Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
File: pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json)
Hash identifier: RxvsiB2MKChHxBwpmAQawENM3gjEQzfOnCpDmz83XxM=
Subject key identifier: 5F:4A:DE:1C:12:BB:1F:76:03:8D:C7:71:17:61:2A:BD:2A:D6:AB:77
Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
Certificate issuer: /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Certificate serial: 019A72264DBAFAAB60D753CB0BE329302576
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
Manifest number: 0ABC
Signing time: Tue 11 Nov 2025 09:01:44 +0000
Manifest this update: Tue 11 Nov 2025 09:01:44 +0000
Manifest next update: Wed 12 Nov 2025 09:01:44 +0000
Files and hashes: 1: H2ciew030YT_ZKL58SNBSDs0iQc.roa (hash: dr7FPAyraTf1nqxR0HjlvGsow4ZxkGibDCSpB0tZ3CU=)
2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: SbAbzCjJqXTff68sO+6yGlRmj/hXuS0+2LGvCHJACT8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:4d:ba:fa:ab:60:d7:53:cb:0b:e3:29:30:25:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Validity
Not Before: Nov 11 09:01:44 2025 GMT
Not After : Nov 12 09:01:44 2025 GMT
Subject: CN=5f4ade1c12bb1f76038dc77117612abd2ad6ab77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:97:d9:3d:f8:44:46:ab:d0:4d:95:07:fb:78:
97:ad:34:e2:90:39:97:6a:20:db:9a:83:da:f7:f1:
11:00:89:6c:a8:a8:6a:08:1c:dc:27:87:b0:be:21:
50:0b:35:0f:2a:6f:77:7e:37:e3:1a:ca:09:6c:7b:
a8:9e:3d:2e:8c:5f:c8:28:fd:70:ab:9b:a5:25:15:
da:c0:70:24:7b:ac:5a:dd:a1:ae:7a:f7:05:2e:8c:
93:be:ab:24:2c:93:3d:4e:eb:5f:ba:b1:9d:e2:6e:
bc:22:d4:96:63:df:c0:8b:21:b2:b8:d5:3d:67:75:
da:ce:b0:77:ac:9e:62:15:6a:56:00:a7:5e:9c:f6:
db:86:46:1a:7e:7f:33:2a:ef:ae:50:aa:74:a9:6f:
9a:01:2f:f1:9f:d2:e4:b7:16:40:0f:45:cb:67:1a:
64:ca:41:4d:b1:cf:05:2c:2b:90:a3:e0:9c:88:ec:
34:ef:62:2e:a2:da:fe:7b:76:2d:16:85:76:96:26:
f9:3e:91:92:72:39:ad:fe:49:f3:8f:64:ee:01:e5:
28:2f:0c:a0:71:45:c0:11:81:66:a1:88:03:a3:cc:
7e:49:62:5a:99:d2:bd:0a:2a:da:35:4a:f7:9b:0b:
f7:46:26:0d:b0:71:92:af:74:d4:38:0f:d1:7b:3e:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4A:DE:1C:12:BB:1F:76:03:8D:C7:71:17:61:2A:BD:2A:D6:AB:77
X509v3 Authority Key Identifier:
keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:78:28:12:27:7d:97:6e:fa:8b:4a:2d:0e:bb:5e:ca:c2:86:
2a:86:f9:3b:40:92:15:f2:a4:ac:81:7f:e8:60:c0:a8:75:81:
83:b4:17:9d:55:15:b7:04:10:f7:57:74:2d:32:89:bc:f1:fb:
85:1f:d5:34:0c:ab:50:12:28:a7:0a:db:f3:be:aa:38:f0:fe:
d1:c0:3b:45:55:74:c6:62:6e:0a:f4:59:f2:5c:81:92:b6:b2:
bf:9f:ac:31:76:1f:61:e6:b4:09:15:40:41:ef:d3:e5:ad:b5:
10:5e:80:06:06:13:4e:81:21:8f:07:47:e5:32:36:5f:2b:59:
b8:33:82:06:98:69:df:d3:a8:83:66:06:2a:c4:30:82:d6:f2:
82:df:2c:65:63:9e:23:85:94:2a:c2:3e:f4:71:44:a0:2d:c7:
4b:40:fa:d4:4d:14:00:ea:21:ab:fc:80:74:8b:c5:11:ff:ee:
e4:e4:25:b2:1b:7e:bb:e6:11:ab:8c:16:45:de:87:8c:b5:a9:
3b:ab:b2:e8:78:db:27:c9:ec:89:0c:3f:4d:a2:a8:c5:ed:55:
74:24:86:6f:b6:1d:0b:eb:6e:e7:e5:e3:5f:6d:e2:e9:c1:29:
c6:59:00:54:ab:ab:8b:d1:de:a4:0e:33:8f:1e:79:06:f1:17:
b8:d1:86:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk26+qtg11PLC+MpMCV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx
Yzk0MzMwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
Eyg1ZjRhZGUxYzEyYmIxZjc2MDM4ZGM3NzExNzYxMmFiZDJhZDZhYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JfZPfhERqvQTZUH+3iXrTTikDmX
aiDbmoPa9/ERAIlsqKhqCBzcJ4ewviFQCzUPKm93fjfjGsoJbHuonj0ujF/IKP1w
q5ulJRXawHAke6xa3aGuevcFLoyTvqskLJM9TutfurGd4m68ItSWY9/AiyGyuNU9
Z3XazrB3rJ5iFWpWAKdenPbbhkYafn8zKu+uUKp0qW+aAS/xn9LktxZAD0XLZxpk
ykFNsc8FLCuQo+CciOw072Iuotr+e3YtFoV2lib5PpGScjmt/knzj2TuAeUoLwyg
cUXAEYFmoYgDo8x+SWJamdK9CiraNUr3mwv3RiYNsHGSr3TUOA/Rez6oFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9K3hwSux92A43HcRdhKr0q1qt3MB8GA1UdIwQY
MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt
MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy
LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXgoEid9
l276i0otDrteysKGKob5O0CSFfKkrIF/6GDAqHWBg7QXnVUVtwQQ91d0LTKJvPH7
hR/VNAyrUBIopwrb876qOPD+0cA7RVV0xmJuCvRZ8lyBkrayv5+sMXYfYea0CRVA
Qe/T5a21EF6ABgYTToEhjwdH5TI2XytZuDOCBphp39Oog2YGKsQwgtbygt8sZWOe
I4WUKsI+9HFEoC3HS0D61E0UAOohq/yAdIvFEf/u5OQlsht+u+YRq4wWRd6HjLWp
O6uy6HjbJ8nsiQw/TaKoxe1VdCSGb7YdC+tu5+XjX23i6cEpxlkAVKuri9HepA4z
jx55BvEXuNGGXQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:17 2025 by rpki-client