Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
File: hn3QWtctwi--owKfzukOb7BjiQQ.mft (raw, json)
Hash identifier: /NSxqlRBh8E0oRPOUjaQrABh1jsc6fEUdV5D08Ax4G0=
Subject key identifier: 16:70:B0:52:BF:E7:85:99:D5:C1:EB:32:C7:94:55:C8:30:93:CB:CB
Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Certificate serial: 019A71B7D99E9C971185B751221EDBC74A6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:01:05 +0000
Manifest this update: Tue 11 Nov 2025 07:01:05 +0000
Manifest next update: Wed 12 Nov 2025 07:01:05 +0000
Files and hashes: 1: 1hbevT8gwbMVGXnU3oslqDok4xQ.roa (hash: PvOSpkQG3GMAcOSv9DP0juXGFg1PxvMowO3npVuSH5E=)
2: hn3QWtctwi--owKfzukOb7BjiQQ.crl (hash: eZQealZl2eWb2w4ttrh75R0EtG0ZDlVB00H6sN+eHO4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:d9:9e:9c:97:11:85:b7:51:22:1e:db:c7:4a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Validity
Not Before: Nov 11 07:01:05 2025 GMT
Not After : Nov 12 07:01:05 2025 GMT
Subject: CN=1670b052bfe78599d5c1eb32c79455c83093cbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a1:48:77:c9:99:b5:20:60:54:c9:8f:8f:70:
c7:e3:38:3f:70:f0:fd:6b:bd:ec:77:d0:6d:5e:06:
e4:5c:c0:73:48:b5:1d:c2:9c:be:76:82:9a:a2:c7:
ec:8e:a1:a7:d7:2b:e2:a4:40:39:dd:a8:2d:0d:8a:
87:b1:bd:c2:22:a0:f4:e0:69:fd:ce:b5:a6:11:23:
21:de:6b:82:3c:51:1d:52:79:f2:47:75:4a:9f:bb:
ef:a3:03:5d:f9:f9:c1:79:20:bf:64:5b:95:09:4f:
0c:04:04:62:c8:29:a9:e4:7e:94:c4:0d:ac:b1:98:
2b:32:42:86:30:41:9a:b1:97:7b:9a:f8:a5:e5:f1:
43:72:b5:c8:cb:69:03:be:42:b3:42:2c:cd:61:b7:
e6:15:a1:ce:a0:a7:63:13:41:b5:5c:6f:99:b0:3d:
a3:67:ca:88:92:eb:c5:34:af:dc:e3:4f:13:c6:75:
24:11:da:09:ca:ff:17:cb:4e:b4:65:d7:c8:5d:7f:
03:7e:f7:5c:8f:9b:86:f7:d7:ec:1f:d4:19:ef:ea:
55:1c:98:bd:17:f1:fc:7c:a7:e2:bd:d0:68:b1:dd:
f2:a9:7d:5e:cc:8a:fb:3f:74:be:57:f2:3f:68:7a:
ba:c2:05:f9:28:28:88:d6:88:29:de:1e:fa:d3:55:
61:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:70:B0:52:BF:E7:85:99:D5:C1:EB:32:C7:94:55:C8:30:93:CB:CB
X509v3 Authority Key Identifier:
keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:b5:63:1d:ec:f0:cb:07:8e:75:79:2d:a7:31:e4:a1:71:2a:
2d:8d:2f:e7:53:73:a5:b8:f3:fb:da:90:4c:88:a5:4a:7a:a6:
6b:73:cd:40:19:05:83:38:eb:24:fc:37:57:7e:22:e0:d5:8c:
2e:dd:0d:4c:91:1d:cb:f5:db:07:ba:56:a6:44:ea:cd:68:45:
a6:3c:8d:85:42:8d:a8:9b:8c:10:f3:ba:55:b4:db:b6:99:f7:
35:47:75:c2:6c:14:f2:4b:b8:b8:28:d4:4c:74:51:c0:34:7c:
18:42:cd:31:e2:e7:e2:8c:9a:95:72:9b:4c:8a:6b:ea:a5:61:
9a:0c:ca:fe:3e:6b:04:8e:21:65:38:da:c5:8d:db:36:7d:71:
aa:7a:ad:4e:2f:f3:e2:c6:86:85:1e:f6:f3:ab:3b:cf:9e:36:
1b:44:04:ba:91:a6:00:31:e9:16:2d:ed:80:43:b0:b6:aa:a3:
8f:b9:77:50:02:cc:d4:ad:d7:6f:bf:9a:55:58:1a:1c:6b:f0:
6b:04:6e:28:50:22:5f:ae:c4:eb:d5:6d:c7:cb:20:e6:0e:34:
4a:d8:5c:7d:51:00:7b:df:60:3d:71:95:95:de:c1:02:02:fe:
a7:20:f0:2a:db:b6:87:6b:6f:0a:65:a3:81:ee:3a:77:f9:10:
6a:23:81:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9menJcRhbdRIh7bx0pqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2
Mzg5MDQwHhcNMjUxMTExMDcwMTA1WhcNMjUxMTEyMDcwMTA1WjAzMTEwLwYDVQQD
EygxNjcwYjA1MmJmZTc4NTk5ZDVjMWViMzJjNzk0NTVjODMwOTNjYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KFId8mZtSBgVMmPj3DH4zg/cPD9
a73sd9BtXgbkXMBzSLUdwpy+doKaosfsjqGn1yvipEA53agtDYqHsb3CIqD04Gn9
zrWmESMh3muCPFEdUnnyR3VKn7vvowNd+fnBeSC/ZFuVCU8MBARiyCmp5H6UxA2s
sZgrMkKGMEGasZd7mvil5fFDcrXIy2kDvkKzQizNYbfmFaHOoKdjE0G1XG+ZsD2j
Z8qIkuvFNK/c408TxnUkEdoJyv8Xy060ZdfIXX8Dfvdcj5uG99fsH9QZ7+pVHJi9
F/H8fKfivdBosd3yqX1ezIr7P3S+V/I/aHq6wgX5KCiI1ogp3h7601VhQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZwsFK/54WZ1cHrMseUVcgwk8vLMB8GA1UdIwQY
MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt
MjM5ZTVhYmZjYzZhLzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh
LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUrVjHezw
yweOdXktpzHkoXEqLY0v51Nzpbjz+9qQTIilSnqma3PNQBkFgzjrJPw3V34i4NWM
Lt0NTJEdy/XbB7pWpkTqzWhFpjyNhUKNqJuMEPO6VbTbtpn3NUd1wmwU8ku4uCjU
THRRwDR8GELNMeLn4oyalXKbTIpr6qVhmgzK/j5rBI4hZTjaxY3bNn1xqnqtTi/z
4saGhR7286s7z542G0QEupGmADHpFi3tgEOwtqqjj7l3UALM1K3Xb7+aVVgaHGvw
awRuKFAiX67E69Vtx8sg5g40SthcfVEAe99gPXGVld7BAgL+pyDwKtu2h2tvCmWj
ge46d/kQaiOB6Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:45 2025 by rpki-client