Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.mft
File: MhV9a4wSwFtBvEEkHQYVBAryQeE.mft (raw, json)
Hash identifier: rpBjudZc1AZ3oC60/WdzOBrV1d3C4fIegjZ0rcuT8Vw=
Subject key identifier: 2D:99:F5:DB:B1:5F:2F:E5:D4:5E:D8:89:2F:64:67:4A:F1:C0:5F:58
Authority key identifier: 32:15:7D:6B:8C:12:C0:5B:41:BC:41:24:1D:06:15:04:0A:F2:41:E1
Certificate issuer: /CN=32157d6b8c12c05b41bc41241d0615040af241e1
Certificate serial: 019A71B93A052B8800A9D365B1B67F2AF96F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MhV9a4wSwFtBvEEkHQYVBAryQeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.mft
Manifest number: 043A
Signing time: Tue 11 Nov 2025 07:02:35 +0000
Manifest this update: Tue 11 Nov 2025 07:02:35 +0000
Manifest next update: Wed 12 Nov 2025 07:02:35 +0000
Files and hashes: 1: MhV9a4wSwFtBvEEkHQYVBAryQeE.crl (hash: /WbR8YvmMdwG0YNcmXcjQwXWen0W6h/s0VYyVipKqHc=)
2: qJ1oXPy2zR5AWITHnFOnI8zbBtI.roa (hash: 2JhWie1vdrZ9TGWL5IWneU9ysYNZV//iN2iGhnspRb0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MhV9a4wSwFtBvEEkHQYVBAryQeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:3a:05:2b:88:00:a9:d3:65:b1:b6:7f:2a:f9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32157d6b8c12c05b41bc41241d0615040af241e1
Validity
Not Before: Nov 11 07:02:35 2025 GMT
Not After : Nov 12 07:02:35 2025 GMT
Subject: CN=2d99f5dbb15f2fe5d45ed8892f64674af1c05f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:49:39:ff:bb:45:11:d0:00:b7:c7:4c:cd:b3:
06:ed:1a:a8:4e:a4:e0:ac:29:c3:d4:6c:57:da:60:
8f:fd:ac:dd:4f:3b:67:2c:fd:3b:4f:26:e1:cf:5d:
6d:bf:59:d1:ca:4c:95:df:26:4d:00:9f:fb:11:77:
ef:dc:59:96:27:98:9f:1d:bd:85:dc:aa:08:83:90:
22:9d:36:af:dd:1e:33:af:f7:14:6c:f4:21:d5:c3:
0a:05:d5:83:13:0a:bd:f5:c7:5f:cf:77:36:ad:4f:
e5:a5:c2:b4:b5:2d:d2:eb:c6:98:97:44:7d:4e:85:
ef:32:dc:dd:82:bd:77:bd:6e:70:9c:c2:f1:b9:79:
43:95:e1:00:cf:b9:d3:27:b5:c0:05:a3:ab:b1:d6:
7b:6f:20:ca:b8:71:b3:49:87:10:0a:77:77:89:fe:
0f:be:44:b0:69:67:90:be:bc:d6:b4:bf:40:a7:4d:
82:03:41:82:72:12:1a:58:b6:60:7c:22:d8:ae:16:
b6:42:a4:ec:2f:24:46:25:9f:91:06:46:7d:10:a5:
07:4d:89:d4:32:99:b9:db:aa:b5:c0:8a:df:e4:46:
cb:d6:dc:f6:39:da:4e:c1:cb:43:6f:9c:4c:07:8d:
78:a4:f8:60:a5:50:29:d4:3e:da:b5:68:30:42:d1:
ed:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:99:F5:DB:B1:5F:2F:E5:D4:5E:D8:89:2F:64:67:4A:F1:C0:5F:58
X509v3 Authority Key Identifier:
keyid:32:15:7D:6B:8C:12:C0:5B:41:BC:41:24:1D:06:15:04:0A:F2:41:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MhV9a4wSwFtBvEEkHQYVBAryQeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/416a80-dc56-4514-8bc0-27f9c823edea/1/MhV9a4wSwFtBvEEkHQYVBAryQeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:e0:20:b7:2a:b9:77:8a:bb:02:a4:c5:56:2d:8f:2d:36:05:
cc:71:83:60:0a:81:6b:7c:86:ef:81:2c:7a:43:a9:80:92:46:
13:3f:29:f9:53:cc:38:6a:e4:1f:0e:83:07:58:db:f2:4c:ca:
16:51:0f:70:d6:17:ba:d5:07:96:99:e2:18:63:9e:ba:1d:eb:
00:cc:aa:e7:2c:cd:0f:57:71:fb:10:63:aa:9a:51:5e:f3:be:
f8:61:79:84:cd:71:65:36:44:33:fe:89:8d:69:c5:6f:3e:50:
bf:2d:8c:ea:1d:f3:d2:d0:fd:04:97:3d:d8:6e:49:78:64:cd:
b9:46:38:9b:f5:f9:dd:22:b1:34:48:9a:1d:f3:52:36:a9:47:
6e:38:75:e4:83:9b:75:6e:a3:19:b1:56:0d:da:8e:27:11:d5:
bf:31:4d:92:6f:e2:71:c4:40:ed:3a:06:34:b1:a4:b7:69:8b:
c0:ed:cb:00:d7:ea:a0:4e:fb:e2:aa:4f:b9:fe:30:09:06:6d:
8b:4b:72:33:da:39:f4:dc:cf:06:4b:c7:67:d9:ca:75:32:95:
af:11:85:88:a2:f1:a7:aa:37:00:e0:3a:42:d7:95:6b:23:b7:
40:91:69:d2:be:77:dd:f6:23:4f:b8:62:c8:4c:65:f7:f6:2e:
c6:f4:f7:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuToFK4gAqdNlsbZ/KvlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMTU3ZDZiOGMxMmMwNWI0MWJjNDEyNDFkMDYxNTA0MGFm
MjQxZTEwHhcNMjUxMTExMDcwMjM1WhcNMjUxMTEyMDcwMjM1WjAzMTEwLwYDVQQD
EygyZDk5ZjVkYmIxNWYyZmU1ZDQ1ZWQ4ODkyZjY0Njc0YWYxYzA1ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUk5/7tFEdAAt8dMzbMG7RqoTqTg
rCnD1GxX2mCP/azdTztnLP07Tybhz11tv1nRykyV3yZNAJ/7EXfv3FmWJ5ifHb2F
3KoIg5AinTav3R4zr/cUbPQh1cMKBdWDEwq99cdfz3c2rU/lpcK0tS3S68aYl0R9
ToXvMtzdgr13vW5wnMLxuXlDleEAz7nTJ7XABaOrsdZ7byDKuHGzSYcQCnd3if4P
vkSwaWeQvrzWtL9Ap02CA0GCchIaWLZgfCLYrha2QqTsLyRGJZ+RBkZ9EKUHTYnU
Mpm526q1wIrf5EbL1tz2OdpOwctDb5xMB414pPhgpVAp1D7atWgwQtHtCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2Z9duxXy/l1F7YiS9kZ0rxwF9YMB8GA1UdIwQY
MBaAFDIVfWuMEsBbQbxBJB0GFQQK8kHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWhWOWE0d1N3RnRCdkVFa0hRWVZCQXJ5UWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80MTZhODAtZGM1Ni00NTE0LThiYzAt
MjdmOWM4MjNlZGVhLzEvTWhWOWE0d1N3RnRCdkVFa0hRWVZCQXJ5UWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80MTZhODAtZGM1Ni00NTE0LThiYzAtMjdmOWM4MjNlZGVh
LzEvTWhWOWE0d1N3RnRCdkVFa0hRWVZCQXJ5UWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeeAgtyq5
d4q7AqTFVi2PLTYFzHGDYAqBa3yG74EsekOpgJJGEz8p+VPMOGrkHw6DB1jb8kzK
FlEPcNYXutUHlpniGGOeuh3rAMyq5yzND1dx+xBjqppRXvO++GF5hM1xZTZEM/6J
jWnFbz5Qvy2M6h3z0tD9BJc92G5JeGTNuUY4m/X53SKxNEiaHfNSNqlHbjh15IOb
dW6jGbFWDdqOJxHVvzFNkm/iccRA7ToGNLGkt2mLwO3LANfqoE774qpPuf4wCQZt
i0tyM9o59NzPBkvHZ9nKdTKVrxGFiKLxp6o3AOA6QteVayO3QJFp0r533fYjT7hi
yExl9/YuxvT32Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:09 2025 by rpki-client