:e1:e1:ac:82:
65:7c:f7:46:2f:8b:ac:b9:e5:4a:50:e6:2d:fd:1d:
6d:23:4f:bd:de:8c:b5:73:3c:26:41:86:c5:2a:c9:
1e:98:7d:23:96:e3:e8:c4:91:a1:a4:d3:77:01:c5:
58:61:26:f5:bd:45:63:6e:f3:e7:a3:7b:cd:9f:c6:
bf:09:cd:cf:1b:8e:04:dc:05:eb:dc:87:e3:cf:35:
1e:03:88:44:42:00:b3:a7:65:b2:1f:2f:cb:be:a3:
03:d2:37:18:11:b1:67:50:16:b8:6b:b9:83:94:07:
2c:2f:fa:b7:20:a0:44:be:c0:ef:1a:30:15:c9:ff:
6d:db:1e:f8:82:93:9d:9d:ee:e3:48:64:9d:6c:d1:
7c:83:7a:af:9f:ad:ae:51:dd:f0:b4:28:f7:9c:94:
d5:7a:0a:eb:ef:5e:9a:67:56:d3:4c:d8:a2:57:41:
99:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BE:88:FC:F6:45:60:14:EB:09:E3:79:73:00:12:5E:E4:FB:0D:3B
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:e4:ad:60:95:c4:51:6a:81:7c:55:34:97:bc:bd:61:78:f0:
14:f5:2b:19:e7:7c:9d:43:c7:53:f1:7f:2b:1c:ab:54:81:0e:
e4:12:1d:15:5a:d8:62:f6:2b:86:3d:11:e2:4a:81:67:f8:cc:
5d:cd:34:f3:db:ac:31:00:34:44:c1:91:16:22:8e:27:90:de:
71:67:c2:37:2f:44:9b:16:b4:09:bb:37:a2:f5:a8:ea:e2:e1:
83:25:08:5c:51:06:59:33:a9:8a:76:23:0d:57:cb:95:da:b3:
c2:8f:45:22:51:31:a2:3b:46:fb:14:5e:01:1f:52:55:46:e5:
3a:57:ba:36:e9:e4:c7:7e:f8:36:12:41:4e:4d:3c:8e:0f:16:
d8:2f:2b:77:dc:f2:e3:f5:7f:5c:d7:66:3e:e0:96:5e:f5:3f:
70:89:81:33:dc:d8:4b:1d:9d:bb:da:7c:74:39:f9:1a:0b:f1:
dd:51:ae:a2:90:16:eb:a7:7a:4a:12:e3:29:99:67:73:4b:3e:
e6:2f:24:a0:53:f9:4c:45:4f:46:3c:57:1c:83:20:71:1d:45:
23:92:ad:25:2f:ad:a5:c9:27:2a:53:ba:d2:d8:c1:2b:91:36:
5e:2a:65:62:1a:cb:9e:27:0e:33:72:14:98:79:8f:11:f6:16:
b9:27:c3:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoiiSu8X5oRsmJAOHEQZg68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjUxMDI2MjIwMDA2WhcNMjUxMDI3MjIwMDA2WjAzMTEwLwYDVQQD
EygzZWJlODhmY2Y2NDU2MDE0ZWIwOWUzNzk3MzAwMTI1ZWU0ZmIwZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4KHRj0Arm+8X9CiB77PLC6I4Gca
+13ThWBQ5VoJ451UbPu3tY7DjMchy5lmhPkY5NsTt1/THudAV0xoqBDjt5iM5JIA
4ELaT6rKcBh7gGlejD27LeHhrIJlfPdGL4usueVKUOYt/R1tI0+93oy1czwmQYbF
KskemH0jluPoxJGhpNN3AcVYYSb1vUVjbvPno3vNn8a/Cc3PG44E3AXr3IfjzzUe
A4hEQgCzp2WyHy/LvqMD0jcYEbFnUBa4a7mDlAcsL/q3IKBEvsDvGjAVyf9t2x74
gpOdne7jSGSdbNF8g3qvn62uUd3wtCj3nJTVegrr716aZ1bTTNiiV0GZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6+iPz2RWAU6wnjeXMAEl7k+w07MB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+StYJXE
UWqBfFU0l7y9YXjwFPUrGed8nUPHU/F/KxyrVIEO5BIdFVrYYvYrhj0R4kqBZ/jM
Xc0089usMQA0RMGRFiKOJ5DecWfCNy9Emxa0Cbs3ovWo6uLhgyUIXFEGWTOpinYj
DVfLldqzwo9FIlExojtG+xReAR9SVUblOle6Nunkx374NhJBTk08jg8W2C8rd9zy
4/V/XNdmPuCWXvU/cImBM9zYSx2du9p8dDn5Ggvx3VGuopAW66d6ShLjKZlnc0s+
5i8koFP5TEVPRjxXHIMgcR1FI5KtJS+tpcknKlO60tjBK5E2XiplYhrLnicOM3IU
mHmPEfYWuSfDHQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:42:12 2025 by rpki-client