Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json)
Hash identifier: sQCFJNtKFIbgQNCMIxmrOZXnah8srRLHug0Wy0eRdww=
Subject key identifier: 9E:92:71:3C:71:B7:89:7F:F4:64:C4:C8:9A:9E:3B:54:9D:6C:32:EF
Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Certificate serial: 019A722608E1B6F279CF2E471BA4EE4DD453
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
Manifest number: 02C8
Signing time: Tue 11 Nov 2025 09:01:26 +0000
Manifest this update: Tue 11 Nov 2025 09:01:26 +0000
Manifest next update: Wed 12 Nov 2025 09:01:26 +0000
Files and hashes: 1: cllA8kNp-t480y7IfyyWuiklziY.roa (hash: 5bq8pPC98WVuN+UCw7i3OOCXOObrhETW5cCP805rEU4=)
2: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: 81V85l3qTmrFVm45tvcZK9uWD3OLlw5F/nI67mw5G58=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:08:e1:b6:f2:79:cf:2e:47:1b:a4:ee:4d:d4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Validity
Not Before: Nov 11 09:01:26 2025 GMT
Not After : Nov 12 09:01:26 2025 GMT
Subject: CN=9e92713c71b7897ff464c4c89a9e3b549d6c32ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:e6:cc:7c:ce:a3:a2:aa:eb:b1:41:51:e4:
b0:2f:43:48:f1:37:85:ec:aa:f9:1a:8f:fd:da:56:
13:c6:ee:5b:20:d6:ef:10:66:b4:f0:fa:b6:ea:06:
66:e6:70:0b:10:cd:e0:d0:02:2c:49:f2:83:f4:61:
f3:f2:d8:51:1a:72:20:90:02:7c:6a:0a:e5:31:7d:
a2:b3:e0:35:dc:ed:ee:a5:54:b1:1d:18:97:2c:7b:
1f:5d:e0:85:fc:11:e3:e7:46:a1:70:9e:c0:0d:0e:
e3:86:06:d3:0e:b3:49:fd:b7:56:da:af:ba:51:12:
8d:20:6e:54:d3:30:e5:3f:fb:02:90:50:bb:3e:4c:
86:bb:55:ff:ce:d0:26:0a:61:56:c6:4d:3b:68:e6:
a9:f4:72:7e:22:a8:fd:03:fa:43:45:cd:ba:25:a6:
59:70:19:91:a5:9d:df:9e:d5:0f:60:ce:dc:99:ee:
b2:28:42:0c:44:05:25:d4:4e:e4:dc:5d:e2:07:7a:
04:0e:67:c2:ef:e4:78:10:86:e4:2e:49:db:43:45:
ea:78:af:c1:38:06:50:9c:04:8d:ba:c9:fe:24:09:
06:4e:db:72:62:b9:a7:c8:ba:46:06:04:c6:52:02:
2a:c4:48:59:13:23:ec:dd:9e:9e:8a:ff:ba:bd:56:
0b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:71:3C:71:B7:89:7F:F4:64:C4:C8:9A:9E:3B:54:9D:6C:32:EF
X509v3 Authority Key Identifier:
keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:4c:24:21:9d:25:b1:94:33:05:f4:16:c0:7a:4e:ea:c6:c0:
86:e0:30:e1:f1:da:37:76:5e:5b:24:5a:17:df:6e:af:cd:45:
80:81:4b:a7:af:1d:6b:c1:98:dd:a5:3d:43:93:ea:30:4b:48:
27:d2:18:67:f2:34:3c:4e:38:d6:2c:8e:30:35:ef:ca:2e:2a:
79:d2:0e:02:52:6a:bf:b7:f2:a5:56:dc:f1:5b:16:7d:21:91:
e5:4b:4f:fe:fa:70:3f:e0:b3:e5:ae:67:ac:dd:13:c8:79:4c:
7c:f2:4a:fe:cd:35:61:e7:df:c1:6f:0f:a4:f9:02:00:64:3f:
3b:fb:c7:67:94:db:a8:f8:85:29:d7:72:99:02:bd:76:17:0e:
3d:a5:a5:c2:b5:8e:bc:a6:91:48:91:9e:b3:16:5a:b4:75:61:
bd:f3:be:15:f3:ad:c6:b6:9a:9e:4f:16:38:aa:00:05:c5:11:
2f:09:76:83:aa:08:e8:e6:27:fb:90:09:bb:ba:44:d5:30:7d:
b9:9e:6c:76:ca:3f:e1:b7:a3:b7:e7:8e:dd:e7:9a:0c:3e:d1:
ea:e3:8b:fe:3e:43:e9:06:2b:3d:39:18:58:6b:ee:99:56:bf:
93:63:67:c4:28:da:f5:8a:97:fa:d3:43:3e:de:d0:d7:e8:7c:
27:b6:01:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgjhtvJ5zy5HG6TuTdRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0
YTM3ZDgwHhcNMjUxMTExMDkwMTI2WhcNMjUxMTEyMDkwMTI2WjAzMTEwLwYDVQQD
Eyg5ZTkyNzEzYzcxYjc4OTdmZjQ2NGM0Yzg5YTllM2I1NDlkNmMzMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPbmzHzOo6Kq67FBUeSwL0NI8TeF
7Kr5Go/92lYTxu5bINbvEGa08Pq26gZm5nALEM3g0AIsSfKD9GHz8thRGnIgkAJ8
agrlMX2is+A13O3upVSxHRiXLHsfXeCF/BHj50ahcJ7ADQ7jhgbTDrNJ/bdW2q+6
URKNIG5U0zDlP/sCkFC7PkyGu1X/ztAmCmFWxk07aOap9HJ+Iqj9A/pDRc26JaZZ
cBmRpZ3fntUPYM7cme6yKEIMRAUl1E7k3F3iB3oEDmfC7+R4EIbkLknbQ0XqeK/B
OAZQnASNusn+JAkGTttyYrmnyLpGBgTGUgIqxEhZEyPs3Z6eiv+6vVYLbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6ScTxxt4l/9GTEyJqeO1SdbDLvMB8GA1UdIwQY
MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt
ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj
LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0wkIZ0l
sZQzBfQWwHpO6sbAhuAw4fHaN3ZeWyRaF99ur81FgIFLp68da8GY3aU9Q5PqMEtI
J9IYZ/I0PE441iyOMDXvyi4qedIOAlJqv7fypVbc8VsWfSGR5UtP/vpwP+Cz5a5n
rN0TyHlMfPJK/s01YeffwW8PpPkCAGQ/O/vHZ5TbqPiFKddymQK9dhcOPaWlwrWO
vKaRSJGesxZatHVhvfO+FfOtxraank8WOKoABcURLwl2g6oI6OYn+5AJu7pE1TB9
uZ5sdso/4bejt+eO3eeaDD7R6uOL/j5D6QYrPTkYWGvumVa/k2NnxCja9YqX+tND
Pt7Q1+h8J7YBzw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:59 2025 by rpki-client