Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.mft
File: 0HCWDtmg2hybfiRX6ry2YEeNCK4.mft (raw, json)
Hash identifier: Pao62/E40fXU4mLuPJmdTMFzWW3mM3IvI5KnzCBQskM=
Subject key identifier: 52:21:1C:2F:80:C8:1C:A0:40:39:CC:2C:AB:7A:78:C1:25:BA:92:25
Authority key identifier: D0:70:96:0E:D9:A0:DA:1C:9B:7E:24:57:EA:BC:B6:60:47:8D:08:AE
Certificate issuer: /CN=d070960ed9a0da1c9b7e2457eabcb660478d08ae
Certificate serial: 019A1496DBCD844091012C30B6FBAB811D50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HCWDtmg2hybfiRX6ry2YEeNCK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.mft
Manifest number: 07CF
Signing time: Fri 24 Oct 2025 05:00:22 +0000
Manifest this update: Fri 24 Oct 2025 05:00:22 +0000
Manifest next update: Sat 25 Oct 2025 05:00:22 +0000
Files and hashes: 1: 0HCWDtmg2hybfiRX6ry2YEeNCK4.crl (hash: EmbwAE5Xvt+sFDvDmSX6j5QMpInoPYJcVE7KdOTNfIg=)
2: ZYblDAaDwwmnrchNjFrf0zm4tO0.roa (hash: TUJh6mrSVIERTxbeRqv55tj1PiJ2BrobmYQdllbfBL8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0HCWDtmg2hybfiRX6ry2YEeNCK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:14:96:db:cd:84:40:91:01:2c:30:b6:fb:ab:81:1d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d070960ed9a0da1c9b7e2457eabcb660478d08ae
Validity
Not Before: Oct 24 05:00:22 2025 GMT
Not After : Oct 25 05:00:22 2025 GMT
Subject: CN=52211c2f80c81ca04039cc2cab7a78c125ba9225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:44:44:86:65:98:ca:e0:c3:26:16:6d:35:20:
25:ee:a3:eb:2e:1e:ff:5c:92:2e:dc:a5:ad:a7:f5:
c5:8b:d7:ef:b3:15:7c:e7:a1:39:ed:01:eb:05:93:
c9:35:ee:d7:ba:af:d1:5c:1f:03:6c:18:16:42:5f:
eb:51:bb:f1:eb:1a:07:54:61:f3:a1:13:a2:8b:61:
6a:3a:c2:07:39:d4:fe:85:57:82:d4:b9:a3:70:21:
67:1d:e1:d1:79:b7:f9:f2:55:a3:ec:2f:d2:9b:1e:
cd:8b:39:56:9e:87:fa:66:c7:a9:5b:7b:43:c7:92:
f8:c6:73:a2:df:f3:b2:79:fc:87:4d:05:d3:5b:49:
bd:f5:76:8d:69:ff:65:86:93:f6:50:78:65:90:7e:
91:57:f4:1a:0e:36:5c:9e:44:8f:0d:b9:b1:93:8e:
7d:21:cb:31:5a:76:e9:a4:24:9e:2a:63:37:c8:17:
33:3f:1e:f6:42:87:53:e0:59:b8:5f:d0:78:ec:51:
44:6a:08:60:fb:df:05:20:10:29:00:d5:5d:cb:70:
09:02:b1:e9:f0:67:a5:fb:79:7e:b1:36:74:5f:f4:
a4:7b:9c:fb:d9:45:70:a8:b0:ee:7f:c0:da:f1:b8:
64:8f:44:e8:d1:83:56:d1:70:d0:c2:76:88:a2:69:
59:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:21:1C:2F:80:C8:1C:A0:40:39:CC:2C:AB:7A:78:C1:25:BA:92:25
X509v3 Authority Key Identifier:
keyid:D0:70:96:0E:D9:A0:DA:1C:9B:7E:24:57:EA:BC:B6:60:47:8D:08:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HCWDtmg2hybfiRX6ry2YEeNCK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/03558e-688f-4e1c-a66f-6eefda1108ad/1/0HCWDtmg2hybfiRX6ry2YEeNCK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:84:1e:08:77:36:4d:f4:4f:8d:52:35:36:e4:c7:e1:86:3e:
91:93:7e:69:3b:de:11:8e:b8:f2:9a:08:78:51:51:2f:55:7c:
01:7d:37:15:7f:b8:2b:1c:09:4a:e7:da:92:4c:ff:74:41:76:
30:89:76:46:9c:b7:f1:86:12:33:7d:e7:2b:95:11:ef:e3:2d:
7f:c7:8a:b5:b6:fc:db:59:30:11:42:ef:b1:f3:82:ee:18:b9:
ba:89:bb:ef:52:af:e7:f3:f9:f0:68:80:73:51:8e:47:f4:dc:
fe:df:66:86:9f:26:41:6e:a8:6c:08:83:43:6b:3c:cf:ef:14:
8f:5c:24:b3:35:f7:87:dc:70:4a:27:9e:a1:61:d9:89:57:96:
9a:4a:c7:a8:8c:8a:57:27:76:98:88:3a:45:96:45:a2:62:48:
5b:bf:7f:15:94:64:7a:9a:05:2a:d7:54:c8:4d:0d:7d:9b:41:
42:74:ab:09:81:cc:8b:3c:5f:97:c2:47:55:00:9b:6f:54:d6:
bb:a9:01:c3:a9:31:e1:e6:f9:6f:4d:54:2a:77:f2:f0:b0:98:
79:20:23:9d:38:58:fb:37:e9:a3:9a:6f:ba:02:8f:af:8c:ef:
43:ba:9c:c6:26:de:8f:13:92:01:68:94:88:ca:d2:8f:b2:13:
a5:33:a4:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoUltvNhECRASwwtvurgR1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNzA5NjBlZDlhMGRhMWM5YjdlMjQ1N2VhYmNiNjYwNDc4
ZDA4YWUwHhcNMjUxMDI0MDUwMDIyWhcNMjUxMDI1MDUwMDIyWjAzMTEwLwYDVQQD
Eyg1MjIxMWMyZjgwYzgxY2EwNDAzOWNjMmNhYjdhNzhjMTI1YmE5MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkREhmWYyuDDJhZtNSAl7qPrLh7/
XJIu3KWtp/XFi9fvsxV856E57QHrBZPJNe7Xuq/RXB8DbBgWQl/rUbvx6xoHVGHz
oROii2FqOsIHOdT+hVeC1LmjcCFnHeHRebf58lWj7C/Smx7NizlWnof6ZsepW3tD
x5L4xnOi3/OyefyHTQXTW0m99XaNaf9lhpP2UHhlkH6RV/QaDjZcnkSPDbmxk459
IcsxWnbppCSeKmM3yBczPx72QodT4Fm4X9B47FFEaghg+98FIBApANVdy3AJArHp
8Gel+3l+sTZ0X/Ske5z72UVwqLDuf8Da8bhkj0To0YNW0XDQwnaIomlZ9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIhHC+AyBygQDnMLKt6eMElupIlMB8GA1UdIwQY
MBaAFNBwlg7ZoNocm34kV+q8tmBHjQiuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEhDV0R0bWcyaHliZmlSWDZyeTJZRWVOQ0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wMzU1OGUtNjg4Zi00ZTFjLWE2NmYt
NmVlZmRhMTEwOGFkLzEvMEhDV0R0bWcyaHliZmlSWDZyeTJZRWVOQ0s0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wMzU1OGUtNjg4Zi00ZTFjLWE2NmYtNmVlZmRhMTEwOGFk
LzEvMEhDV0R0bWcyaHliZmlSWDZyeTJZRWVOQ0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIQeCHc2
TfRPjVI1NuTH4YY+kZN+aTveEY648poIeFFRL1V8AX03FX+4KxwJSufakkz/dEF2
MIl2Rpy38YYSM33nK5UR7+Mtf8eKtbb821kwEULvsfOC7hi5uom771Kv5/P58GiA
c1GOR/Tc/t9mhp8mQW6obAiDQ2s8z+8Uj1wkszX3h9xwSieeoWHZiVeWmkrHqIyK
Vyd2mIg6RZZFomJIW79/FZRkepoFKtdUyE0NfZtBQnSrCYHMizxfl8JHVQCbb1TW
u6kBw6kx4eb5b01UKnfy8LCYeSAjnThY+zfpo5pvugKPr4zvQ7qcxibejxOSAWiU
iMrSj7ITpTOkSg==
-----END CERTIFICATE-----
Generated at Fri Oct 24 08:25:44 2025 by rpki-client