Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
File: h0HsF9wDCbE9iKZ-oi3Luyak46E.mft (raw, json)
Hash identifier: vcki/TwExrKrlHcfCcshPqsGFR0BpuYVsJQ2Rknz1lM=
Subject key identifier: 4C:D1:57:56:41:92:BC:CE:FC:FA:E6:08:26:D7:F2:E6:33:89:E7:A0
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 019A2409A646DDBCFD96AE6723EF8F4816D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
Manifest number: 0A23
Signing time: Mon 27 Oct 2025 05:00:03 +0000
Manifest this update: Mon 27 Oct 2025 05:00:03 +0000
Manifest next update: Tue 28 Oct 2025 05:00:03 +0000
Files and hashes: 1: cASyfuH0abUwpn-V7hmuZSIQ09c.roa (hash: U2HpSDc4zJjb5yR4FxelHkJvS6rW6HvOOx+N/+WSuMk=)
2: h0HsF9wDCbE9iKZ-oi3Luyak46E.crl (hash: B39Qd85f+mJos04fUVPh32geAotVE4RY2G0FhORCvKA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 05:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:09:a6:46:dd:bc:fd:96:ae:67:23:ef:8f:48:16:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Oct 27 05:00:03 2025 GMT
Not After : Oct 28 05:00:03 2025 GMT
Subject: CN=4cd157564192bccefcfae60826d7f2e63389e7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:48:28:6e:7c:a5:b6:46:90:58:ea:08:2a:6b:
6e:3b:d2:b8:ab:e5:0c:28:86:0f:69:6b:5a:83:3d:
2c:a4:ab:a7:b4:12:4c:d8:a3:ce:f2:d1:db:c7:66:
88:23:79:05:71:da:8b:b1:f7:eb:52:22:b5:5b:12:
f0:08:bd:0d:5f:9d:16:1b:cb:f7:e6:9f:e7:40:9b:
5d:e3:ab:c1:36:fe:5b:25:b2:cf:30:9e:da:a8:c4:
ee:21:7c:6b:5f:0b:c5:53:6f:7b:ff:55:ff:b9:3c:
67:5e:a5:76:98:07:46:a7:e2:71:30:c9:27:2e:80:
85:cf:7c:f1:a4:ad:46:53:f7:94:9e:26:fd:27:0a:
a0:d0:d2:e5:5f:00:40:c9:3a:84:2b:5b:03:f9:57:
70:e2:9d:e2:e2:14:1f:f4:09:6a:08:08:e7:50:be:
55:76:c1:73:af:f9:4b:7f:bb:75:2b:71:0e:79:35:
e7:99:62:f0:d6:5c:27:8e:ec:2e:a6:b9:50:0d:41:
70:68:b5:3f:80:40:d3:9d:9a:28:6a:3a:1a:19:c1:
e6:3f:c2:3e:59:af:cc:53:26:77:ff:04:6c:cd:65:
19:ef:d8:b0:12:f3:5e:d0:f4:00:96:c1:71:49:8c:
bb:f9:54:22:a0:c4:da:37:a8:62:52:c0:d3:3c:58:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D1:57:56:41:92:BC:CE:FC:FA:E6:08:26:D7:F2:E6:33:89:E7:A0
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:80:c3:da:50:1a:bb:61:de:e8:b6:b3:68:55:00:bf:f2:05:
b5:2f:d2:e9:e3:e6:4b:02:52:9f:38:2a:cd:b4:48:1d:31:7f:
26:45:8a:69:f2:8d:61:9f:63:f9:cd:05:c8:9e:4b:9b:d0:cc:
21:22:eb:02:fc:ae:be:38:c5:03:a4:bb:78:b9:cd:35:f3:ec:
da:28:11:72:c2:e2:29:59:1c:a5:54:d2:c3:22:a3:e5:9b:22:
dc:a1:58:62:d3:f9:85:0e:b4:45:fd:f8:c3:cb:43:80:d0:9f:
69:e5:a5:5b:a2:a6:7e:ff:93:b5:0c:6b:41:b6:1d:cf:e0:05:
bd:a6:ed:6e:e4:e6:43:9e:e9:99:cc:2c:1c:b4:8d:39:5c:8d:
dd:b9:eb:a7:78:44:ca:9b:13:1c:c0:d0:8b:37:b3:31:2d:d2:
3c:69:bc:ae:15:6e:16:a7:2c:23:26:47:ad:93:e2:33:26:73:
f8:fd:10:85:25:8d:e7:92:93:f3:02:14:d1:9b:36:db:ce:93:
39:80:8a:e5:3b:2d:d3:78:e2:32:ce:d7:1b:16:a7:2f:01:b9:
6a:22:3d:ce:70:0e:b5:18:25:43:c1:05:4d:5b:f7:b5:f1:05:
b2:d9:f5:14:55:24:9c:60:19:67:3c:ff:65:1f:33:5c:52:2f:
ef:38:9e:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokCaZG3bz9lq5nI++PSBbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjUxMDI3MDUwMDAzWhcNMjUxMDI4MDUwMDAzWjAzMTEwLwYDVQQD
Eyg0Y2QxNTc1NjQxOTJiY2NlZmNmYWU2MDgyNmQ3ZjJlNjMzODllN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0gobnyltkaQWOoIKmtuO9K4q+UM
KIYPaWtagz0spKuntBJM2KPO8tHbx2aII3kFcdqLsffrUiK1WxLwCL0NX50WG8v3
5p/nQJtd46vBNv5bJbLPMJ7aqMTuIXxrXwvFU297/1X/uTxnXqV2mAdGp+JxMMkn
LoCFz3zxpK1GU/eUnib9Jwqg0NLlXwBAyTqEK1sD+Vdw4p3i4hQf9AlqCAjnUL5V
dsFzr/lLf7t1K3EOeTXnmWLw1lwnjuwuprlQDUFwaLU/gEDTnZooajoaGcHmP8I+
Wa/MUyZ3/wRszWUZ79iwEvNe0PQAlsFxSYy7+VQioMTaN6hiUsDTPFhxrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzRV1ZBkrzO/PrmCCbX8uYzieegMB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAroDD2lAa
u2He6LazaFUAv/IFtS/S6ePmSwJSnzgqzbRIHTF/JkWKafKNYZ9j+c0FyJ5Lm9DM
ISLrAvyuvjjFA6S7eLnNNfPs2igRcsLiKVkcpVTSwyKj5Zsi3KFYYtP5hQ60Rf34
w8tDgNCfaeWlW6Kmfv+TtQxrQbYdz+AFvabtbuTmQ57pmcwsHLSNOVyN3bnrp3hE
ypsTHMDQizezMS3SPGm8rhVuFqcsIyZHrZPiMyZz+P0QhSWN55KT8wIU0Zs2286T
OYCK5Tst03jiMs7XGxanLwG5aiI9znAOtRglQ8EFTVv3tfEFstn1FFUknGAZZzz/
ZR8zXFIv7zieXg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 11:55:31 2025 by rpki-client