Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.mft
File: hIsSlNJ2n6N7NIrMXav8uP5vmZg.mft (raw, json)
Hash identifier: FPxsikI4w19rulnDnb56p4renbzkEb0MbwvfFqwSLOg=
Subject key identifier: 13:02:A9:06:89:16:95:88:76:A9:81:50:B1:E7:0D:F7:25:45:97:F5
Authority key identifier: 84:8B:12:94:D2:76:9F:A3:7B:34:8A:CC:5D:AB:FC:B8:FE:6F:99:98
Certificate issuer: /CN=848b1294d2769fa37b348acc5dabfcb8fe6f9998
Certificate serial: 019A7293A4166637FC767694A6D78705E55D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hIsSlNJ2n6N7NIrMXav8uP5vmZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.mft
Manifest number: 021F
Signing time: Tue 11 Nov 2025 11:01:09 +0000
Manifest this update: Tue 11 Nov 2025 11:01:09 +0000
Manifest next update: Wed 12 Nov 2025 11:01:09 +0000
Files and hashes: 1: duguTeW8ErmRr7f5ZEryR3oV58E.roa (hash: q3OOsJ7Kv17p8ez5C5AQYcTLGWf82piJmxtRxe/QdaM=)
2: hIsSlNJ2n6N7NIrMXav8uP5vmZg.crl (hash: KiyaRPMNZK8Vt9ei0UMm5MNFTVLwFFKBwo0O7CV49Mw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hIsSlNJ2n6N7NIrMXav8uP5vmZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:a4:16:66:37:fc:76:76:94:a6:d7:87:05:e5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=848b1294d2769fa37b348acc5dabfcb8fe6f9998
Validity
Not Before: Nov 11 11:01:09 2025 GMT
Not After : Nov 12 11:01:09 2025 GMT
Subject: CN=1302a9068916958876a98150b1e70df7254597f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5a:f1:36:7e:c5:60:9d:fa:06:87:b5:6c:4f:
bd:74:c5:18:94:35:9c:b5:07:32:21:6a:f7:3a:37:
77:9e:18:a4:e6:49:a4:f0:a1:7d:15:2f:e7:fd:b1:
03:dc:3b:65:ba:41:3a:cb:71:29:f3:4a:23:33:96:
25:13:17:b5:c5:d8:cb:25:06:32:9e:60:cc:1a:c4:
5b:23:bb:14:e8:84:ae:09:d1:9b:ab:a9:4c:c2:7e:
3a:19:a5:3f:26:4d:5e:12:0d:14:51:0c:d9:b8:cc:
53:0c:92:99:10:16:0f:d3:63:d8:5d:b5:4f:36:f5:
76:e6:55:ae:3d:22:69:74:3f:3f:c3:7d:03:f3:4d:
80:32:d6:93:90:11:d2:f0:8a:2c:1e:3d:4f:4d:88:
b7:28:26:15:db:ed:3c:1f:e2:bd:f0:84:14:7c:97:
21:97:31:30:bf:06:31:fd:65:98:8e:8a:ef:99:fd:
3c:23:89:35:5d:97:12:b8:0c:bc:14:45:c4:e1:14:
e1:f1:17:db:6e:12:44:ea:74:ef:c1:9a:1c:1a:2b:
2c:95:cd:e2:69:53:61:ff:b0:9f:f2:97:bb:40:4a:
e5:39:89:b9:e5:6c:a6:d7:7a:8e:35:0b:b7:98:a3:
84:37:10:d4:ec:a2:f0:f1:26:fd:24:95:c1:c8:38:
15:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:02:A9:06:89:16:95:88:76:A9:81:50:B1:E7:0D:F7:25:45:97:F5
X509v3 Authority Key Identifier:
keyid:84:8B:12:94:D2:76:9F:A3:7B:34:8A:CC:5D:AB:FC:B8:FE:6F:99:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hIsSlNJ2n6N7NIrMXav8uP5vmZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9a234c-6512-4447-823c-0db7259f20b8/1/hIsSlNJ2n6N7NIrMXav8uP5vmZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:74:8f:c5:d5:8f:9c:c1:dd:c4:4f:e1:45:55:db:33:bb:9c:
61:98:b1:d9:39:23:11:7b:c0:52:0e:aa:5a:b7:34:53:d4:2a:
83:33:f1:cb:84:c8:22:1a:fa:0c:b0:5e:77:d5:64:18:31:8c:
9e:2b:47:15:c9:ee:df:d5:09:57:a7:95:dd:c3:a5:73:da:36:
52:4d:f4:c8:13:8a:80:d3:f4:5a:22:b5:17:f8:e3:e4:9c:2b:
61:fb:23:bd:99:54:43:48:84:a2:d7:0d:39:a5:ee:02:44:c2:
2f:c3:7e:4f:77:77:f2:75:86:01:9b:2b:b5:b9:e5:3d:0a:c2:
6f:14:95:9f:3a:aa:9c:b1:db:e2:49:4b:73:c3:b5:7b:0d:78:
9b:94:6b:17:96:94:b5:42:d0:db:27:7f:3e:0f:a6:77:34:f7:
01:f3:55:50:52:89:4d:ab:ee:a2:db:af:d5:e6:e5:44:8b:91:
3e:04:cb:86:41:b5:82:cc:38:b2:7b:3d:53:90:3e:9f:f4:cf:
b5:18:29:d8:79:c9:d7:1f:86:a2:e9:73:d2:f3:9f:4f:62:7f:
e2:07:48:2a:39:bd:f3:22:88:5d:e1:61:ea:a9:1f:9e:98:23:
72:67:c0:63:b2:f0:4a:7e:9d:d2:6c:11:22:f0:ca:2e:82:f6:
08:fd:13:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6QWZjf8dnaUpteHBeVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OGIxMjk0ZDI3NjlmYTM3YjM0OGFjYzVkYWJmY2I4ZmU2
Zjk5OTgwHhcNMjUxMTExMTEwMTA5WhcNMjUxMTEyMTEwMTA5WjAzMTEwLwYDVQQD
EygxMzAyYTkwNjg5MTY5NTg4NzZhOTgxNTBiMWU3MGRmNzI1NDU5N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVrxNn7FYJ36Boe1bE+9dMUYlDWc
tQcyIWr3Ojd3nhik5kmk8KF9FS/n/bED3DtlukE6y3Ep80ojM5YlExe1xdjLJQYy
nmDMGsRbI7sU6ISuCdGbq6lMwn46GaU/Jk1eEg0UUQzZuMxTDJKZEBYP02PYXbVP
NvV25lWuPSJpdD8/w30D802AMtaTkBHS8IosHj1PTYi3KCYV2+08H+K98IQUfJch
lzEwvwYx/WWYjorvmf08I4k1XZcSuAy8FEXE4RTh8RfbbhJE6nTvwZocGisslc3i
aVNh/7Cf8pe7QErlOYm55Wym13qONQu3mKOENxDU7KLw8Sb9JJXByDgViwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMCqQaJFpWIdqmBULHnDfclRZf1MB8GA1UdIwQY
MBaAFISLEpTSdp+jezSKzF2r/Lj+b5mYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaElzU2xOSjJuNk43TklyTVhhdjh1UDV2bVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy85YTIzNGMtNjUxMi00NDQ3LTgyM2Mt
MGRiNzI1OWYyMGI4LzEvaElzU2xOSjJuNk43TklyTVhhdjh1UDV2bVpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy85YTIzNGMtNjUxMi00NDQ3LTgyM2MtMGRiNzI1OWYyMGI4
LzEvaElzU2xOSjJuNk43TklyTVhhdjh1UDV2bVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnSPxdWP
nMHdxE/hRVXbM7ucYZix2TkjEXvAUg6qWrc0U9QqgzPxy4TIIhr6DLBed9VkGDGM
nitHFcnu39UJV6eV3cOlc9o2Uk30yBOKgNP0WiK1F/jj5JwrYfsjvZlUQ0iEotcN
OaXuAkTCL8N+T3d38nWGAZsrtbnlPQrCbxSVnzqqnLHb4klLc8O1ew14m5RrF5aU
tULQ2yd/Pg+mdzT3AfNVUFKJTavuotuv1eblRIuRPgTLhkG1gsw4sns9U5A+n/TP
tRgp2HnJ1x+Goulz0vOfT2J/4gdIKjm98yKIXeFh6qkfnpgjcmfAY7LwSn6d0mwR
IvDKLoL2CP0TMg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:35 2025 by rpki-client