Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File: hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier: IuzJ8HQrhKjNzO19bCaNudmlE1DbW/FOinGirJtOZMM=
Subject key identifier: 1A:9E:40:C0:16:A4:E5:A9:93:FE:10:96:1A:7E:5C:29:37:8F:FB:87
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer: /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial: 019A194FE6D51CC525021BB91391C6E3E1AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number: 16F5
Signing time: Sat 25 Oct 2025 03:00:58 +0000
Manifest this update: Sat 25 Oct 2025 03:00:58 +0000
Manifest next update: Sun 26 Oct 2025 03:00:58 +0000
Files and hashes: 1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: n7Z3bG1GyhLFlJXh16St9vcIhLaAynJTYHgfPXOxVDc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 02:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:19:4f:e6:d5:1c:c5:25:02:1b:b9:13:91:c6:e3:e1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
Validity
Not Before: Oct 25 03:00:58 2025 GMT
Not After : Oct 26 03:00:58 2025 GMT
Subject: CN=1a9e40c016a4e5a993fe10961a7e5c29378ffb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e5:6c:5d:b3:75:18:41:10:32:72:6b:d4:37:
5d:58:e0:9c:22:5c:1d:20:e1:16:58:38:5f:c8:30:
b6:ee:44:b6:c1:6d:d1:a9:b6:cc:ce:b2:a3:3d:f7:
49:33:ef:b5:4d:d7:6e:a6:b9:f3:7c:24:89:d7:ab:
56:09:26:51:fe:8a:a2:0f:28:97:9f:80:d0:4b:c3:
84:c8:81:75:0d:55:04:38:cb:99:77:92:69:85:a8:
43:55:17:5f:42:2c:c2:a1:6a:da:ea:d5:ae:0d:f9:
e2:4e:9a:3f:01:49:4e:10:e7:29:6c:3f:f4:8c:06:
77:f4:1d:b2:4a:33:9a:03:85:f7:04:f2:9d:34:1b:
00:6e:fb:ec:a9:c7:cb:99:09:34:a3:0e:bf:38:a1:
72:cd:3a:eb:27:c8:85:7c:e5:b2:95:60:0b:6c:69:
5e:d6:ca:40:96:40:29:34:dc:01:57:14:13:d6:46:
d1:6e:80:e4:8b:cc:a3:53:e5:8e:c8:f7:59:29:31:
39:66:5c:a4:19:55:0a:1a:1d:a2:4c:1b:1e:c4:34:
c5:74:ff:30:ad:69:b7:16:54:19:a9:bc:63:33:34:
b2:9b:95:10:38:49:12:6a:c1:85:e7:7f:c1:b6:21:
17:3c:ef:f4:d5:ee:d8:5f:04:a5:fe:12:24:70:2b:
2b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9E:40:C0:16:A4:E5:A9:93:FE:10:96:1A:7E:5C:29:37:8F:FB:87
X509v3 Authority Key Identifier:
keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:ee:8d:0c:2b:9d:ea:a1:57:43:bd:2d:79:07:56:d9:99:dc:
d5:c3:f0:13:57:fe:a2:f5:1d:33:a7:b5:d9:34:57:c8:ee:90:
c0:16:b6:81:aa:5f:4d:d2:f1:60:b1:4b:05:c7:bd:4c:3b:cc:
96:2b:22:09:b0:e0:29:cb:c9:ea:31:12:e7:ca:28:90:8c:08:
fb:09:07:a5:00:6f:7b:6e:f6:bd:86:0a:9a:27:7d:49:b7:c8:
7a:c8:0e:bf:92:4d:5e:f7:80:11:1a:64:19:f3:62:3e:7b:d2:
31:4f:df:61:d6:3d:e7:4d:d5:d8:80:9f:ec:c0:1c:70:c1:33:
f9:db:38:2b:d1:c5:5d:11:50:ed:14:71:64:27:1b:53:62:07:
8c:c9:dc:35:a8:52:b6:4c:00:bf:d9:db:c7:07:55:9e:f6:64:
44:0c:7e:87:ab:e4:a8:3e:fe:90:80:b1:4f:e5:e4:2d:6b:85:
e0:71:7b:94:f9:18:d1:a5:8b:db:e5:8d:88:5b:1b:7a:07:13:
0f:62:bd:9c:3f:2f:09:93:07:f1:14:08:8a:b5:d8:b9:5d:c4:
b9:b7:d2:8b:63:ee:34:c2:9a:3a:09:14:14:5c:74:b3:a6:34:
d4:40:27:1b:11:f8:19:a7:a6:b3:19:32:1b:4d:de:ad:be:51:
cf:30:49:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoZT+bVHMUlAhu5E5HG4+GvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUxMDI1MDMwMDU4WhcNMjUxMDI2MDMwMDU4WjAzMTEwLwYDVQQD
EygxYTllNDBjMDE2YTRlNWE5OTNmZTEwOTYxYTdlNWMyOTM3OGZmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+VsXbN1GEEQMnJr1DddWOCcIlwd
IOEWWDhfyDC27kS2wW3RqbbMzrKjPfdJM++1TdduprnzfCSJ16tWCSZR/oqiDyiX
n4DQS8OEyIF1DVUEOMuZd5JphahDVRdfQizCoWra6tWuDfniTpo/AUlOEOcpbD/0
jAZ39B2ySjOaA4X3BPKdNBsAbvvsqcfLmQk0ow6/OKFyzTrrJ8iFfOWylWALbGle
1spAlkApNNwBVxQT1kbRboDki8yjU+WOyPdZKTE5ZlykGVUKGh2iTBsexDTFdP8w
rWm3FlQZqbxjMzSym5UQOEkSasGF53/BtiEXPO/01e7YXwSl/hIkcCsrwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqeQMAWpOWpk/4Qlhp+XCk3j/uHMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+6NDCud
6qFXQ70teQdW2Znc1cPwE1f+ovUdM6e12TRXyO6QwBa2gapfTdLxYLFLBce9TDvM
lisiCbDgKcvJ6jES58ookIwI+wkHpQBve272vYYKmid9SbfIesgOv5JNXveAERpk
GfNiPnvSMU/fYdY9503V2ICf7MAccMEz+ds4K9HFXRFQ7RRxZCcbU2IHjMncNahS
tkwAv9nbxwdVnvZkRAx+h6vkqD7+kICxT+XkLWuF4HF7lPkY0aWL2+WNiFsbegcT
D2K9nD8vCZMH8RQIirXYuV3EubfSi2PuNMKaOgkUFFx0s6Y01EAnGxH4Gaemsxky
G03erb5RzzBJ6w==
-----END CERTIFICATE-----
Generated at Sat Oct 25 10:14:18 2025 by rpki-client