Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.mft
File: 1-h1U4VhawJfD-R3vwDPdpXIuoeY.mft (raw, json)
Hash identifier: dIoog+uJyZ467DvJGrPdaiNuYRDkFa1UMt0dMcSkj3I=
Subject key identifier: 19:D8:E6:CE:B0:DB:74:61:DD:4A:F7:38:FA:1E:E7:30:4E:6D:0A:51
Authority key identifier: FA:1D:54:E1:58:5A:C0:97:C3:F9:1D:EF:C0:33:DD:A5:72:2E:A1:E6
Certificate issuer: /CN=fa1d54e1585ac097c3f91defc033dda5722ea1e6
Certificate serial: 019A71B7A9E0C7C1A98DD71227A5CFB2E4E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-h1U4VhawJfD-R3vwDPdpXIuoeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.mft
Manifest number: 01D4
Signing time: Tue 11 Nov 2025 07:00:53 +0000
Manifest this update: Tue 11 Nov 2025 07:00:53 +0000
Manifest next update: Wed 12 Nov 2025 07:00:53 +0000
Files and hashes: 1: 1-h1U4VhawJfD-R3vwDPdpXIuoeY.crl (hash: 5ZhUJNEPPi2C8VLzst3gAGgNK3zsetsknVA8vO257Rc=)
2: aw0urpJM4p93PhWqM7da0_3Fozc.roa (hash: y+1M15neToXwBCTOLJI0dSNYHmOEXNHkxHoQ5Af6Zqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-h1U4VhawJfD-R3vwDPdpXIuoeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:a9:e0:c7:c1:a9:8d:d7:12:27:a5:cf:b2:e4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1d54e1585ac097c3f91defc033dda5722ea1e6
Validity
Not Before: Nov 11 07:00:53 2025 GMT
Not After : Nov 12 07:00:53 2025 GMT
Subject: CN=19d8e6ceb0db7461dd4af738fa1ee7304e6d0a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9d:47:0d:7a:95:85:97:ed:4d:6d:11:7c:67:
c8:ca:ea:27:18:7d:9b:65:ba:5b:c7:52:24:bb:86:
2e:85:58:20:17:52:25:3d:0c:84:bd:3f:49:c0:bc:
d6:55:83:b0:46:48:5b:43:27:f3:d7:c3:c3:24:71:
6f:c1:99:53:92:3b:5c:b9:b2:d4:4e:96:65:24:ef:
70:86:fa:13:8a:af:45:c1:5d:06:af:15:3f:a9:f2:
c3:4e:d6:a1:85:db:66:73:84:01:aa:4f:ff:89:ae:
cf:ff:15:cb:a0:db:c8:d6:2f:a3:65:fd:6c:c9:91:
71:73:ec:51:ce:fb:cd:4b:4c:22:a8:3c:2b:bd:cb:
96:8b:83:7d:a6:ea:c6:a9:25:10:96:14:bd:22:be:
00:f1:98:61:ce:e9:b4:e2:28:0b:8f:79:56:00:ed:
2b:3d:37:0a:b5:e6:2c:22:4f:bb:17:06:3c:00:46:
43:71:80:fd:c1:2f:a4:32:86:af:d0:b5:1c:1d:a8:
3b:79:fe:9e:81:38:c8:76:2a:42:2c:28:49:a7:d9:
33:06:d3:38:85:ac:38:0b:0c:8e:bb:eb:bc:f2:53:
be:4c:62:62:07:d7:27:31:6a:49:3d:c8:6a:13:02:
f4:57:c9:2b:ec:0e:18:32:6f:e4:e8:61:19:2a:a7:
7e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D8:E6:CE:B0:DB:74:61:DD:4A:F7:38:FA:1E:E7:30:4E:6D:0A:51
X509v3 Authority Key Identifier:
keyid:FA:1D:54:E1:58:5A:C0:97:C3:F9:1D:EF:C0:33:DD:A5:72:2E:A1:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-h1U4VhawJfD-R3vwDPdpXIuoeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/4d700e-9f1e-4959-9cfd-b2b572e25afd/1/1-h1U4VhawJfD-R3vwDPdpXIuoeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:8a:fe:e5:bb:e1:59:52:69:de:e0:95:2f:72:1f:fc:96:47:
b9:42:9d:2e:38:ba:b1:84:80:c4:17:28:c7:08:fc:45:1d:42:
7c:18:95:b0:c9:7c:67:6a:f7:67:6a:7e:66:5d:7a:98:d3:29:
87:dd:7e:fc:63:3f:94:59:2a:90:df:2c:fe:74:47:5a:97:b1:
1e:87:ce:69:f0:ae:ae:76:0b:42:5d:cf:e8:4f:26:37:00:52:
f1:de:d6:a3:f4:75:85:69:92:b5:ac:50:da:77:b0:ac:92:f1:
16:1f:09:d0:75:91:4c:e2:52:27:34:13:31:40:f1:67:27:ad:
71:19:90:a7:fa:69:23:23:b0:87:21:30:c4:d9:57:85:15:41:
da:74:f0:c4:2b:b3:28:80:b6:78:fc:71:1c:e7:53:80:46:32:
c6:84:ba:cf:e7:c6:72:57:2c:1d:dc:f1:ed:27:98:0a:00:77:
65:e0:e3:9e:d8:5a:5b:1c:64:e8:e9:36:fc:5f:02:c4:85:a0:
6d:ca:74:f2:6f:b4:b2:67:31:02:eb:fa:7a:0e:09:49:00:40:
74:5a:dd:32:87:99:70:53:d5:3d:96:df:ba:9d:b7:02:0b:7b:
f6:49:f2:d1:df:30:d8:03:b8:31:6c:e7:b2:97:d4:0a:3a:31:
d9:71:b9:3e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZpxt6ngx8GpjdcSJ6XPsuToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWQ1NGUxNTg1YWMwOTdjM2Y5MWRlZmMwMzNkZGE1NzIy
ZWExZTYwHhcNMjUxMTExMDcwMDUzWhcNMjUxMTEyMDcwMDUzWjAzMTEwLwYDVQQD
EygxOWQ4ZTZjZWIwZGI3NDYxZGQ0YWY3MzhmYTFlZTczMDRlNmQwYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2J1HDXqVhZftTW0RfGfIyuonGH2b
Zbpbx1Iku4YuhVggF1IlPQyEvT9JwLzWVYOwRkhbQyfz18PDJHFvwZlTkjtcubLU
TpZlJO9whvoTiq9FwV0GrxU/qfLDTtahhdtmc4QBqk//ia7P/xXLoNvI1i+jZf1s
yZFxc+xRzvvNS0wiqDwrvcuWi4N9purGqSUQlhS9Ir4A8Zhhzum04igLj3lWAO0r
PTcKteYsIk+7FwY8AEZDcYD9wS+kMoav0LUcHag7ef6egTjIdipCLChJp9kzBtM4
haw4CwyOu+u88lO+TGJiB9cnMWpJPchqEwL0V8kr7A4YMm/k6GEZKqd+eQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBnY5s6w23Rh3Ur3OPoe5zBObQpRMB8GA1UdIwQY
MBaAFPodVOFYWsCXw/kd78Az3aVyLqHmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oMVU0Vmhhd0pmRC1SM3Z3RFBkcFhJdW9lWS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgvNGQ3MDBlLTlmMWUtNDk1OS05Y2Zk
LWIyYjU3MmUyNWFmZC8xLzEtaDFVNFZoYXdKZkQtUjN2d0RQZHBYSXVvZVkubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL2E4LzRkNzAwZS05ZjFlLTQ5NTktOWNmZC1iMmI1NzJlMjVh
ZmQvMS8xLWgxVTRWaGF3SmZELVIzdndEUGRwWEl1b2VZLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGIr+
5bvhWVJp3uCVL3If/JZHuUKdLji6sYSAxBcoxwj8RR1CfBiVsMl8Z2r3Z2p+Zl16
mNMph91+/GM/lFkqkN8s/nRHWpexHofOafCurnYLQl3P6E8mNwBS8d7Wo/R1hWmS
taxQ2newrJLxFh8J0HWRTOJSJzQTMUDxZyetcRmQp/ppIyOwhyEwxNlXhRVB2nTw
xCuzKIC2ePxxHOdTgEYyxoS6z+fGclcsHdzx7SeYCgB3ZeDjnthaWxxk6Ok2/F8C
xIWgbcp08m+0smcxAuv6eg4JSQBAdFrdMoeZcFPVPZbfup23Agt79kny0d8w2AO4
MWznspfUCjox2XG5Pg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:50 2025 by rpki-client