Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
File: h4R32LYtCfmui_29gSpT-X7UxXY.mft (raw, json)
Hash identifier: YMHcld5YEETZcKDIcXiagDiYMakq++03l2V4F0kGNUU=
Subject key identifier: A0:02:F4:5D:BE:90:54:35:EB:D5:58:97:2D:7A:04:60:7F:E2:BD:0A
Authority key identifier: 87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
Certificate issuer: /CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Certificate serial: 019A722593AE5626F1F7952B1EDFA0AFA39E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
Manifest number: 0547
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: 1-chTvEPLKpclBFunFsZudwhteCw.roa (hash: Mk7QbJ14tNyeCXu9wD1n7MpPtkSCXANni+lDYxJDiAk=)
2: h4R32LYtCfmui_29gSpT-X7UxXY.crl (hash: whiQqEX6DauZbnHExcDJW6v7XGL+a3cLzBkJqojQRHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:93:ae:56:26:f1:f7:95:2b:1e:df:a0:af:a3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878477d8b62d09f9ae8bfdbd812a53f97ed4c576
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=a002f45dbe905435ebd558972d7a04607fe2bd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c5:7f:d1:bd:89:3d:8b:9c:e1:be:31:30:b2:
6a:40:cc:d3:1c:52:90:5a:aa:04:a6:e0:00:c3:bc:
24:10:dd:4c:f3:67:f2:a0:a8:28:52:1f:cf:f6:cc:
84:54:01:d8:42:9c:2e:de:34:55:35:3d:68:2f:4c:
a3:af:90:f6:5d:38:fe:02:5e:56:07:2f:37:d3:5a:
34:29:4d:dd:36:0c:18:a4:dc:82:ff:c9:4b:67:0c:
52:75:26:32:67:27:f0:87:31:cc:39:18:94:5f:55:
05:fc:5f:b2:bb:bd:74:5a:a0:17:ab:80:53:42:e0:
b0:4d:96:10:b5:45:d1:98:ad:a9:19:7d:18:b5:69:
5f:2e:f9:c0:c9:e3:38:d6:fc:0b:60:8b:b2:1b:c5:
0c:56:87:d4:d7:e9:b5:00:ee:4b:a2:c1:f3:45:35:
2b:1b:85:d3:ad:f0:8e:ec:f2:0e:a7:03:71:aa:b0:
7d:57:98:2f:7a:48:11:74:52:b6:f7:1d:d2:f2:42:
4b:d0:27:72:1f:0c:10:97:ba:3b:60:55:ce:61:98:
d1:89:73:0d:e6:d6:76:8a:28:2d:9e:cd:98:05:cb:
38:24:e9:f3:37:13:e8:14:63:8f:22:06:d8:16:ba:
01:71:39:93:1c:26:80:f9:bf:f2:a2:0c:42:46:5f:
35:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:02:F4:5D:BE:90:54:35:EB:D5:58:97:2D:7A:04:60:7F:E2:BD:0A
X509v3 Authority Key Identifier:
keyid:87:84:77:D8:B6:2D:09:F9:AE:8B:FD:BD:81:2A:53:F9:7E:D4:C5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4R32LYtCfmui_29gSpT-X7UxXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e83ac5-448b-4e49-8ebf-8842e5edce02/1/h4R32LYtCfmui_29gSpT-X7UxXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:46:77:85:cf:f5:67:b7:a8:29:27:28:a7:f3:91:4a:d2:e5:
87:37:8f:a8:bd:72:6c:0e:cd:b5:11:ff:02:5d:bc:38:6e:c7:
93:7b:09:92:7b:26:cd:27:9a:dd:e2:1a:f1:56:f2:95:d3:2e:
d4:3c:b2:0c:b6:82:76:ad:66:2a:b1:1a:8f:e1:c4:a8:3f:2c:
a2:d0:f1:ec:3c:96:43:c0:60:3a:ae:ba:b8:2a:cc:fb:0e:64:
84:24:98:d0:f2:95:84:5a:89:2c:c5:e7:7b:cd:f0:fd:5c:46:
89:0b:bb:5e:ce:32:ef:c2:93:1c:3b:fe:bb:a1:58:bb:e3:bb:
ad:9f:99:ab:01:76:c6:36:ea:44:84:cf:ff:68:a0:56:ac:8f:
14:e7:c2:a2:a8:c5:b2:e9:e2:fb:30:d7:18:7a:a3:ca:7c:9e:
24:48:86:0c:8d:f7:0c:b3:eb:82:91:31:28:1c:f8:43:54:10:
3c:c0:b9:46:3e:3e:a0:aa:07:93:f8:f2:97:91:b8:96:5a:79:
ae:12:ff:7a:08:f4:cb:77:40:25:6b:e8:97:44:cb:d3:13:b4:
c6:1a:ce:e5:ed:fe:0f:3d:84:62:d6:e1:f0:27:df:19:0c:45:
75:db:f5:95:ee:6c:97:34:9b:42:db:8f:80:c2:cd:c1:fb:bd:
9f:5c:71:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZOuVibx95UrHt+gr6OeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ODQ3N2Q4YjYyZDA5ZjlhZThiZmRiZDgxMmE1M2Y5N2Vk
NGM1NzYwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhhMDAyZjQ1ZGJlOTA1NDM1ZWJkNTU4OTcyZDdhMDQ2MDdmZTJiZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsV/0b2JPYuc4b4xMLJqQMzTHFKQ
WqoEpuAAw7wkEN1M82fyoKgoUh/P9syEVAHYQpwu3jRVNT1oL0yjr5D2XTj+Al5W
By8301o0KU3dNgwYpNyC/8lLZwxSdSYyZyfwhzHMORiUX1UF/F+yu710WqAXq4BT
QuCwTZYQtUXRmK2pGX0YtWlfLvnAyeM41vwLYIuyG8UMVofU1+m1AO5LosHzRTUr
G4XTrfCO7PIOpwNxqrB9V5gvekgRdFK29x3S8kJL0CdyHwwQl7o7YFXOYZjRiXMN
5tZ2iigtns2YBcs4JOnzNxPoFGOPIgbYFroBcTmTHCaA+b/yogxCRl81dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAC9F2+kFQ169VYly16BGB/4r0KMB8GA1UdIwQY
MBaAFIeEd9i2LQn5rov9vYEqU/l+1MV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYt
ODg0MmU1ZWRjZTAyLzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lODNhYzUtNDQ4Yi00ZTQ5LThlYmYtODg0MmU1ZWRjZTAy
LzEvaDRSMzJMWXRDZm11aV8yOWdTcFQtWDdVeFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAekZ3hc/1
Z7eoKScop/ORStLlhzePqL1ybA7NtRH/Al28OG7Hk3sJknsmzSea3eIa8VbyldMu
1DyyDLaCdq1mKrEaj+HEqD8sotDx7DyWQ8BgOq66uCrM+w5khCSY0PKVhFqJLMXn
e83w/VxGiQu7Xs4y78KTHDv+u6FYu+O7rZ+ZqwF2xjbqRITP/2igVqyPFOfCoqjF
suni+zDXGHqjynyeJEiGDI33DLPrgpExKBz4Q1QQPMC5Rj4+oKoHk/jyl5G4llp5
rhL/egj0y3dAJWvol0TL0xO0xhrO5e3+Dz2EYtbh8CffGQxFddv1le5slzSbQtuP
gMLNwfu9n1xxZw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:39:22 2025 by rpki-client