Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json)
Hash identifier: qPfwyyCC9hdgAMDV0zYJYsphyNfAaydDhp9k1H9iUEc=
Subject key identifier: 56:BD:85:25:45:2C:4A:9D:AC:67:83:67:32:52:11:66:7B:33:60:17
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 0199FB0EC22643ADBBE62D04BB9135C4B7AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
Manifest number: 0ACA
Signing time: Sun 19 Oct 2025 06:01:12 +0000
Manifest this update: Sun 19 Oct 2025 06:01:12 +0000
Manifest next update: Mon 20 Oct 2025 06:01:12 +0000
Files and hashes: 1: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (hash: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=)
2: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: FtNqv+kZ3uUPJ761pOW/WjWMuhUSxjQu9Ke5e7anOdE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:0e:c2:26:43:ad:bb:e6:2d:04:bb:91:35:c4:b7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Oct 19 06:01:12 2025 GMT
Not After : Oct 20 06:01:12 2025 GMT
Subject: CN=56bd8525452c4a9dac678367325211667b336017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9b:08:80:94:01:f6:ac:4a:0f:1a:c5:81:46:
2f:05:44:92:1f:c2:0f:7f:15:eb:99:b0:68:ea:fc:
f5:6e:c0:1d:be:ed:77:3a:a1:8f:3c:d1:1a:69:1b:
86:2e:fd:cf:5e:64:f0:8d:9f:0f:95:41:f3:75:0f:
90:d4:e5:d0:65:57:e4:b6:99:02:73:d0:ce:70:8b:
ca:cf:0b:aa:e7:92:24:aa:59:41:fa:c5:52:2c:19:
31:06:03:e7:91:2d:92:ff:3a:ec:58:2d:64:7f:bf:
73:9c:7b:16:e7:b6:f8:94:3d:51:d6:36:c3:b4:ac:
e3:48:b0:6a:ea:09:cc:bc:56:04:40:75:fb:e9:c7:
c4:5e:97:3e:ad:fa:72:79:13:a7:53:52:4d:3e:7a:
fd:d0:82:29:d3:60:7b:63:d5:5f:0f:20:22:00:84:
a1:8a:9b:30:e3:c9:06:29:08:b7:77:80:fd:17:2e:
a9:d3:32:49:49:9d:39:52:cd:4a:bd:f4:ce:1d:a6:
98:4a:66:8f:83:16:03:9e:aa:ba:c3:2f:c0:20:08:
df:f0:cc:58:74:21:8c:55:f7:4c:0f:6f:f6:d6:4c:
a9:00:35:8a:f6:86:85:d0:2b:56:b4:69:c0:9a:b4:
b7:72:12:26:a8:2d:c6:33:68:60:08:d5:3f:d3:ea:
e4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BD:85:25:45:2C:4A:9D:AC:67:83:67:32:52:11:66:7B:33:60:17
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:82:37:44:cb:c9:9e:8a:4f:44:9a:f4:2f:9f:33:06:62:4a:
ff:23:b9:09:41:30:8f:99:22:e2:01:46:5c:84:fc:07:ad:3a:
b3:4e:c1:35:07:33:cd:9f:75:3a:b7:34:d4:db:8f:0d:b4:97:
c7:44:99:da:60:9a:c5:3c:f4:aa:10:06:e3:24:d1:1a:7c:17:
82:99:bb:ed:7c:05:c3:33:05:2e:b0:ed:92:33:53:61:1d:bc:
55:6e:55:f9:71:68:6f:62:1e:91:d5:7a:68:a4:23:65:d1:0e:
65:4f:78:c3:a6:0e:4e:1c:62:5b:db:e1:2f:3d:36:50:a9:69:
62:4f:d9:ff:d6:05:cc:3f:ef:5f:a9:6c:14:a4:c5:24:7a:14:
94:78:56:6d:48:6e:bf:fe:b0:3c:f2:43:c4:08:c3:2e:74:56:
7e:59:1e:14:b9:9d:85:28:29:79:ae:53:83:c7:b8:25:5c:63:
70:11:1d:a1:57:8a:22:0a:b8:92:e1:1c:73:99:1f:60:59:65:
44:88:cf:92:5b:71:83:04:e1:1f:b2:40:8f:82:d1:d5:4f:99:
4b:58:4a:f7:6c:c6:d3:a4:05:07:3e:3b:10:8e:41:f7:45:ed:
7f:51:20:7a:b4:3d:28:30:62:3f:d0:13:8f:1d:c4:c8:bd:aa:
68:9d:fd:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DsImQ6275i0Eu5E1xLeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjUxMDE5MDYwMTEyWhcNMjUxMDIwMDYwMTEyWjAzMTEwLwYDVQQD
Eyg1NmJkODUyNTQ1MmM0YTlkYWM2NzgzNjczMjUyMTE2NjdiMzM2MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpsIgJQB9qxKDxrFgUYvBUSSH8IP
fxXrmbBo6vz1bsAdvu13OqGPPNEaaRuGLv3PXmTwjZ8PlUHzdQ+Q1OXQZVfktpkC
c9DOcIvKzwuq55IkqllB+sVSLBkxBgPnkS2S/zrsWC1kf79znHsW57b4lD1R1jbD
tKzjSLBq6gnMvFYEQHX76cfEXpc+rfpyeROnU1JNPnr90IIp02B7Y9VfDyAiAISh
ipsw48kGKQi3d4D9Fy6p0zJJSZ05Us1KvfTOHaaYSmaPgxYDnqq6wy/AIAjf8MxY
dCGMVfdMD2/21kypADWK9oaF0CtWtGnAmrS3chImqC3GM2hgCNU/0+rkawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFa9hSVFLEqdrGeDZzJSEWZ7M2AXMB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMII3RMvJ
nopPRJr0L58zBmJK/yO5CUEwj5ki4gFGXIT8B606s07BNQczzZ91Orc01NuPDbSX
x0SZ2mCaxTz0qhAG4yTRGnwXgpm77XwFwzMFLrDtkjNTYR28VW5V+XFob2IekdV6
aKQjZdEOZU94w6YOThxiW9vhLz02UKlpYk/Z/9YFzD/vX6lsFKTFJHoUlHhWbUhu
v/6wPPJDxAjDLnRWflkeFLmdhSgpea5Tg8e4JVxjcBEdoVeKIgq4kuEcc5kfYFll
RIjPkltxgwThH7JAj4LR1U+ZS1hK92zG06QFBz47EI5B90Xtf1EgerQ9KDBiP9AT
jx3EyL2qaJ39ew==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:34:30 2025 by rpki-client