Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
File: GheAknBHDXwlZxEvtAqe9xJgBRY.mft (raw, json)
Hash identifier: 84lp1n35pvoSjwSNJyeevjeh6VaVBWSZRXr4UhXHALc=
Subject key identifier: B5:0B:27:62:91:C6:38:A1:9C:8B:61:32:E8:18:11:97:B4:F9:3D:33
Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516
Certificate serial: 019A725CDCC0235BABF8B3E4CA269FA3E19B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 10:01:19 +0000
Manifest this update: Tue 11 Nov 2025 10:01:19 +0000
Manifest next update: Wed 12 Nov 2025 10:01:19 +0000
Files and hashes: 1: 3n_Nd4cUj6teASapK4pWavXgfU0.roa (hash: KngeXtbNNWR05hMf2WkynvKsVClU9oGlPMx0Mk7lMOM=)
2: GheAknBHDXwlZxEvtAqe9xJgBRY.crl (hash: H/NV8l1d23+VR0dNIC1MrN4wPUyjj2nfp7Sct2KFWJU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:dc:c0:23:5b:ab:f8:b3:e4:ca:26:9f:a3:e1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516
Validity
Not Before: Nov 11 10:01:19 2025 GMT
Not After : Nov 12 10:01:19 2025 GMT
Subject: CN=b50b276291c638a19c8b6132e8181197b4f93d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:50:2f:2d:df:45:07:c4:9b:da:c8:39:1c:be:
8a:23:c3:97:75:58:d0:0a:d1:ca:90:89:f6:a7:2a:
22:62:f8:31:fb:95:cf:68:ee:66:ab:e1:c1:28:e8:
f0:7d:9e:bf:94:6a:c7:21:2b:56:cf:4e:c2:92:69:
68:b4:f5:82:70:0d:b3:77:9c:fb:cf:d3:f8:fc:94:
b0:4a:33:01:c1:40:f5:b8:ed:ac:1d:b9:52:66:1d:
d3:a2:f3:a3:6a:5b:01:87:10:5e:d0:f7:e2:8d:18:
dd:7c:9a:6f:1a:24:d7:0c:4a:d0:a2:99:4a:b2:a2:
47:40:fe:b3:51:77:05:64:01:70:9e:75:e3:b7:b8:
3d:01:a8:b2:7f:9a:56:67:a0:21:f6:ab:72:5d:83:
26:6e:58:e0:dc:b2:1d:f3:15:f8:9a:4d:2c:76:68:
ea:54:c4:23:db:74:f7:03:d7:4b:7a:5b:c4:e5:bb:
fd:e2:3c:2d:c3:e8:9a:e3:f6:03:21:75:23:66:09:
66:6a:cc:2d:7f:91:03:79:2f:0e:c1:0c:57:8e:26:
d9:bd:65:85:c2:04:d5:62:71:aa:98:df:f4:7a:e4:
1d:4c:2d:27:4b:1a:b4:3e:77:df:cd:38:d6:d9:34:
e9:be:c0:1a:03:4a:1c:12:6c:ba:61:0e:af:e8:11:
36:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0B:27:62:91:C6:38:A1:9C:8B:61:32:E8:18:11:97:B4:F9:3D:33
X509v3 Authority Key Identifier:
keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:e9:45:03:8b:23:9a:5d:e6:6c:5a:b5:82:7f:c1:58:3f:2b:
5f:4a:4d:ec:03:d2:a9:dc:22:64:de:ed:12:df:0a:05:d3:68:
c8:47:9d:e1:0e:93:7f:86:46:e7:4d:05:29:fd:18:04:73:5a:
68:44:0c:31:3e:e1:4c:4d:cc:e0:1b:71:e9:eb:c4:f3:63:1b:
4a:10:d2:b3:dc:cb:b6:9e:87:a3:52:3f:09:08:2e:d9:1b:89:
40:78:ab:4b:4f:b5:34:9b:a4:e3:7f:32:ed:fe:c7:91:f8:b7:
a0:1a:49:bc:de:85:59:d0:67:82:b7:97:46:bf:7d:03:36:e0:
31:68:c9:21:25:94:a2:ae:32:5c:27:0d:86:2a:49:7f:b7:db:
a7:8d:b4:cf:fe:73:69:ae:49:ad:74:08:a3:f3:7f:61:a5:e1:
41:ff:1f:ec:99:6a:02:51:3d:ed:01:d0:e8:53:5c:e9:6d:f6:
4b:13:1b:ba:4d:f5:36:4d:14:3d:be:96:09:1c:09:1d:34:2c:
b9:4d:29:54:0c:74:08:18:35:58:c7:f2:6e:07:b0:b9:10:79:
48:ec:98:b5:08:ba:49:fc:f4:be:66:58:b1:23:ac:22:ec:22:
13:72:03:df:ea:1c:15:e9:09:4a:6d:5a:e9:64:01:cf:38:9d:
78:4a:35:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNzAI1ur+LPkyiafo+GbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2
MDA1MTYwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
EyhiNTBiMjc2MjkxYzYzOGExOWM4YjYxMzJlODE4MTE5N2I0ZjkzZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVAvLd9FB8Sb2sg5HL6KI8OXdVjQ
CtHKkIn2pyoiYvgx+5XPaO5mq+HBKOjwfZ6/lGrHIStWz07CkmlotPWCcA2zd5z7
z9P4/JSwSjMBwUD1uO2sHblSZh3TovOjalsBhxBe0PfijRjdfJpvGiTXDErQoplK
sqJHQP6zUXcFZAFwnnXjt7g9Aaiyf5pWZ6Ah9qtyXYMmbljg3LId8xX4mk0sdmjq
VMQj23T3A9dLelvE5bv94jwtw+ia4/YDIXUjZglmaswtf5EDeS8OwQxXjibZvWWF
wgTVYnGqmN/0euQdTC0nSxq0PnffzTjW2TTpvsAaA0ocEmy6YQ6v6BE25wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLULJ2KRxjihnIthMugYEZe0+T0zMB8GA1UdIwQY
MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt
OGFmYTc0ZDg3NjlmLzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm
LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+lFA4sj
ml3mbFq1gn/BWD8rX0pN7APSqdwiZN7tEt8KBdNoyEed4Q6Tf4ZG500FKf0YBHNa
aEQMMT7hTE3M4Btx6evE82MbShDSs9zLtp6Ho1I/CQgu2RuJQHirS0+1NJuk438y
7f7Hkfi3oBpJvN6FWdBngreXRr99AzbgMWjJISWUoq4yXCcNhipJf7fbp420z/5z
aa5JrXQIo/N/YaXhQf8f7JlqAlE97QHQ6FNc6W32SxMbuk31Nk0UPb6WCRwJHTQs
uU0pVAx0CBg1WMfybgewuRB5SOyYtQi6Sfz0vmZYsSOsIuwiE3ID3+ocFekJSm1a
6WQBzzideEo1zw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:37:36 2025 by rpki-client