Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
File: h9mQExRnt30RFit5--OwbKirLTk.mft (raw, json)
Hash identifier: i2yNdb+iLIzZD1qgqvxomPpHTze8BJF0hoQQTeekcaI=
Subject key identifier: 29:20:FC:B2:12:55:F6:DB:3C:D0:CB:1B:80:83:AB:A0:B2:5F:72:38
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 019954C251D9DEF279DA60BBB622875EC02E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
Manifest number: 169C
Signing time: Tue 16 Sep 2025 23:00:45 +0000
Manifest this update: Tue 16 Sep 2025 23:00:45 +0000
Manifest next update: Wed 17 Sep 2025 23:00:45 +0000
Files and hashes: 1: BpGdK4vNgugH_zIwdKpTLTonzFI.roa (hash: XCtnPAQsPAejFAsLvLkAMfASQaAA0TQU3hCkuPs7vLM=)
2: XOmOBh50cvCvJmnFjaJhaHYW2sE.roa (hash: 6F6wNjub6rC7wNAaFOeBE6JJ3w2cU7C6GJM4bNB9ZQQ=)
3: h9mQExRnt30RFit5--OwbKirLTk.crl (hash: bH7d5iFn8nCTOrbPQgm2rQCzT6yZsUr8wWxeAk/M8m4=)
4: viZJ1ILrK-Lhvo6EpJnhGu2o9Q4.roa (hash: VBEvk2C209Y5tb0FL9tK/NrEWGQ6MCpm2RIBK/aQkDU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 23:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:54:c2:51:d9:de:f2:79:da:60:bb:b6:22:87:5e:c0:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Sep 16 23:00:45 2025 GMT
Not After : Sep 17 23:00:45 2025 GMT
Subject: CN=2920fcb21255f6db3cd0cb1b8083aba0b25f7238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:98:5c:4e:8f:13:27:e9:12:8e:d5:59:db:8c:
51:c6:77:cf:93:8b:7b:61:24:1e:4d:71:39:52:29:
7b:30:d7:d1:ba:da:4f:34:b7:3f:b1:28:c5:89:1a:
b7:91:23:1e:28:f0:00:ad:24:46:5b:fa:d4:19:76:
3d:c8:fd:d7:bd:12:a5:26:1c:b5:c4:28:7d:78:2b:
2c:70:57:48:85:27:01:79:e2:92:31:57:51:2e:22:
43:c8:d2:e5:f2:66:26:70:8e:ad:67:8b:48:77:1b:
1d:b1:e1:27:24:43:91:22:99:d1:47:10:03:9b:a0:
e5:d8:be:42:36:17:ae:55:d7:a9:df:8f:a1:52:8b:
ff:c1:0e:e7:5d:be:b6:ea:8f:89:e2:85:65:85:04:
59:0e:d4:a3:22:0a:de:c5:fc:b1:39:82:18:79:9d:
1a:97:82:df:c4:cb:d8:2e:c8:28:dc:d9:3f:68:3d:
55:a2:c1:f7:df:44:9c:db:c0:41:42:dd:80:b6:11:
dc:7f:ab:49:da:1e:be:66:39:2a:31:0f:7a:10:fc:
a1:e6:67:ea:fa:4a:a2:e1:51:84:a4:d9:1c:3e:0e:
97:e1:c3:5b:d1:e6:3d:56:f0:c9:d9:e8:e1:42:a3:
62:81:05:a8:02:c2:c7:73:72:ad:b9:8f:ed:61:f4:
46:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:FC:B2:12:55:F6:DB:3C:D0:CB:1B:80:83:AB:A0:B2:5F:72:38
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:c1:7b:11:1f:4c:80:8f:8b:41:40:11:4f:ab:66:38:4b:49:
92:4a:ea:6e:e3:cb:9e:98:c9:62:08:32:2a:39:0c:b7:81:79:
18:0a:be:b9:f6:a1:e7:62:36:9a:da:35:be:37:c5:03:55:7d:
a3:7a:f3:db:4b:2f:99:02:2a:d9:c8:6a:aa:67:b7:4e:d9:8c:
c3:7b:9b:6b:cc:4e:f5:2f:8a:c3:b1:ab:a8:44:d8:fa:87:3c:
0f:1e:45:90:e0:9b:03:f9:e9:fe:82:3e:bd:47:bf:ad:09:37:
17:c9:a6:ca:ce:b9:7a:cc:c7:6c:76:dd:a8:c8:cc:41:90:01:
f8:45:a3:9a:43:e1:d7:44:65:2f:e6:b3:9a:f0:c8:db:84:3d:
f3:c4:4d:c5:21:9a:2b:08:bf:dd:3e:01:fb:ee:40:21:ec:19:
f9:dd:3e:95:03:db:dc:de:14:d0:20:3c:15:8f:2c:6c:f4:6f:
cc:39:f2:bf:33:ad:58:8c:5b:57:e3:19:ec:f4:a0:68:6c:b5:
7b:75:07:2f:53:a7:8e:1f:61:ca:bc:89:33:d0:0e:49:5a:04:
93:2c:5a:f9:76:d9:4b:4d:ea:e0:c1:9b:d2:74:6f:1c:e2:dc:
98:58:85:61:f9:80:8a:2b:da:62:cd:33:8a:e0:ed:96:7e:c0:
8f:78:69:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlUwlHZ3vJ52mC7tiKHXsAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjUwOTE2MjMwMDQ1WhcNMjUwOTE3MjMwMDQ1WjAzMTEwLwYDVQQD
EygyOTIwZmNiMjEyNTVmNmRiM2NkMGNiMWI4MDgzYWJhMGIyNWY3MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JhcTo8TJ+kSjtVZ24xRxnfPk4t7
YSQeTXE5Uil7MNfRutpPNLc/sSjFiRq3kSMeKPAArSRGW/rUGXY9yP3XvRKlJhy1
xCh9eCsscFdIhScBeeKSMVdRLiJDyNLl8mYmcI6tZ4tIdxsdseEnJEORIpnRRxAD
m6Dl2L5CNheuVdep34+hUov/wQ7nXb626o+J4oVlhQRZDtSjIgrexfyxOYIYeZ0a
l4LfxMvYLsgo3Nk/aD1VosH330Sc28BBQt2AthHcf6tJ2h6+ZjkqMQ96EPyh5mfq
+kqi4VGEpNkcPg6X4cNb0eY9VvDJ2ejhQqNigQWoAsLHc3KtuY/tYfRGDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkg/LISVfbbPNDLG4CDq6CyX3I4MB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqsF7ER9M
gI+LQUART6tmOEtJkkrqbuPLnpjJYggyKjkMt4F5GAq+ufah52I2mto1vjfFA1V9
o3rz20svmQIq2chqqme3TtmMw3uba8xO9S+Kw7GrqETY+oc8Dx5FkOCbA/np/oI+
vUe/rQk3F8mmys65eszHbHbdqMjMQZAB+EWjmkPh10RlL+azmvDI24Q988RNxSGa
Kwi/3T4B++5AIewZ+d0+lQPb3N4U0CA8FY8sbPRvzDnyvzOtWIxbV+MZ7PSgaGy1
e3UHL1Onjh9hyryJM9AOSVoEkyxa+XbZS03q4MGb0nRvHOLcmFiFYfmAiivaYs0z
iuDtln7Aj3hpKw==
-----END CERTIFICATE-----
Generated at Wed Sep 17 08:56:19 2025 by rpki-client