Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: VaOGNfTLHa/Q/UCMFcaksZ0cTQEaiwNwz9Jr+z1s+0U=
Subject key identifier: 95:52:27:02:2E:FC:00:F6:F7:5F:44:19:18:D0:A6:54:2D:B6:2D:F9
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 019A72CA2F86DBB6FDB546B5E155FD83DECB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 12:00:44 +0000
Manifest this update: Tue 11 Nov 2025 12:00:44 +0000
Manifest next update: Wed 12 Nov 2025 12:00:44 +0000
Files and hashes: 1: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (hash: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: uQeykrd7O4zPJcGTf78AowPSC0UL9Aqlvv/MQolJoyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:2f:86:db:b6:fd:b5:46:b5:e1:55:fd:83:de:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Nov 11 12:00:44 2025 GMT
Not After : Nov 12 12:00:44 2025 GMT
Subject: CN=955227022efc00f6f75f441918d0a6542db62df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:70:0f:c6:77:4c:9f:d8:4f:82:99:5a:10:77:
6d:14:2d:d3:0a:b2:06:94:d6:34:5f:e8:d3:8b:33:
f6:63:af:bd:31:68:3e:8e:79:b0:0f:da:72:4f:b6:
3f:81:f2:ea:17:4b:22:3e:c0:cc:ef:04:be:44:d2:
7e:2e:6f:f7:c8:82:97:6b:f8:df:47:f2:cd:61:28:
42:92:5d:53:d2:87:e6:e0:ae:0e:02:b1:e0:4e:85:
e5:f6:07:a3:a3:6b:f7:ab:13:3c:9a:18:29:3b:72:
00:6b:e4:73:99:cd:e0:8d:95:1d:fb:3a:fc:bf:74:
51:7c:a3:09:85:39:e1:de:c0:a7:c0:d3:bb:8c:02:
ce:5b:3a:4b:da:9d:d4:52:69:13:f6:11:a8:a6:bc:
bf:76:23:5e:4b:60:68:dc:26:a2:d7:2f:f5:5e:9f:
77:09:d0:12:52:4e:b8:ff:32:fa:a3:5a:c6:5f:18:
92:9c:54:19:f7:76:92:26:91:b3:2f:86:82:d7:70:
d7:82:b4:1c:31:5e:a5:25:f3:d2:3e:2f:37:cf:e7:
87:ad:01:da:ea:02:9d:5a:5a:ae:4d:f2:71:b9:09:
78:bc:64:37:83:b3:58:7f:06:f4:e6:15:f1:e4:ee:
f0:23:c2:97:29:1e:48:6f:d0:eb:52:82:ae:af:d5:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:52:27:02:2E:FC:00:F6:F7:5F:44:19:18:D0:A6:54:2D:B6:2D:F9
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:51:ec:f6:bb:d9:ca:75:11:05:5f:af:d5:76:d2:8d:60:21:
04:ef:b1:4c:53:eb:aa:eb:c1:24:3c:b8:85:03:f6:ee:5e:e6:
75:bc:15:e1:dd:7c:9d:25:3f:bd:44:52:ba:06:35:9e:1b:1c:
f1:f6:ca:84:25:97:62:e4:81:fb:81:37:41:e0:60:24:f6:0a:
1c:ac:9c:87:b5:be:ec:a4:85:8d:c0:c4:8f:38:13:28:de:2d:
43:a8:88:4f:f9:fd:57:d1:ea:0d:4b:39:dc:de:00:e9:fb:c8:
e8:3a:a9:a9:cb:50:7d:2b:1d:b6:4f:3e:5a:8e:10:be:b0:0b:
5f:bd:ba:c7:af:dc:96:f2:a4:89:ae:40:4c:b3:85:a6:4d:2a:
55:84:a9:ce:0a:b7:15:4f:6a:ee:b6:0f:c9:13:08:91:b0:a3:
13:ef:99:a1:c0:ff:b5:4d:db:a3:da:43:d6:74:cc:09:d4:18:
a6:95:72:af:af:f7:11:97:55:42:5c:74:b6:a0:9e:2c:11:ba:
c6:60:4b:71:d6:48:8f:78:e9:f5:0c:6a:12:ce:ee:33:87:0b:
05:07:b2:fd:29:8e:bf:17:12:91:c7:ec:4d:87:a8:f5:7f:58:
a5:8b:2d:f5:24:4e:4b:e6:6e:3b:fb:fe:84:e2:6c:ae:1e:01:
af:2c:4b:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyi+G27b9tUa14VX9g97LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUxMTExMTIwMDQ0WhcNMjUxMTEyMTIwMDQ0WjAzMTEwLwYDVQQD
Eyg5NTUyMjcwMjJlZmMwMGY2Zjc1ZjQ0MTkxOGQwYTY1NDJkYjYyZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXAPxndMn9hPgplaEHdtFC3TCrIG
lNY0X+jTizP2Y6+9MWg+jnmwD9pyT7Y/gfLqF0siPsDM7wS+RNJ+Lm/3yIKXa/jf
R/LNYShCkl1T0ofm4K4OArHgToXl9gejo2v3qxM8mhgpO3IAa+Rzmc3gjZUd+zr8
v3RRfKMJhTnh3sCnwNO7jALOWzpL2p3UUmkT9hGopry/diNeS2Bo3Cai1y/1Xp93
CdASUk64/zL6o1rGXxiSnFQZ93aSJpGzL4aC13DXgrQcMV6lJfPSPi83z+eHrQHa
6gKdWlquTfJxuQl4vGQ3g7NYfwb05hXx5O7wI8KXKR5Ib9DrUoKur9WWCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVSJwIu/AD2919EGRjQplQtti35MB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq1Hs9rvZ
ynURBV+v1XbSjWAhBO+xTFPrquvBJDy4hQP27l7mdbwV4d18nSU/vURSugY1nhsc
8fbKhCWXYuSB+4E3QeBgJPYKHKych7W+7KSFjcDEjzgTKN4tQ6iIT/n9V9HqDUs5
3N4A6fvI6DqpqctQfSsdtk8+Wo4QvrALX726x6/clvKkia5ATLOFpk0qVYSpzgq3
FU9q7rYPyRMIkbCjE++ZocD/tU3bo9pD1nTMCdQYppVyr6/3EZdVQlx0tqCeLBG6
xmBLcdZIj3jp9QxqEs7uM4cLBQey/SmOvxcSkcfsTYeo9X9YpYst9SROS+ZuO/v+
hOJsrh4BryxLdA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:11:28 2025 by rpki-client