Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: VV1RP5Fz8sKUBdbhH9jnK/2D1yMCtjgJx660Co/y/HM=
Subject key identifier: 2C:E7:8A:E1:9B:1E:C6:01:E5:AA:88:AB:F1:28:E1:AD:42:83:37:D5
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 0199FD347A82AB7A561A2AFC38CB54EE53D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 04AE
Signing time: Sun 19 Oct 2025 16:01:38 +0000
Manifest this update: Sun 19 Oct 2025 16:01:38 +0000
Manifest next update: Mon 20 Oct 2025 16:01:38 +0000
Files and hashes: 1: Q_kLSJOWLJDEhyzkodJRQWJEfMU.roa (hash: 2p8AahImaC704aSN2Sau8pFCrbFVUG9Dz60aJg9x1m8=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: 2XKrqO3ILRyPYULrUC7dkBPS8pk5HrrKw7cYvDhSFP8=)
3: hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa (hash: GoC7lm4BXzEaLJBGVeCTSYenfrijER5VgtT8WvoxW4g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:7a:82:ab:7a:56:1a:2a:fc:38:cb:54:ee:53:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Oct 19 16:01:38 2025 GMT
Not After : Oct 20 16:01:38 2025 GMT
Subject: CN=2ce78ae19b1ec601e5aa88abf128e1ad428337d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:bf:b0:e2:90:50:ca:74:a6:55:1a:52:1d:
d0:ac:18:08:27:4b:eb:c2:15:84:36:5e:ee:a8:3c:
e6:00:3a:c5:26:ac:de:9b:20:9c:fd:49:5a:be:1e:
d6:f0:b1:3e:a6:19:4a:43:13:7f:4d:8f:0c:93:8a:
82:f0:00:06:0f:13:69:55:a5:42:42:8b:b2:04:84:
f6:26:75:f5:05:2f:be:0c:c4:53:0c:5c:05:0f:fd:
8b:0c:e6:5d:5a:35:f8:f3:29:5f:54:a3:43:a0:01:
34:09:7e:3a:74:46:9d:73:2f:94:ed:f3:04:1f:be:
a9:8d:b2:7d:5f:87:06:8f:e6:45:ab:6a:98:ef:25:
d4:80:66:c5:2f:84:0e:5c:42:42:d0:36:cd:0c:16:
b7:ac:c4:a4:e7:39:c0:1c:40:a2:ec:2e:05:92:25:
37:05:bf:8b:a4:60:5f:75:04:c9:da:78:70:b3:66:
ce:4b:82:e7:be:c9:b8:df:e1:03:8b:ca:eb:7e:82:
e2:fa:0c:15:a5:90:9a:f0:23:7c:ac:62:a1:14:3a:
33:ef:c7:92:66:45:bf:61:c3:b3:15:c8:42:e4:3c:
cc:1c:11:ea:1b:56:e4:bd:5e:2a:24:cd:3a:be:08:
61:56:9f:77:49:cd:1e:b6:e0:9d:7d:33:e7:19:fe:
0f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E7:8A:E1:9B:1E:C6:01:E5:AA:88:AB:F1:28:E1:AD:42:83:37:D5
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:ad:e3:fa:8f:63:3e:f4:26:94:42:11:ba:84:5d:73:5f:03:
00:d0:26:96:0d:15:7d:99:cc:1b:88:64:7b:e2:ec:17:3f:67:
f2:23:c8:b2:87:db:30:39:1a:19:e9:82:49:c3:eb:92:c2:16:
4b:90:1f:c3:eb:fd:21:ab:52:22:73:e8:c5:b3:09:d2:ee:7d:
ae:e7:08:a1:5f:0f:d5:65:b5:ba:17:7f:0e:13:50:39:15:5e:
c2:f9:fe:81:46:94:fb:4b:7e:a8:37:1a:6b:6a:d4:b9:e0:90:
9f:7f:98:cc:97:c2:a2:1d:ae:0a:6b:f1:bc:c8:5e:bb:63:46:
07:59:a1:f6:13:99:3a:6a:04:48:14:86:bc:99:c5:de:ab:dc:
f8:6e:bb:ac:d6:43:6e:58:18:a7:36:0e:d8:ee:c7:4b:4b:ec:
cc:17:b9:29:95:71:1f:0e:25:35:21:05:70:49:3c:22:aa:1c:
c1:a0:17:f8:c4:05:b5:d8:ee:75:50:b2:ea:2b:13:10:4e:1b:
d1:ff:8b:da:05:51:2c:0e:43:7c:7c:29:f8:f0:b6:cb:7b:d3:
c3:a0:da:70:08:3e:e2:7d:2e:5b:9e:86:cd:d2:ee:a7:b5:16:
29:aa:ca:d8:b3:23:ee:7d:a7:5a:61:1a:d5:52:20:05:80:57:
7e:ec:c0:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NHqCq3pWGir8OMtU7lPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjUxMDE5MTYwMTM4WhcNMjUxMDIwMTYwMTM4WjAzMTEwLwYDVQQD
EygyY2U3OGFlMTliMWVjNjAxZTVhYTg4YWJmMTI4ZTFhZDQyODMzN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxG/sOKQUMp0plUaUh3QrBgIJ0vr
whWENl7uqDzmADrFJqzemyCc/Ulavh7W8LE+phlKQxN/TY8Mk4qC8AAGDxNpVaVC
QouyBIT2JnX1BS++DMRTDFwFD/2LDOZdWjX48ylfVKNDoAE0CX46dEadcy+U7fME
H76pjbJ9X4cGj+ZFq2qY7yXUgGbFL4QOXEJC0DbNDBa3rMSk5znAHECi7C4FkiU3
Bb+LpGBfdQTJ2nhws2bOS4Lnvsm43+EDi8rrfoLi+gwVpZCa8CN8rGKhFDoz78eS
ZkW/YcOzFchC5DzMHBHqG1bkvV4qJM06vghhVp93Sc0etuCdfTPnGf4PwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzniuGbHsYB5aqIq/Eo4a1CgzfVMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGK3j+o9j
PvQmlEIRuoRdc18DANAmlg0VfZnMG4hke+LsFz9n8iPIsofbMDkaGemCScPrksIW
S5Afw+v9IatSInPoxbMJ0u59rucIoV8P1WW1uhd/DhNQORVewvn+gUaU+0t+qDca
a2rUueCQn3+YzJfCoh2uCmvxvMheu2NGB1mh9hOZOmoESBSGvJnF3qvc+G67rNZD
blgYpzYO2O7HS0vszBe5KZVxHw4lNSEFcEk8IqocwaAX+MQFtdjudVCy6isTEE4b
0f+L2gVRLA5DfHwp+PC2y3vTw6DacAg+4n0uW56GzdLup7UWKarK2LMj7n2nWmEa
1VIgBYBXfuzAcw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:01:53 2025 by rpki-client