Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: xHdWGY13ormSRs79ISiQAbM/pKYeoSTRhk7X6GQYIXY=
Subject key identifier: 87:DE:D8:D9:F9:3E:26:6C:26:1A:1B:68:D4:92:2B:BD:29:4A:86:79
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 019A722615AEC92D0F8A0B7F1FC3215BD693
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:29 +0000
Manifest this update: Tue 11 Nov 2025 09:01:29 +0000
Manifest next update: Wed 12 Nov 2025 09:01:29 +0000
Files and hashes: 1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: smuZ774T8q40vr3XwjvNShtIpza1UmYT0JcrAGJ9gl0=)
2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:15:ae:c9:2d:0f:8a:0b:7f:1f:c3:21:5b:d6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Nov 11 09:01:29 2025 GMT
Not After : Nov 12 09:01:29 2025 GMT
Subject: CN=87ded8d9f93e266c261a1b68d4922bbd294a8679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:06:f7:7f:ff:17:fa:4b:2e:3e:8d:00:cb:5f:
6c:06:2f:1c:a9:ee:af:29:7a:c5:3b:4b:6d:2d:a8:
b9:95:aa:70:52:8b:45:52:53:fc:af:b7:2b:0a:99:
4c:18:d4:85:a2:d7:90:20:fc:57:d6:d5:39:76:22:
dd:97:6b:d2:0a:1c:f6:9d:1f:92:07:27:d9:22:65:
0d:6c:a7:b3:38:ad:a9:53:01:52:78:11:f8:72:3c:
e7:9b:ab:f2:40:52:27:ce:bc:1a:c7:82:02:ca:6e:
f9:c5:5f:ce:43:a5:04:30:ef:84:6f:4f:72:75:e5:
e5:5a:5e:0c:a8:9a:76:ec:ed:d7:8e:e2:36:c3:19:
09:02:f7:29:33:30:c7:3f:7f:e7:b9:c7:a9:2e:02:
99:6f:4e:99:c0:ec:d1:5f:dd:90:28:6b:46:31:46:
7b:ce:fe:c4:ea:ea:f2:2f:85:12:7c:59:d4:ef:06:
18:cc:c5:ce:62:82:ff:28:d2:03:b2:0e:ab:f4:a4:
f1:11:84:03:57:89:c3:8e:31:b3:ed:d2:e3:2d:32:
70:50:81:0f:5e:2d:a5:74:52:05:3a:24:87:39:9b:
cd:72:c3:5d:ea:1c:35:0a:c6:d5:06:bc:58:f6:f3:
28:38:8a:42:45:1c:71:75:46:fa:88:7b:3b:1d:65:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DE:D8:D9:F9:3E:26:6C:26:1A:1B:68:D4:92:2B:BD:29:4A:86:79
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:8a:8c:bb:aa:4b:c8:ff:07:49:76:e9:b5:35:c2:53:4a:f1:
11:ac:db:5f:34:ff:ba:92:03:d1:76:16:f8:d6:c7:f7:f3:be:
22:d6:a4:c0:1c:9c:b7:c2:4a:98:71:c4:e3:5a:10:8d:9d:6c:
8a:5b:3d:aa:c9:60:a5:49:65:80:6c:58:40:9e:93:58:ce:54:
a5:3a:a0:a2:ab:0f:50:e1:6b:59:a0:d4:fc:65:d7:a9:ba:61:
b5:70:67:73:8d:cd:1e:ca:90:de:e2:47:cc:e9:78:c9:43:49:
15:8c:fa:1e:e8:b7:0b:c3:2d:d6:32:cd:bf:df:a1:15:c2:3c:
c6:a5:2f:67:01:79:f7:69:b2:a8:ed:6a:cb:fd:ef:05:18:54:
d6:46:a0:7c:aa:29:d1:9f:c1:6d:0b:c6:68:5d:a6:2f:be:f0:
56:12:81:79:24:ef:af:3c:cc:72:00:8e:91:5a:61:9a:ce:32:
3f:12:86:1f:c4:76:82:21:ee:f8:cb:f9:3a:c9:9b:2e:43:15:
43:74:5f:01:4e:bc:5d:9f:c5:8f:6e:32:ac:45:ef:ed:ad:a5:
70:61:82:18:27:df:1d:61:c0:7f:77:0d:90:14:1c:2f:a1:fa:
82:a5:46:b6:38:c5:2a:cd:5b:89:0d:77:27:e4:2e:7c:80:31:
3b:42:99:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhWuyS0Pigt/H8MhW9aTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
Eyg4N2RlZDhkOWY5M2UyNjZjMjYxYTFiNjhkNDkyMmJiZDI5NGE4Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgb3f/8X+ksuPo0Ay19sBi8cqe6v
KXrFO0ttLai5lapwUotFUlP8r7crCplMGNSFoteQIPxX1tU5diLdl2vSChz2nR+S
ByfZImUNbKezOK2pUwFSeBH4cjznm6vyQFInzrwax4ICym75xV/OQ6UEMO+Eb09y
deXlWl4MqJp27O3XjuI2wxkJAvcpMzDHP3/nucepLgKZb06ZwOzRX92QKGtGMUZ7
zv7E6uryL4USfFnU7wYYzMXOYoL/KNIDsg6r9KTxEYQDV4nDjjGz7dLjLTJwUIEP
Xi2ldFIFOiSHOZvNcsNd6hw1CsbVBrxY9vMoOIpCRRxxdUb6iHs7HWV5ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfe2Nn5PiZsJhobaNSSK70pSoZ5MB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4qMu6pL
yP8HSXbptTXCU0rxEazbXzT/upID0XYW+NbH9/O+ItakwByct8JKmHHE41oQjZ1s
ils9qslgpUllgGxYQJ6TWM5UpTqgoqsPUOFrWaDU/GXXqbphtXBnc43NHsqQ3uJH
zOl4yUNJFYz6Hui3C8Mt1jLNv9+hFcI8xqUvZwF592myqO1qy/3vBRhU1kagfKop
0Z/BbQvGaF2mL77wVhKBeSTvrzzMcgCOkVphms4yPxKGH8R2giHu+Mv5OsmbLkMV
Q3RfAU68XZ/Fj24yrEXv7a2lcGGCGCffHWHAf3cNkBQcL6H6gqVGtjjFKs1biQ13
J+QufIAxO0KZUA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:39:31 2025 by rpki-client