Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
File: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft (raw, json)
Hash identifier: izmJHL1djx6dy3QLuMltYudJ5E8TEuzlgvRZyeeq/rc=
Subject key identifier: 25:09:CA:D2:4C:30:EB:C4:10:D0:AA:0F:22:B6:CA:FE:86:37:3B:20
Authority key identifier: 85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
Certificate issuer: /CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Certificate serial: 019A71B87A5E51787122971C79E0AEC06FC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 07:01:46 +0000
Manifest this update: Tue 11 Nov 2025 07:01:46 +0000
Manifest next update: Wed 12 Nov 2025 07:01:46 +0000
Files and hashes: 1: PbEykFk95Qp-GzLhGQEzPuqSxmk.roa (hash: Hvk7rTnua0DJqMwP5Nyh8b4Zk2rUSg2r4snTzFoJ1wk=)
2: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl (hash: FRgka8VIwzZT6CBzBR0OgvAjQaQpxcoMZlY07qPMrOQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:7a:5e:51:78:71:22:97:1c:79:e0:ae:c0:6f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Validity
Not Before: Nov 11 07:01:46 2025 GMT
Not After : Nov 12 07:01:46 2025 GMT
Subject: CN=2509cad24c30ebc410d0aa0f22b6cafe86373b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e6:b5:05:60:fe:f0:36:af:19:45:74:f4:bf:
1e:37:9a:3a:44:df:92:9f:26:65:8c:bd:76:0c:82:
55:1d:62:26:15:43:d8:c8:d5:0f:eb:d0:41:dc:d6:
50:ad:99:fa:b1:66:05:9c:1f:e4:21:ba:a6:e8:c4:
04:73:db:92:4b:c9:63:91:9c:ed:35:01:26:52:fd:
9a:dd:39:1e:cf:a4:68:c2:b5:f0:d7:8d:f2:03:64:
ea:7a:5d:aa:bb:b2:1d:e0:fa:4d:42:70:0e:44:ba:
cd:0d:a1:6d:eb:b9:5f:0c:2f:b1:79:8f:b0:6b:74:
ae:3f:7f:8d:e0:82:0a:3a:2d:ab:7c:b5:ad:41:b4:
93:3f:96:d7:62:34:27:5a:a2:a3:a5:92:b4:51:f4:
32:11:5d:f4:fb:89:9d:99:46:61:9e:f0:d6:95:76:
d3:ce:03:a7:61:10:2d:9a:4e:60:e5:7c:88:f6:c9:
2e:69:05:95:f2:66:9b:bc:a3:e9:3e:c5:4e:82:f8:
27:5f:4e:fe:21:55:5c:25:42:2a:3c:98:a7:87:69:
66:37:ba:86:b3:a5:d0:11:5c:91:e2:cb:a5:47:8a:
2b:75:22:3c:2a:21:82:dd:81:d5:af:27:04:32:69:
c8:de:01:26:03:1c:50:ff:42:3f:8a:81:9d:d0:58:
72:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:09:CA:D2:4C:30:EB:C4:10:D0:AA:0F:22:B6:CA:FE:86:37:3B:20
X509v3 Authority Key Identifier:
keyid:85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:ef:4a:7d:c3:0d:f5:dc:88:78:d3:30:4d:fd:99:bc:f5:c7:
b4:1a:5d:5c:54:44:81:25:12:7b:94:b6:4c:71:1b:4a:e0:75:
a6:47:5e:d7:69:96:10:fb:62:78:94:92:f2:60:3e:bb:05:04:
1f:a1:a5:69:6b:05:03:bd:2a:16:28:a0:c0:55:5c:ac:72:46:
42:0b:f7:36:7c:1b:19:b7:c5:25:a5:04:88:d7:8b:d3:10:a1:
64:8d:9c:c9:5b:e0:c8:e8:66:c3:b6:72:a6:42:55:ac:a7:5e:
6d:d7:aa:f9:5f:a3:19:25:01:c7:51:a7:24:ba:c0:91:c4:70:
10:fd:82:90:88:52:3e:16:bd:72:b0:7c:1b:e7:53:a9:38:7f:
3f:fd:35:1f:64:79:89:7b:3a:b2:52:26:da:c7:93:72:ad:b0:
d8:b5:8d:2a:3e:94:d8:17:d3:ad:23:95:0d:18:2c:07:3f:33:
ff:01:90:0d:bf:21:92:f1:0b:da:a3:95:31:8a:54:4d:ae:f0:
f6:45:6d:e3:4e:22:c1:17:f9:7f:8c:ce:d0:9a:b2:3f:a8:da:
df:ca:da:96:2c:b1:04:8d:6e:95:ce:d3:9b:34:46:7e:28:8c:
8d:4f:52:0c:83:77:62:1f:76:60:08:9d:ed:8a:cd:67:9b:d6:
7d:58:56:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHpeUXhxIpcceeCuwG/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OWQ1MTc3MDc3YjkwODE4YzZmOTBhZTRlNDQzMzJkOGNh
Y2JiNzQwHhcNMjUxMTExMDcwMTQ2WhcNMjUxMTEyMDcwMTQ2WjAzMTEwLwYDVQQD
EygyNTA5Y2FkMjRjMzBlYmM0MTBkMGFhMGYyMmI2Y2FmZTg2MzczYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOa1BWD+8DavGUV09L8eN5o6RN+S
nyZljL12DIJVHWImFUPYyNUP69BB3NZQrZn6sWYFnB/kIbqm6MQEc9uSS8ljkZzt
NQEmUv2a3Tkez6RowrXw143yA2Tqel2qu7Id4PpNQnAORLrNDaFt67lfDC+xeY+w
a3SuP3+N4IIKOi2rfLWtQbSTP5bXYjQnWqKjpZK0UfQyEV30+4mdmUZhnvDWlXbT
zgOnYRAtmk5g5XyI9skuaQWV8mabvKPpPsVOgvgnX07+IVVcJUIqPJinh2lmN7qG
s6XQEVyR4sulR4ordSI8KiGC3YHVrycEMmnI3gEmAxxQ/0I/ioGd0FhyIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUJytJMMOvEENCqDyK2yv6GNzsgMB8GA1UdIwQY
MBaAFIWdUXcHe5CBjG+Qrk5EMy2MrLt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGIt
M2FjOTZiZTI4NWUwLzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGItM2FjOTZiZTI4NWUw
LzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+9KfcMN
9dyIeNMwTf2ZvPXHtBpdXFREgSUSe5S2THEbSuB1pkde12mWEPtieJSS8mA+uwUE
H6GlaWsFA70qFiigwFVcrHJGQgv3NnwbGbfFJaUEiNeL0xChZI2cyVvgyOhmw7Zy
pkJVrKdebdeq+V+jGSUBx1GnJLrAkcRwEP2CkIhSPha9crB8G+dTqTh/P/01H2R5
iXs6slIm2seTcq2w2LWNKj6U2BfTrSOVDRgsBz8z/wGQDb8hkvEL2qOVMYpUTa7w
9kVt404iwRf5f4zO0JqyP6ja38raliyxBI1ulc7TmzRGfiiMjU9SDIN3Yh92YAid
7YrNZ5vWfVhWrA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:45 2025 by rpki-client