Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.mft
File: hcNSXWi2ERZWThbh3U5WywNcnIU.mft (raw, json)
Hash identifier: 6FjD+rw8uNAaNCXo/RXslIRYyDizNuGuIvg5n6prxNg=
Subject key identifier: 72:D0:C3:CD:73:7E:13:A8:9E:6B:50:B3:13:A8:78:84:C7:E5:B8:48
Authority key identifier: 85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
Certificate issuer: /CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Certificate serial: 019A714A1FA3C8DC609A0A8C2FBF14EC971D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.mft
Manifest number: 1725
Signing time: Tue 11 Nov 2025 05:01:14 +0000
Manifest this update: Tue 11 Nov 2025 05:01:14 +0000
Manifest next update: Wed 12 Nov 2025 05:01:14 +0000
Files and hashes: 1: hEPXQgU_4RM48GU6YHvdaeu2Uew.roa (hash: Y8wvnBW02yBGPfnw7ReZF8CB9IAoGOhz+Y/sJITIMzc=)
2: hcNSXWi2ERZWThbh3U5WywNcnIU.crl (hash: z0bkcgWC+3/Ql3GTFQDOyzkUhmk0O5jo+c/zL5lnRH4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:1f:a3:c8:dc:60:9a:0a:8c:2f:bf:14:ec:97:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Validity
Not Before: Nov 11 05:01:14 2025 GMT
Not After : Nov 12 05:01:14 2025 GMT
Subject: CN=72d0c3cd737e13a89e6b50b313a87884c7e5b848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:16:3e:7f:e4:73:9b:fa:d3:ba:67:f3:02:
43:f5:c5:16:8c:42:a9:f4:c9:62:2c:a5:65:c6:5c:
b4:3d:3b:83:d9:30:77:72:de:60:9b:81:75:89:06:
1f:34:bf:8a:fd:ef:a5:cc:d5:77:d6:3d:83:d1:64:
dd:ee:31:5b:c7:4e:62:5b:be:6f:ad:2a:d2:16:97:
66:23:6b:e4:c4:f2:7f:17:7b:cf:f7:2b:05:41:1a:
ac:2b:06:b5:a2:a6:15:06:a7:b7:6c:f2:1c:7c:b5:
8b:73:27:56:be:44:18:a7:0a:39:c6:73:19:8b:8b:
29:8a:4b:70:28:60:be:4e:07:3d:75:4f:9e:20:c6:
24:3b:94:65:86:c5:f0:45:3c:73:23:7f:fa:b5:f4:
d0:b7:9a:db:4d:da:bb:cf:33:53:a0:82:08:23:f8:
53:ea:9c:52:0b:4c:7d:70:22:aa:47:d5:8e:b6:5f:
74:37:56:39:1b:52:21:95:4c:ae:f4:b1:b2:65:e4:
47:e2:8b:8b:17:9a:55:0e:19:09:9f:8a:c1:32:b4:
8d:8d:4b:85:75:94:66:a8:e9:a1:a6:b7:f7:88:4d:
b1:e2:d0:f4:84:54:4c:cd:31:bb:af:0b:3e:a9:d0:
21:d8:a9:45:7f:81:f1:0d:01:b4:40:c1:95:e8:8a:
88:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D0:C3:CD:73:7E:13:A8:9E:6B:50:B3:13:A8:78:84:C7:E5:B8:48
X509v3 Authority Key Identifier:
keyid:85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:b7:8b:16:2f:9f:fa:4d:50:75:e9:82:bc:b6:3d:4b:a0:4d:
c6:3f:9e:1b:c0:e4:a4:f5:1f:1b:01:aa:0c:7e:b7:9d:cb:fc:
91:a3:1e:ed:24:ca:ee:6d:b1:39:55:ab:32:a5:78:8a:04:32:
00:e5:be:6a:f8:2d:60:d3:97:b5:a7:b4:7a:f1:45:40:3a:54:
3c:19:e8:b8:e0:b0:35:5f:db:d7:8d:77:aa:bd:e2:47:4d:bf:
82:7e:18:47:19:c0:4d:ed:5a:36:67:8f:40:29:fd:97:28:be:
77:21:05:22:79:39:d5:d3:da:08:77:84:5d:1b:b1:b0:bc:f9:
05:fd:db:95:53:8b:66:38:63:9a:37:49:42:52:e5:9e:c7:b4:
77:c5:5f:cd:df:4a:76:2e:7e:1b:b8:7b:8b:3b:b5:1d:57:ae:
7d:11:30:15:f9:0a:61:69:d2:98:62:aa:37:8c:f5:88:ff:39:
43:78:e6:b1:56:93:a8:33:ed:83:04:db:b4:7a:d8:93:2b:06:
02:26:f6:67:c4:64:a9:28:a0:4e:e5:3f:6c:ba:6f:57:b8:0f:
9d:a3:b7:a0:da:a8:1e:31:ba:de:1b:ac:77:ce:98:c0:ce:13:
c9:80:c0:87:47:f7:74:a2:27:18:9c:b6:d0:90:1b:f2:80:df:
6c:6d:54:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSh+jyNxgmgqML78U7JcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzM1MjVkNjhiNjExMTY1NjRlMTZlMWRkNGU1NmNiMDM1
YzljODUwHhcNMjUxMTExMDUwMTE0WhcNMjUxMTEyMDUwMTE0WjAzMTEwLwYDVQQD
Eyg3MmQwYzNjZDczN2UxM2E4OWU2YjUwYjMxM2E4Nzg4NGM3ZTViODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDsWPn/kc5v607pn8wJD9cUWjEKp
9MliLKVlxly0PTuD2TB3ct5gm4F1iQYfNL+K/e+lzNV31j2D0WTd7jFbx05iW75v
rSrSFpdmI2vkxPJ/F3vP9ysFQRqsKwa1oqYVBqe3bPIcfLWLcydWvkQYpwo5xnMZ
i4spiktwKGC+Tgc9dU+eIMYkO5RlhsXwRTxzI3/6tfTQt5rbTdq7zzNToIIII/hT
6pxSC0x9cCKqR9WOtl90N1Y5G1IhlUyu9LGyZeRH4ouLF5pVDhkJn4rBMrSNjUuF
dZRmqOmhprf3iE2x4tD0hFRMzTG7rws+qdAh2KlFf4HxDQG0QMGV6IqIbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLQw81zfhOonmtQsxOoeITH5bhIMB8GA1UdIwQY
MBaAFIXDUl1othEWVk4W4d1OVssDXJyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDkt
Njk0ZGJmYWRkYjhmLzEvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDktNjk0ZGJmYWRkYjhm
LzEvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbLeLFi+f
+k1QdemCvLY9S6BNxj+eG8DkpPUfGwGqDH63ncv8kaMe7STK7m2xOVWrMqV4igQy
AOW+avgtYNOXtae0evFFQDpUPBnouOCwNV/b1413qr3iR02/gn4YRxnATe1aNmeP
QCn9lyi+dyEFInk51dPaCHeEXRuxsLz5Bf3blVOLZjhjmjdJQlLlnse0d8Vfzd9K
di5+G7h7izu1HVeufREwFfkKYWnSmGKqN4z1iP85Q3jmsVaTqDPtgwTbtHrYkysG
Aib2Z8RkqSigTuU/bLpvV7gPnaO3oNqoHjG63husd86YwM4TyYDAh0f3dKInGJy2
0JAb8oDfbG1UVA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:28:08 2025 by rpki-client