Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
File: hSC3fQNbkS_6QG393ynjopY-aQQ.mft (raw, json)
Hash identifier: mTWFp/OpKdg4KOqLL4ZTa5tnXcm+jXrL6DkfkTe9R64=
Subject key identifier: 88:24:6E:D3:D4:34:3C:A7:60:37:EC:02:B5:80:44:28:7B:35:97:0B
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 019A71499B98EB40D04A0A5D80C7C505C6BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
Manifest number: 0932
Signing time: Tue 11 Nov 2025 05:00:40 +0000
Manifest this update: Tue 11 Nov 2025 05:00:40 +0000
Manifest next update: Wed 12 Nov 2025 05:00:40 +0000
Files and hashes: 1: GrVfgYYa0s5gLsRQp5P5vAQeHlE.roa (hash: Twu1XyErZ1bzBOtE8/HK3XbggJvMpOYaRXT376BODWE=)
2: XUIGCJfhGsoP5FdVAQmT9lUNYuc.roa (hash: hjmwDLHRKf4c787nov0R6bRVLxtqmM1uwueYf+NK6fU=)
3: hSC3fQNbkS_6QG393ynjopY-aQQ.crl (hash: 033hKpy5brXpM4+gqjJPkxzITU0Q+WM3wd0QQEzSyYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:9b:98:eb:40:d0:4a:0a:5d:80:c7:c5:05:c6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Nov 11 05:00:40 2025 GMT
Not After : Nov 12 05:00:40 2025 GMT
Subject: CN=88246ed3d4343ca76037ec02b58044287b35970b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2c:4b:a8:60:1f:c0:48:65:5f:69:b5:35:41:
f7:ac:f9:e8:92:20:a1:a6:00:0b:9a:1b:fc:a6:90:
57:67:ee:88:29:5a:ab:31:6a:ce:27:4a:a2:52:de:
b6:93:eb:3c:a0:b9:19:bb:92:69:37:df:9d:49:15:
c8:1f:58:5a:71:5a:03:93:2f:a9:00:0e:ce:27:66:
05:f6:9f:c1:33:2c:9a:6f:f5:58:d1:c2:9e:d8:1a:
bf:ed:ca:2d:e0:d4:a5:72:b7:ff:a3:1b:bc:9a:62:
43:07:a2:4c:6d:35:3d:f4:a3:69:12:7a:56:d3:4d:
b0:1a:65:47:36:9b:fb:18:ef:80:93:9b:6c:c8:38:
9d:8d:31:d7:e2:33:d3:51:04:18:2a:79:95:84:46:
e9:bc:45:e6:e0:3d:69:9e:a1:bd:27:02:a2:9c:12:
a4:67:96:d4:6d:e3:be:54:53:2d:18:aa:d8:4e:64:
c3:9a:ac:0f:2e:38:d5:9e:b0:a1:54:65:21:57:d2:
b5:a1:64:65:64:d8:43:7b:69:cf:04:6b:92:23:db:
4c:30:33:4b:20:95:e2:68:d3:81:ae:a2:ac:63:d4:
5b:71:f4:89:49:07:90:34:91:6b:40:fe:c9:a5:5a:
eb:7e:1f:85:f1:01:54:f8:a0:08:44:2a:50:a0:85:
fb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:24:6E:D3:D4:34:3C:A7:60:37:EC:02:B5:80:44:28:7B:35:97:0B
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
df:b8:11:36:09:7c:76:a4:32:5d:f8:b0:40:51:2e:cb:4e:d7:
d5:d0:96:21:7d:7e:67:93:4b:94:94:43:0f:64:45:d2:50:46:
07:53:16:1a:c4:b3:99:d4:7b:d8:fe:43:a0:fe:4e:fc:67:b8:
3c:58:68:ff:70:74:05:65:16:a0:bf:89:f2:fe:2b:71:53:f9:
2e:b7:a8:d6:6c:d3:62:b7:f9:b0:8b:b8:21:d2:80:59:a3:f3:
f8:4c:cc:46:37:c5:4c:0d:88:0e:bf:20:d1:79:07:be:a6:5b:
37:60:c0:70:db:dc:37:ce:0f:c7:87:33:21:33:74:2e:94:78:
06:0e:8c:ee:8e:d6:e1:71:60:b4:6d:dc:4e:f3:99:1d:0e:20:
e4:1f:f3:e6:d9:44:89:6f:e2:d3:88:94:96:c0:c0:80:63:0c:
4f:8e:fc:b4:03:e5:03:67:0d:d5:09:29:b9:15:77:4c:77:be:
0b:65:6b:c5:f0:86:dc:8e:96:4c:0c:42:7a:4a:fd:d1:41:40:
11:00:10:40:a9:52:ba:21:1a:89:50:34:63:ba:62:57:ad:49:
c8:ee:a3:d8:2a:5b:8f:0a:5d:44:5b:9d:b3:f9:4f:49:01:ac:
7c:6f:26:7e:23:55:d0:a7:7a:cf:3e:63:48:ad:76:26:9f:f7:
04:33:22:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSZuY60DQSgpdgMfFBca/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjUxMTExMDUwMDQwWhcNMjUxMTEyMDUwMDQwWjAzMTEwLwYDVQQD
Eyg4ODI0NmVkM2Q0MzQzY2E3NjAzN2VjMDJiNTgwNDQyODdiMzU5NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnixLqGAfwEhlX2m1NUH3rPnokiCh
pgALmhv8ppBXZ+6IKVqrMWrOJ0qiUt62k+s8oLkZu5JpN9+dSRXIH1hacVoDky+p
AA7OJ2YF9p/BMyyab/VY0cKe2Bq/7cot4NSlcrf/oxu8mmJDB6JMbTU99KNpEnpW
002wGmVHNpv7GO+Ak5tsyDidjTHX4jPTUQQYKnmVhEbpvEXm4D1pnqG9JwKinBKk
Z5bUbeO+VFMtGKrYTmTDmqwPLjjVnrChVGUhV9K1oWRlZNhDe2nPBGuSI9tMMDNL
IJXiaNOBrqKsY9RbcfSJSQeQNJFrQP7JpVrrfh+F8QFU+KAIRCpQoIX7AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgkbtPUNDynYDfsArWARCh7NZcLMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA37gRNgl8
dqQyXfiwQFEuy07X1dCWIX1+Z5NLlJRDD2RF0lBGB1MWGsSzmdR72P5DoP5O/Ge4
PFho/3B0BWUWoL+J8v4rcVP5Lreo1mzTYrf5sIu4IdKAWaPz+EzMRjfFTA2IDr8g
0XkHvqZbN2DAcNvcN84Px4czITN0LpR4Bg6M7o7W4XFgtG3cTvOZHQ4g5B/z5tlE
iW/i04iUlsDAgGMMT478tAPlA2cN1QkpuRV3THe+C2VrxfCG3I6WTAxCekr90UFA
EQAQQKlSuiEaiVA0Y7piV61JyO6j2CpbjwpdRFuds/lPSQGsfG8mfiNV0Kd6zz5j
SK12Jp/3BDMieQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:34:58 2025 by rpki-client