Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft
File: IHeZAnMp8iaCdkVzryEV2pWp9r8.mft (raw, json)
Hash identifier: oqKClcNrJ9eZOlRlnyVLPvFXREpal5sTvivx96W1q74=
Subject key identifier: 5A:C1:E5:8C:D9:31:36:00:43:8C:14:84:D0:47:57:05:CC:CA:84:E0
Authority key identifier: 20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF
Certificate issuer: /CN=207799027329f22682764573af2115da95a9f6bf
Certificate serial: 019A71B7EA90FB2B68B0F568F6F2A682B1C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft
Manifest number: 101E
Signing time: Tue 11 Nov 2025 07:01:09 +0000
Manifest this update: Tue 11 Nov 2025 07:01:09 +0000
Manifest next update: Wed 12 Nov 2025 07:01:09 +0000
Files and hashes: 1: 8EaewYTyFly5jEaj4gZEqMNcVMk.roa (hash: gqxj+841N8d9uy4L59oEcZudU4ge+IzVBr1jzF4wgjc=)
2: IHeZAnMp8iaCdkVzryEV2pWp9r8.crl (hash: F0MPeZg77mpbl3Tev/ROfip6nd1cpqceKP4k2QZmhSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ea:90:fb:2b:68:b0:f5:68:f6:f2:a6:82:b1:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=207799027329f22682764573af2115da95a9f6bf
Validity
Not Before: Nov 11 07:01:09 2025 GMT
Not After : Nov 12 07:01:09 2025 GMT
Subject: CN=5ac1e58cd9313600438c1484d0475705ccca84e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:1c:85:09:22:9f:b1:33:63:f2:02:c9:48:
65:c4:fb:57:58:81:54:44:14:86:09:e9:87:45:11:
da:67:73:9e:5e:c2:3c:99:fb:b7:57:ee:cc:3d:e5:
3a:e6:aa:87:ec:5d:c6:4b:1f:da:30:5e:cd:82:c0:
c3:65:cf:f0:21:f0:de:33:36:76:77:43:66:70:25:
4e:ef:39:2a:a9:43:3c:83:eb:95:d3:45:77:d9:2c:
d1:4b:4a:8d:f1:aa:09:c4:21:3e:b5:bd:42:f2:37:
ae:e2:d2:5c:62:5c:2f:ba:ae:10:b1:9a:d1:a3:57:
0c:a8:54:a8:f2:c6:c6:f4:74:15:5a:c7:0a:0b:2c:
c3:fd:2a:2a:d1:ca:8f:d3:24:28:ca:b2:3b:50:c0:
1b:30:bf:94:c6:a1:a8:29:50:a4:33:e0:4e:b9:d5:
1d:3b:84:c5:82:28:1d:74:e7:07:2f:2d:e3:91:cc:
ab:93:5a:b1:98:a4:c5:b6:c4:83:45:a9:67:3f:27:
ba:60:4a:97:24:93:e9:94:27:b9:25:7b:33:26:4e:
25:c7:04:99:50:a5:71:86:a7:1d:f4:cd:a2:99:0a:
61:c0:0f:9a:ee:99:c1:48:b5:9c:a6:88:59:9b:6b:
47:0c:da:d1:30:51:01:80:df:ea:58:bc:bb:4b:4c:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C1:E5:8C:D9:31:36:00:43:8C:14:84:D0:47:57:05:CC:CA:84:E0
X509v3 Authority Key Identifier:
keyid:20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:c4:2e:59:f4:f1:40:f3:2b:46:ce:9e:69:83:ed:4a:92:93:
3a:f1:d8:d7:10:8f:b1:89:e1:cd:6f:33:9a:ad:d7:24:7e:5e:
18:d8:4d:7c:c4:79:97:6b:8a:dd:d4:75:d2:53:f0:fd:3b:5f:
d0:5c:bb:d3:b4:2d:68:62:dc:87:7f:ad:b1:6e:db:78:7b:17:
58:8d:0f:fa:b6:19:b7:d3:ac:93:16:47:cd:a8:5b:51:a3:67:
47:41:0c:77:62:9f:20:d1:d1:60:96:47:d1:e2:58:8e:14:40:
da:0a:1e:f1:4f:39:d1:06:23:d5:22:f2:1a:26:5a:a7:2b:ef:
70:c7:6c:10:46:4a:fa:79:f5:7c:77:d3:7b:73:98:c2:7c:b3:
db:fa:22:5e:e6:d4:af:24:94:98:3b:4c:59:92:85:3b:8b:80:
2b:81:ed:1b:bb:ef:8c:a3:45:c6:8c:86:18:37:ed:5a:de:36:
2d:7e:34:b4:49:62:9a:fb:64:5f:cc:7a:9f:f8:2c:63:05:b3:
f9:8b:48:e3:3c:0c:70:a5:be:a1:64:b2:7c:fb:ae:3a:4e:79:
ac:fd:fe:72:9e:b3:9b:3d:ac:3d:26:0d:e1:d7:75:18:73:f3:
86:57:4a:55:13:a0:7e:32:1e:5b:4d:6d:d0:78:99:7e:ae:47:
70:0b:26:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+qQ+ytosPVo9vKmgrHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNzc5OTAyNzMyOWYyMjY4Mjc2NDU3M2FmMjExNWRhOTVh
OWY2YmYwHhcNMjUxMTExMDcwMTA5WhcNMjUxMTEyMDcwMTA5WjAzMTEwLwYDVQQD
Eyg1YWMxZTU4Y2Q5MzEzNjAwNDM4YzE0ODRkMDQ3NTcwNWNjY2E4NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApskchQkin7EzY/ICyUhlxPtXWIFU
RBSGCemHRRHaZ3OeXsI8mfu3V+7MPeU65qqH7F3GSx/aMF7NgsDDZc/wIfDeMzZ2
d0NmcCVO7zkqqUM8g+uV00V32SzRS0qN8aoJxCE+tb1C8jeu4tJcYlwvuq4QsZrR
o1cMqFSo8sbG9HQVWscKCyzD/Soq0cqP0yQoyrI7UMAbML+UxqGoKVCkM+BOudUd
O4TFgigddOcHLy3jkcyrk1qxmKTFtsSDRalnPye6YEqXJJPplCe5JXszJk4lxwSZ
UKVxhqcd9M2imQphwA+a7pnBSLWcpohZm2tHDNrRMFEBgN/qWLy7S0ws+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrB5YzZMTYAQ4wUhNBHVwXMyoTgMB8GA1UdIwQY
MBaAFCB3mQJzKfImgnZFc68hFdqVqfa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTkt
OThjYmE4ZmYyY2EzLzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTktOThjYmE4ZmYyY2Ez
LzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa8QuWfTx
QPMrRs6eaYPtSpKTOvHY1xCPsYnhzW8zmq3XJH5eGNhNfMR5l2uK3dR10lPw/Ttf
0Fy707QtaGLch3+tsW7beHsXWI0P+rYZt9OskxZHzahbUaNnR0EMd2KfINHRYJZH
0eJYjhRA2goe8U850QYj1SLyGiZapyvvcMdsEEZK+nn1fHfTe3OYwnyz2/oiXubU
rySUmDtMWZKFO4uAK4HtG7vvjKNFxoyGGDftWt42LX40tElimvtkX8x6n/gsYwWz
+YtI4zwMcKW+oWSyfPuuOk55rP3+cp6zmz2sPSYN4dd1GHPzhldKVROgfjIeW01t
0HiZfq5HcAsmXw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:21 2025 by rpki-client