Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
File: h4R32LYtCfmui_29gSpT-X7UxXY.mft (raw, json)
Hash identifier: OCLMOWKU8Xp0TCIofwxHZQakG9qCk+GTOOhshzv+Aeg=
Subject key identifier: F8:41:36:3D:AE:C0:B1:A4:30:2D:C1:36:C8:41:6B:2B:D9:00:AE:93
Authority key identifier: 87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
Certificate issuer: /CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Certificate serial: 0199221F29B33E3E3FAC4F3DD3B3E63EC135
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
Manifest number: 0499
Signing time: Sun 07 Sep 2025 03:01:31 +0000
Manifest this update: Sun 07 Sep 2025 03:01:31 +0000
Manifest next update: Mon 08 Sep 2025 03:01:31 +0000
Files and hashes: 1: 1-chTvEPLKpclBFunFsZudwhteCw.roa (hash: Mk7QbJ14tNyeCXu9wD1n7MpPtkSCXANni+lDYxJDiAk=)
2: h4R32LYtCfmui_29gSpT-X7UxXY.crl (hash: UmFYE9oxrf/UkhOJA5pRROtD9S0MSD/tDsVPSqF+ZH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1f:29:b3:3e:3e:3f:ac:4f:3d:d3:b3:e6:3e:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Validity
Not Before: Sep 7 03:01:31 2025 GMT
Not After : Sep 8 03:01:31 2025 GMT
Subject: CN=f841363daec0b1a4302dc136c8416b2bd900ae93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:72:25:00:e9:60:16:fb:0b:dc:22:e8:41:c1:
07:9f:f0:62:c3:ca:e3:18:dc:f6:a8:e6:b8:50:f7:
ef:35:8d:de:24:5f:77:91:79:25:61:c8:12:32:e2:
e6:ad:5a:dd:b5:a2:60:c7:2a:4b:88:7f:c4:03:df:
6f:7e:9f:02:13:9e:f3:4f:33:a5:f9:03:3d:1c:1a:
2f:1c:33:ee:ae:f5:8d:fb:fc:8f:75:ec:cf:ee:1b:
58:92:d1:45:a8:a5:3a:db:c9:2a:89:ea:c7:eb:d9:
de:1f:33:26:26:6b:af:b4:0b:9e:a6:92:be:14:59:
e3:65:14:34:79:25:b1:06:91:3f:0e:57:bc:7a:42:
da:67:de:b0:24:1f:ac:e7:4d:14:5b:90:70:e0:74:
02:1f:c3:50:03:6b:e6:ad:6a:bd:78:94:cf:52:83:
62:fa:a0:4c:ca:49:38:fe:d9:d9:30:ac:6d:83:17:
a2:9c:5d:ce:82:5c:24:41:a6:5d:a9:28:06:b1:b2:
bc:76:8c:5f:41:dc:92:d8:af:37:cb:0c:b1:18:94:
0d:c3:a2:92:fd:d6:e6:3a:ca:ff:cc:af:7a:b5:af:
3b:85:5e:eb:49:cc:24:80:06:cc:77:b2:e6:7a:0e:
f2:cb:ed:69:19:12:6c:f8:15:07:a5:fd:98:d4:63:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:41:36:3D:AE:C0:B1:A4:30:2D:C1:36:C8:41:6B:2B:D9:00:AE:93
X509v3 Authority Key Identifier:
keyid:87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:26:8d:3b:e8:93:6c:60:9e:e4:d0:94:4e:36:6e:2d:91:9d:
86:2a:27:27:18:17:6c:a9:89:5a:67:8b:e0:55:a3:7b:6c:f8:
cf:44:a0:22:9b:c4:c8:9d:aa:bf:a0:ee:ca:7b:aa:d9:49:dc:
ea:f0:87:31:d4:d9:62:50:b3:a8:c6:49:58:31:9d:4c:56:b8:
2c:66:2a:c6:3d:65:80:13:68:b6:31:80:41:d8:73:97:76:8a:
21:55:bb:69:b3:6b:3a:9d:34:7e:cc:6e:c6:a7:37:24:8b:97:
83:d4:ca:ba:3e:7c:b1:ae:7f:01:e5:e7:e6:49:4d:65:d5:f8:
6e:79:2a:40:58:94:6a:11:f8:a8:1e:48:a6:01:1f:51:9d:79:
3b:3a:8d:44:5d:7a:37:d6:68:27:ad:c0:f2:95:91:f4:64:50:
7e:b7:fe:5f:a5:79:67:e8:1d:98:7c:ed:35:ec:8b:bf:5e:4a:
18:e6:8a:0d:89:8e:71:95:56:df:68:31:27:93:cc:d5:13:3f:
79:7e:ff:a2:c0:e8:b8:9d:f7:77:87:b4:c6:7f:e1:aa:0e:1b:
cd:5f:3a:8e:a0:35:35:7b:27:34:ad:87:fb:48:ea:45:a6:a0:
5e:65:9a:d5:12:12:fa:5a:be:0e:a8:21:5f:49:98:4d:a3:b2:
2f:87:3a:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHymzPj4/rE8907PmPsE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ODQ3N2Q4YjYyZDA5ZjlhZThiZmRiZDgxMmE1M2Y5N2Vk
NGM1NzYwHhcNMjUwOTA3MDMwMTMxWhcNMjUwOTA4MDMwMTMxWjAzMTEwLwYDVQQD
EyhmODQxMzYzZGFlYzBiMWE0MzAyZGMxMzZjODQxNmIyYmQ5MDBhZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXIlAOlgFvsL3CLoQcEHn/Biw8rj
GNz2qOa4UPfvNY3eJF93kXklYcgSMuLmrVrdtaJgxypLiH/EA99vfp8CE57zTzOl
+QM9HBovHDPurvWN+/yPdezP7htYktFFqKU628kqierH69neHzMmJmuvtAueppK+
FFnjZRQ0eSWxBpE/Dle8ekLaZ96wJB+s500UW5Bw4HQCH8NQA2vmrWq9eJTPUoNi
+qBMykk4/tnZMKxtgxeinF3OglwkQaZdqSgGsbK8doxfQdyS2K83ywyxGJQNw6KS
/dbmOsr/zK96ta87hV7rScwkgAbMd7Lmeg7yy+1pGRJs+BUHpf2Y1GNAWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhBNj2uwLGkMC3BNshBayvZAK6TMB8GA1UdIwQY
MBaAFIeEd9i2LQn5rov9vYEqU/l+1MV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYt
ODg0MmU1ZWRjZTAyLzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYtODg0MmU1ZWRjZTAy
LzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSaNO+iT
bGCe5NCUTjZuLZGdhionJxgXbKmJWmeL4FWje2z4z0SgIpvEyJ2qv6Duynuq2Unc
6vCHMdTZYlCzqMZJWDGdTFa4LGYqxj1lgBNotjGAQdhzl3aKIVW7abNrOp00fsxu
xqc3JIuXg9TKuj58sa5/AeXn5klNZdX4bnkqQFiUahH4qB5IpgEfUZ15OzqNRF16
N9ZoJ63A8pWR9GRQfrf+X6V5Z+gdmHztNeyLv15KGOaKDYmOcZVW32gxJ5PM1RM/
eX7/osDouJ33d4e0xn/hqg4bzV86jqA1NXsnNK2H+0jqRaagXmWa1RIS+lq+Dqgh
X0mYTaOyL4c6qA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:07:39 2025 by rpki-client