Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft
File: hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft (raw, json)
Hash identifier: JBFpgs2hZH0xmnZcUxgNJbI9KIepsER0qbLHHmdn8PE=
Subject key identifier: 8E:E0:69:A6:6D:C5:ED:21:7A:FD:CA:D1:BB:5B:D3:24:E0:71:00:E1
Authority key identifier: 85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80
Certificate issuer: /CN=854e103aaec432fc191d49819bd1ab71fe1cfa80
Certificate serial: 019A71B8AAAB4307A2BAFBC5AB0FF7B9C93D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 07:01:58 +0000
Manifest this update: Tue 11 Nov 2025 07:01:58 +0000
Manifest next update: Wed 12 Nov 2025 07:01:58 +0000
Files and hashes: 1: KUCsTzvnwNnMm7Jeca6aVL9k1f0.roa (hash: 08CBdTpQIdxpgYISvMqyNDiM+ICQK0H520OtR31swUg=)
2: hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl (hash: 3j8JoewNL60LnuA1qBOcw/K5AahRAyXBflbKr5B7ajo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:aa:ab:43:07:a2:ba:fb:c5:ab:0f:f7:b9:c9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854e103aaec432fc191d49819bd1ab71fe1cfa80
Validity
Not Before: Nov 11 07:01:58 2025 GMT
Not After : Nov 12 07:01:58 2025 GMT
Subject: CN=8ee069a66dc5ed217afdcad1bb5bd324e07100e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d9:4a:87:d1:49:7b:7b:f3:b5:79:7d:19:eb:
7a:06:9a:08:11:8f:0d:de:53:38:c2:5e:99:5b:0e:
af:fa:5a:e8:33:ab:a5:2c:b8:ab:d6:e8:e4:50:41:
32:d6:92:27:ad:f8:46:38:60:bd:65:c0:5e:5f:2f:
dc:df:20:c5:39:a7:3a:0f:9b:a3:16:c9:6d:65:ff:
b7:60:3c:d5:d3:7a:f6:f4:89:ef:0b:03:d1:97:a4:
f7:5e:e2:46:dd:35:6e:aa:db:e2:41:15:e0:bc:50:
5f:5e:05:d1:1a:b0:a0:fe:34:52:55:ce:6e:16:1b:
2b:08:c2:00:11:92:42:16:f1:28:3a:3e:4a:54:9c:
3a:75:34:5d:c0:8b:4c:e7:8c:a6:78:dc:4f:c7:8f:
30:53:dd:62:d9:58:84:21:eb:18:7e:55:48:ce:4d:
7a:ea:d1:b7:9e:3b:50:c6:a4:db:b1:e7:5c:05:a9:
4d:41:ca:35:02:e6:84:e6:52:c7:c9:c3:50:07:60:
b4:8f:d1:94:57:55:fb:1e:4c:7d:a0:94:bc:7c:f9:
44:2f:6f:7a:27:60:3f:04:89:84:5d:90:a5:be:3d:
f7:7e:41:82:0f:dc:5e:41:14:62:9e:ef:47:bd:82:
ab:8a:6d:23:35:44:59:4c:6f:9c:cd:07:7e:36:e7:
97:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E0:69:A6:6D:C5:ED:21:7A:FD:CA:D1:BB:5B:D3:24:E0:71:00:E1
X509v3 Authority Key Identifier:
keyid:85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:27:c6:52:07:2b:e6:02:97:26:09:c6:7e:da:7f:cd:1a:41:
5e:ce:73:67:d3:dd:d4:74:df:80:03:d6:f7:78:24:10:b9:cc:
18:90:ba:49:d6:8c:4b:82:f0:69:5a:2b:5b:05:6e:3a:e8:40:
f3:aa:4a:1b:60:74:5b:b2:69:2c:10:90:63:e6:66:84:8c:98:
7d:70:39:74:62:ec:7f:8a:44:a9:c3:7d:20:68:74:38:f6:91:
45:33:06:17:11:25:69:94:53:9c:fe:8c:15:54:f3:fc:70:94:
05:1f:0d:64:82:0a:0a:72:e3:9e:50:ad:1f:99:23:00:99:f0:
3b:bc:c0:13:13:2b:38:42:06:d0:bf:83:35:22:a5:90:67:6a:
c5:cf:17:b4:ff:46:60:0b:f4:1f:0d:f5:45:14:ce:de:bf:50:
4c:f9:9e:15:69:52:23:76:b4:0e:f0:16:37:ca:0e:2a:5d:1a:
20:21:86:d9:d1:48:65:b2:37:60:c2:73:b2:25:d2:39:c4:a4:
61:6c:65:79:bf:78:9d:db:ea:38:c8:d7:6b:67:0c:a8:b0:fc:
be:b5:18:92:6b:11:0c:a5:e5:09:2a:9e:65:17:ee:33:77:2f:
62:7b:37:0a:d7:de:2a:d2:2e:c9:0d:5c:a4:08:23:3c:28:c9:
12:45:28:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKqrQweiuvvFqw/3uck9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGUxMDNhYWVjNDMyZmMxOTFkNDk4MTliZDFhYjcxZmUx
Y2ZhODAwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
Eyg4ZWUwNjlhNjZkYzVlZDIxN2FmZGNhZDFiYjViZDMyNGUwNzEwMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79lKh9FJe3vztXl9Get6BpoIEY8N
3lM4wl6ZWw6v+lroM6ulLLir1ujkUEEy1pInrfhGOGC9ZcBeXy/c3yDFOac6D5uj
FsltZf+3YDzV03r29InvCwPRl6T3XuJG3TVuqtviQRXgvFBfXgXRGrCg/jRSVc5u
FhsrCMIAEZJCFvEoOj5KVJw6dTRdwItM54ymeNxPx48wU91i2ViEIesYflVIzk16
6tG3njtQxqTbsedcBalNQco1AuaE5lLHycNQB2C0j9GUV1X7Hkx9oJS8fPlEL296
J2A/BImEXZClvj33fkGCD9xeQRRinu9HvYKrim0jNURZTG+czQd+NueXZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7gaaZtxe0hev3K0btb0yTgcQDhMB8GA1UdIwQY
MBaAFIVOEDquxDL8GR1JgZvRq3H+HPqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEt
OWMwMWRmN2I5ZTY2LzEvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEtOWMwMWRmN2I5ZTY2
LzEvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCfGUgcr
5gKXJgnGftp/zRpBXs5zZ9Pd1HTfgAPW93gkELnMGJC6SdaMS4LwaVorWwVuOuhA
86pKG2B0W7JpLBCQY+ZmhIyYfXA5dGLsf4pEqcN9IGh0OPaRRTMGFxElaZRTnP6M
FVTz/HCUBR8NZIIKCnLjnlCtH5kjAJnwO7zAExMrOEIG0L+DNSKlkGdqxc8XtP9G
YAv0Hw31RRTO3r9QTPmeFWlSI3a0DvAWN8oOKl0aICGG2dFIZbI3YMJzsiXSOcSk
YWxleb94ndvqOMjXa2cMqLD8vrUYkmsRDKXlCSqeZRfuM3cvYns3CtfeKtIuyQ1c
pAgjPCjJEkUocw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:03 2025 by rpki-client