Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft
File: fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft (raw, json)
Hash identifier: 4p+ZzPa/y3FjEeDTeU2NVSZJMQmW+jRwDgjsayvD7Go=
Subject key identifier: 29:38:CE:D6:8A:E3:EE:05:EE:66:63:0D:B8:8D:5C:44:DB:CB:1C:91
Authority key identifier: 7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
Certificate issuer: /CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Certificate serial: 019A21773BD2697522D52FC39B03ECCF9187
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft
Manifest number: 16F6
Signing time: Sun 26 Oct 2025 17:00:53 +0000
Manifest this update: Sun 26 Oct 2025 17:00:53 +0000
Manifest next update: Mon 27 Oct 2025 17:00:53 +0000
Files and hashes: 1: W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa (hash: OmbyY76V+595ZQjAafvVZcWcNGfzKgZ8Ut3VoJKhN9E=)
2: fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl (hash: mDlUOGFlYKsAz62or+N9uBJ2p9143lLvCeSJk/eDSuE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 17:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:77:3b:d2:69:75:22:d5:2f:c3:9b:03:ec:cf:91:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Validity
Not Before: Oct 26 17:00:53 2025 GMT
Not After : Oct 27 17:00:53 2025 GMT
Subject: CN=2938ced68ae3ee05ee66630db88d5c44dbcb1c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:69:ef:fd:66:9c:92:ae:fb:38:6b:cb:b0:
09:e6:12:2f:a3:fb:e0:25:39:81:4f:8a:d8:f1:49:
f8:6d:bd:2c:18:8d:f6:f2:52:5e:8d:b0:eb:a8:9a:
44:ec:46:79:87:8e:6d:22:d1:f8:e0:81:45:79:8d:
36:3d:7e:19:02:72:3d:dd:69:bc:c8:78:c5:2f:6c:
59:fe:6c:91:1e:c0:82:31:fd:aa:15:c4:32:da:3d:
63:21:2d:f8:6f:42:25:ae:d0:2a:71:c8:c5:e4:87:
08:7e:d6:76:39:6c:52:08:d2:d4:dc:84:af:4e:a8:
84:5e:ee:2a:1a:4b:f5:ec:9e:47:a9:ab:9c:e6:cb:
82:2a:2c:cd:c0:b9:32:b5:cf:c4:95:c3:d1:fd:2a:
ac:34:77:e6:e6:63:0c:a8:cd:c1:f5:1e:c4:27:1d:
72:00:d2:3a:84:d0:7a:cb:69:41:85:aa:49:b8:e3:
94:73:09:06:de:df:e4:9f:ee:34:aa:48:5d:ee:f5:
e4:ab:f0:cd:3b:74:e2:fb:37:1a:ce:60:a7:bd:aa:
23:c4:69:e9:2b:cd:19:b8:ea:88:fa:ae:91:74:63:
a0:78:1e:e9:f2:bd:51:bf:ae:1d:b1:fa:3a:d4:71:
3d:28:89:0b:9b:45:e8:5b:70:f3:f9:e6:94:1a:e7:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:38:CE:D6:8A:E3:EE:05:EE:66:63:0D:B8:8D:5C:44:DB:CB:1C:91
X509v3 Authority Key Identifier:
keyid:7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:65:95:45:5f:94:bd:8d:3a:04:69:e1:86:95:c9:10:53:71:
3d:1f:6b:3f:ae:0a:39:f3:67:75:79:7a:57:93:af:34:a2:de:
6c:a3:a9:ce:c9:5a:f2:dd:52:78:ca:6e:8f:7c:ae:2e:1a:de:
8a:22:45:12:70:08:26:93:8b:f0:ca:13:95:70:a6:6c:eb:8c:
49:6f:8c:0b:bc:f6:b3:f7:69:24:96:b0:5b:7d:f5:32:bc:4b:
c9:5e:59:f8:2c:69:07:c6:dd:10:1b:dd:dd:45:94:72:dd:fd:
f8:9d:e4:62:52:e2:ff:b1:d1:58:9e:51:49:a8:8b:31:0b:53:
ce:50:67:fa:98:ea:d6:89:3f:1c:dc:92:01:ac:8a:16:e9:01:
48:9d:a9:51:65:4e:c3:c3:32:7e:12:67:a9:19:79:89:6e:f9:
7b:9c:c6:a5:0e:d2:a6:e3:ae:ce:8c:69:a1:e8:8f:ec:b1:29:
3f:d2:6d:d9:f8:a5:b2:7b:d7:b7:26:05:72:66:2b:a3:20:57:
47:87:59:41:ca:5c:e9:da:88:6c:b9:da:bd:f4:57:41:61:27:
a8:11:1b:5e:40:8d:42:f0:fc:37:ed:66:4d:8f:b5:d1:14:e2:
59:58:4c:eb:30:2f:e5:36:1e:f3:85:23:79:30:37:87:03:cc:
20:7a:27:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohdzvSaXUi1S/DmwPsz5GHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTM0MTRiZGMyMzEyNDAwZGZhOWY1MDY1MGQ1MWVlMDQ0
M2RmMTYwHhcNMjUxMDI2MTcwMDUzWhcNMjUxMDI3MTcwMDUzWjAzMTEwLwYDVQQD
EygyOTM4Y2VkNjhhZTNlZTA1ZWU2NjYzMGRiODhkNWM0NGRiY2IxYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy5p7/1mnJKu+zhry7AJ5hIvo/vg
JTmBT4rY8Un4bb0sGI328lJejbDrqJpE7EZ5h45tItH44IFFeY02PX4ZAnI93Wm8
yHjFL2xZ/myRHsCCMf2qFcQy2j1jIS34b0IlrtAqccjF5IcIftZ2OWxSCNLU3ISv
TqiEXu4qGkv17J5Hqauc5suCKizNwLkytc/ElcPR/SqsNHfm5mMMqM3B9R7EJx1y
ANI6hNB6y2lBhapJuOOUcwkG3t/kn+40qkhd7vXkq/DNO3Ti+zcazmCnvaojxGnp
K80ZuOqI+q6RdGOgeB7p8r1Rv64dsfo61HE9KIkLm0XoW3Dz+eaUGudqewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCk4ztaK4+4F7mZjDbiNXETbyxyRMB8GA1UdIwQY
MBaAFH4TQUvcIxJADfqfUGUNUe4EQ98WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQt
MDRmY2VjYWQ3MGVjLzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQtMDRmY2VjYWQ3MGVj
LzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGWVRV+U
vY06BGnhhpXJEFNxPR9rP64KOfNndXl6V5OvNKLebKOpzsla8t1SeMpuj3yuLhre
iiJFEnAIJpOL8MoTlXCmbOuMSW+MC7z2s/dpJJawW331MrxLyV5Z+CxpB8bdEBvd
3UWUct39+J3kYlLi/7HRWJ5RSaiLMQtTzlBn+pjq1ok/HNySAayKFukBSJ2pUWVO
w8MyfhJnqRl5iW75e5zGpQ7SpuOuzoxpoeiP7LEpP9Jt2filsnvXtyYFcmYroyBX
R4dZQcpc6dqIbLnavfRXQWEnqBEbXkCNQvD8N+1mTY+10RTiWVhM6zAv5TYe84Uj
eTA3hwPMIHonDQ==
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:55:37 2025 by rpki-client