Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
File: _RHEZUr3AuWW61DRP6SG202bzgo.mft (raw, json)
Hash identifier: W5C+rfuVg4oeGMmiZ/olHmri+M4cUi12HbZmU2YSoys=
Subject key identifier: BC:2A:84:7C:FB:31:41:63:E3:03:5D:11:E7:A8:41:44:B2:F7:64:68
Authority key identifier: FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
Certificate issuer: /CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Certificate serial: 019A71B863DB71388F7D645FFEC1F9CF9E7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:01:40 +0000
Manifest this update: Tue 11 Nov 2025 07:01:40 +0000
Manifest next update: Wed 12 Nov 2025 07:01:40 +0000
Files and hashes: 1: W3jKuxB_RcgliKc6SOrb-E9lQW4.roa (hash: flRFJj0cuA1GRJx+AJmEhdqQRbsG/XKga+ETKIMZCEI=)
2: _RHEZUr3AuWW61DRP6SG202bzgo.crl (hash: Wtp6targnW+NEFWEeODZ/nAUsPGPgVOO2lhtrB/wX+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:63:db:71:38:8f:7d:64:5f:fe:c1:f9:cf:9e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd11c4654af702e596eb50d13fa486db4d9bce0a
Validity
Not Before: Nov 11 07:01:40 2025 GMT
Not After : Nov 12 07:01:40 2025 GMT
Subject: CN=bc2a847cfb314163e3035d11e7a84144b2f76468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bb:62:c9:01:db:cc:ba:8c:4f:6f:64:69:58:
68:18:10:6e:b9:25:9c:bd:c0:71:ec:d7:3e:18:70:
17:45:ca:5a:7d:8e:5f:ca:c9:87:8c:f4:a7:19:58:
d2:77:5f:35:31:d7:38:e1:80:5b:b1:f1:c4:9c:88:
c6:2d:43:a1:9d:ba:e5:16:4f:6c:72:5b:9b:67:af:
33:e8:0f:63:00:cd:8e:c3:42:23:e8:45:43:ed:c0:
f3:09:34:06:99:d2:9a:db:95:dc:c0:52:f8:10:2d:
92:d4:b1:bd:65:7c:de:0f:82:0d:ca:4e:00:06:f1:
4c:9c:dc:4e:bb:ac:13:e9:c0:fb:0d:ac:e5:e5:78:
41:20:fe:b2:aa:8a:19:06:2c:5b:e9:b0:c6:bd:70:
03:c0:d0:31:ab:e7:1f:1e:a5:fe:e9:9d:2a:f8:8a:
5f:d5:8d:0c:66:b0:2d:9b:93:b4:c4:2c:43:ad:e5:
f2:e0:00:e6:b0:aa:f0:d0:1f:8c:f2:b7:63:2c:6b:
f8:28:52:14:ba:e4:31:8a:1b:a2:ca:a2:eb:8a:83:
4d:d7:5f:df:30:a8:d1:02:a1:fe:6d:99:8f:b5:32:
f3:6f:ac:e8:e0:b9:da:6e:b2:0f:3f:f7:3f:52:40:
af:06:b6:c3:91:23:01:c8:26:f1:48:1f:91:99:80:
aa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2A:84:7C:FB:31:41:63:E3:03:5D:11:E7:A8:41:44:B2:F7:64:68
X509v3 Authority Key Identifier:
keyid:FD:11:C4:65:4A:F7:02:E5:96:EB:50:D1:3F:A4:86:DB:4D:9B:CE:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RHEZUr3AuWW61DRP6SG202bzgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/5e3185-38c5-4a5b-bf24-c953e3398c63/1/_RHEZUr3AuWW61DRP6SG202bzgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:fa:10:68:10:23:cc:59:d6:3b:aa:de:14:9c:25:5a:75:e9:
76:98:22:16:1d:3b:f5:f7:f4:64:63:66:d5:c8:66:b7:45:9f:
8a:f9:50:b5:55:35:61:75:03:75:25:a2:1c:f7:56:1c:cd:77:
b2:0f:49:9b:ac:4a:23:cd:57:4f:0c:4f:ff:3e:b9:d5:1e:d0:
4f:38:93:fb:bd:8a:c0:67:d6:e0:47:67:4a:82:09:4d:aa:65:
cb:6c:e3:fd:24:9f:4a:18:c3:0e:45:7e:90:ac:22:28:c2:23:
b6:ab:b4:95:e5:b2:a0:ab:2f:27:30:58:11:8e:ea:a6:62:fd:
62:44:04:1b:50:c4:33:c3:f7:39:f4:ac:03:8a:55:65:f3:78:
be:67:db:1a:4b:d9:c5:df:43:de:08:0a:aa:ad:10:24:bb:a9:
e2:de:c0:4c:4f:55:af:f8:86:42:af:37:0b:46:64:28:87:c6:
98:64:e3:2d:d2:e3:5c:e9:74:fc:08:e0:9f:4f:2b:7f:40:d3:
54:be:33:01:cb:d2:5b:22:7e:b2:b2:6c:92:0e:22:c0:28:70:
ca:df:60:eb:09:e6:b6:33:0c:c1:8d:d9:d1:02:1f:b8:cf:9d:
5f:31:a4:c2:7b:fc:9d:84:04:ce:3e:79:f1:dc:af:77:4c:b3:
26:e9:33:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGPbcTiPfWRf/sH5z558MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTFjNDY1NGFmNzAyZTU5NmViNTBkMTNmYTQ4NmRiNGQ5
YmNlMGEwHhcNMjUxMTExMDcwMTQwWhcNMjUxMTEyMDcwMTQwWjAzMTEwLwYDVQQD
EyhiYzJhODQ3Y2ZiMzE0MTYzZTMwMzVkMTFlN2E4NDE0NGIyZjc2NDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7tiyQHbzLqMT29kaVhoGBBuuSWc
vcBx7Nc+GHAXRcpafY5fysmHjPSnGVjSd181Mdc44YBbsfHEnIjGLUOhnbrlFk9s
clubZ68z6A9jAM2Ow0Ij6EVD7cDzCTQGmdKa25XcwFL4EC2S1LG9ZXzeD4INyk4A
BvFMnNxOu6wT6cD7Dazl5XhBIP6yqooZBixb6bDGvXADwNAxq+cfHqX+6Z0q+Ipf
1Y0MZrAtm5O0xCxDreXy4ADmsKrw0B+M8rdjLGv4KFIUuuQxihuiyqLrioNN11/f
MKjRAqH+bZmPtTLzb6zo4LnabrIPP/c/UkCvBrbDkSMByCbxSB+RmYCqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwqhHz7MUFj4wNdEeeoQUSy92RoMB8GA1UdIwQY
MBaAFP0RxGVK9wLllutQ0T+khttNm84KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQt
Yzk1M2UzMzk4YzYzLzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC81ZTMxODUtMzhjNS00YTViLWJmMjQtYzk1M2UzMzk4YzYz
LzEvX1JIRVpVcjNBdVdXNjFEUlA2U0cyMDJiemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJvoQaBAj
zFnWO6reFJwlWnXpdpgiFh079ff0ZGNm1chmt0WfivlQtVU1YXUDdSWiHPdWHM13
sg9Jm6xKI81XTwxP/z651R7QTziT+72KwGfW4EdnSoIJTaply2zj/SSfShjDDkV+
kKwiKMIjtqu0leWyoKsvJzBYEY7qpmL9YkQEG1DEM8P3OfSsA4pVZfN4vmfbGkvZ
xd9D3ggKqq0QJLup4t7ATE9Vr/iGQq83C0ZkKIfGmGTjLdLjXOl0/Ajgn08rf0DT
VL4zAcvSWyJ+srJskg4iwChwyt9g6wnmtjMMwY3Z0QIfuM+dXzGkwnv8nYQEzj55
8dyvd0yzJukzYg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:38 2025 by rpki-client