Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
File: x0heKfEYwBvobBnmaPrPpIXecYw.mft (raw, json)
Hash identifier: qm+JCg2rjIgB6NLn8iGsRHK5rDW6JPifc6Nloo6X08k=
Subject key identifier: 95:6F:30:C9:71:19:F4:E7:FE:F1:C3:72:81:90:2C:E9:03:27:FA:AD
Authority key identifier: C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
Certificate issuer: /CN=c7485e29f118c01be86c19e668facfa485de718c
Certificate serial: 019A70DBEA0DD71C6420FEEB123B3EBFBE54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
Manifest number: 0E44
Signing time: Tue 11 Nov 2025 03:00:51 +0000
Manifest this update: Tue 11 Nov 2025 03:00:51 +0000
Manifest next update: Wed 12 Nov 2025 03:00:51 +0000
Files and hashes: 1: t18UoHeAEcZ6Yu4NKG2nAheiZEs.roa (hash: RypsXYxji2dJaH2ZVLBlo3yRoSbmcerkP3rshZoohgo=)
2: x0heKfEYwBvobBnmaPrPpIXecYw.crl (hash: OK4mvExXVR/UfXQzEvR/0jf/KGD0Nankc0RZrYw7qXE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:ea:0d:d7:1c:64:20:fe:eb:12:3b:3e:bf:be:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7485e29f118c01be86c19e668facfa485de718c
Validity
Not Before: Nov 11 03:00:51 2025 GMT
Not After : Nov 12 03:00:51 2025 GMT
Subject: CN=956f30c97119f4e7fef1c37281902ce90327faad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:f0:3b:2c:08:c6:fb:62:77:68:b7:15:d0:
df:f7:ff:6f:33:62:8b:3b:e6:3e:c9:9f:2b:5d:6d:
a4:85:eb:b8:00:53:f0:3b:e8:ba:b7:62:25:a6:7b:
93:d6:ee:ee:4f:f8:90:92:97:5e:2d:2e:a4:0a:95:
d4:cd:56:0f:df:ce:3a:8c:f7:42:b6:73:7e:35:fc:
80:b4:f1:36:b9:6a:69:d4:2e:08:26:8a:8f:4a:b1:
f2:ae:d3:e9:40:3f:d5:40:f5:c8:44:6d:dc:60:16:
ae:70:cf:1c:8f:46:34:82:0e:5f:49:46:ca:10:07:
eb:de:8a:e8:31:d5:d5:8f:48:8e:b4:7a:a7:e7:0a:
13:a7:6a:79:24:bc:93:88:1a:e5:27:6c:38:4d:68:
ca:af:88:f8:fa:c7:f5:d5:b7:e0:da:1b:48:c9:be:
b1:6b:91:de:b9:3b:5a:cf:c5:95:95:4f:a4:ce:60:
ea:72:f8:99:ea:84:2d:59:ae:80:c4:81:2d:fb:41:
79:47:6f:62:45:50:97:ef:22:30:83:77:cc:dd:0c:
05:32:25:f7:bd:cc:67:ab:d7:88:5b:cf:8b:ce:d5:
1a:68:f9:1f:0d:73:e8:2d:1d:af:1d:35:cb:cd:2f:
43:86:4c:d2:12:a6:56:73:6b:28:0e:5f:58:ce:41:
6e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6F:30:C9:71:19:F4:E7:FE:F1:C3:72:81:90:2C:E9:03:27:FA:AD
X509v3 Authority Key Identifier:
keyid:C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:6f:45:80:ef:fe:c3:6c:b7:19:1b:85:8e:bc:19:67:4a:77:
ec:c9:6c:70:f7:f6:52:39:7f:2a:0b:e1:b1:11:4b:a6:a1:e1:
8c:41:98:ea:2e:ca:38:e8:b3:79:7b:00:29:5a:d9:13:7b:75:
f7:0e:65:8a:4c:4b:fe:97:d3:73:6a:34:7b:5d:c7:80:d2:6c:
2a:95:f3:5b:94:7b:c7:a9:f3:12:10:8a:d6:a2:15:f6:89:1d:
b5:37:10:78:e4:0d:58:a5:d7:16:7f:4e:bc:2a:6f:d0:94:80:
a1:07:4b:b1:51:38:40:51:d2:4c:37:d5:13:3e:21:3a:43:ae:
55:16:e0:11:ee:d4:31:fe:88:58:b1:1f:e6:fe:ab:df:79:d3:
ea:fe:ed:27:98:78:d1:c6:df:a7:cd:12:4a:ae:ba:20:d5:b2:
9d:41:c8:3b:9a:b4:3b:bd:53:66:22:ae:2e:a8:f9:58:fd:3a:
73:d4:94:f5:ad:cc:9c:54:ef:0b:a7:99:79:4c:b6:08:9e:3d:
b5:e3:3d:5d:5f:90:21:42:c5:43:b6:97:a6:4e:67:81:b5:07:
47:77:92:9e:58:3e:e8:73:18:d6:de:3d:22:e9:4c:66:b4:cf:
de:30:7a:41:3d:f7:3a:74:24:fe:11:a6:c2:95:81:98:51:7a:
1a:d5:e1:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+oN1xxkIP7rEjs+v75UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NDg1ZTI5ZjExOGMwMWJlODZjMTllNjY4ZmFjZmE0ODVk
ZTcxOGMwHhcNMjUxMTExMDMwMDUxWhcNMjUxMTEyMDMwMDUxWjAzMTEwLwYDVQQD
Eyg5NTZmMzBjOTcxMTlmNGU3ZmVmMWMzNzI4MTkwMmNlOTAzMjdmYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFrwOywIxvtid2i3FdDf9/9vM2KL
O+Y+yZ8rXW2kheu4AFPwO+i6t2IlpnuT1u7uT/iQkpdeLS6kCpXUzVYP3846jPdC
tnN+NfyAtPE2uWpp1C4IJoqPSrHyrtPpQD/VQPXIRG3cYBaucM8cj0Y0gg5fSUbK
EAfr3oroMdXVj0iOtHqn5woTp2p5JLyTiBrlJ2w4TWjKr4j4+sf11bfg2htIyb6x
a5HeuTtaz8WVlU+kzmDqcviZ6oQtWa6AxIEt+0F5R29iRVCX7yIwg3fM3QwFMiX3
vcxnq9eIW8+LztUaaPkfDXPoLR2vHTXLzS9DhkzSEqZWc2soDl9YzkFuYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVvMMlxGfTn/vHDcoGQLOkDJ/qtMB8GA1UdIwQY
MBaAFMdIXinxGMAb6GwZ5mj6z6SF3nGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQt
NTdmOWJjNmE1YzMwLzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQtNTdmOWJjNmE1YzMw
LzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAW9FgO/+
w2y3GRuFjrwZZ0p37MlscPf2Ujl/KgvhsRFLpqHhjEGY6i7KOOizeXsAKVrZE3t1
9w5likxL/pfTc2o0e13HgNJsKpXzW5R7x6nzEhCK1qIV9okdtTcQeOQNWKXXFn9O
vCpv0JSAoQdLsVE4QFHSTDfVEz4hOkOuVRbgEe7UMf6IWLEf5v6r33nT6v7tJ5h4
0cbfp80SSq66INWynUHIO5q0O71TZiKuLqj5WP06c9SU9a3MnFTvC6eZeUy2CJ49
teM9XV+QIULFQ7aXpk5ngbUHR3eSnlg+6HMY1t49IulMZrTP3jB6QT33OnQk/hGm
wpWBmFF6GtXhuA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:45 2025 by rpki-client