
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File: h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier: EmPIdbkh1/CbVCvC6vPt8dyyGUdOYZ4dDmZdTInpASk=
Subject key identifier: 42:52:F7:33:A3:81:79:03:96:05:B9:22:6B:19:25:B8:90:AD:A3:7D
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer: /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial: 0199FBEBA605FA4F027CA66FD17395316CFA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number: 0FA3
Signing time: Sun 19 Oct 2025 10:02:28 +0000
Manifest this update: Sun 19 Oct 2025 10:02:28 +0000
Manifest next update: Mon 20 Oct 2025 10:02:28 +0000
Files and hashes: 1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: nQoRmdJRbKPphuSOVnGeZ53zbj7YFTP2H0p1V7mFKVI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:a6:05:fa:4f:02:7c:a6:6f:d1:73:95:31:6c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Validity
Not Before: Oct 19 10:02:28 2025 GMT
Not After : Oct 20 10:02:28 2025 GMT
Subject: CN=4252f733a38179039605b9226b1925b890ada37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:49:4a:bc:bc:89:b2:28:c5:92:24:d4:7d:7b:
a9:2d:64:65:3d:3c:70:3e:2d:b1:06:bf:1b:c8:f9:
cf:48:e8:79:46:e9:c3:48:cb:41:c1:b0:58:b8:00:
b0:c3:0e:50:93:cf:e2:6c:e8:fe:69:71:f4:1a:41:
56:0a:f3:4c:0b:7a:5c:6c:81:2c:ee:cd:9f:19:ce:
8b:ed:04:20:25:c1:7a:df:60:14:06:a1:57:18:04:
92:75:6e:b7:cd:bc:31:a3:bd:35:58:13:76:6a:07:
1c:2b:09:dc:df:05:13:00:71:1d:6b:c5:1c:a4:e8:
51:91:89:21:be:f6:15:bd:54:83:c1:cf:31:3c:cf:
b6:47:48:4d:3b:2c:1b:8f:1b:38:f9:f6:4f:07:0b:
45:b0:f8:93:12:31:2a:57:81:4b:af:46:3a:50:f6:
d0:d6:ed:a0:14:3c:45:33:43:5d:70:b8:16:52:b0:
c0:0c:75:9e:3c:72:c2:ea:6d:43:b3:f1:55:e6:00:
8a:e1:65:d1:e8:b3:db:b9:64:84:0b:6a:d1:1b:58:
93:df:7e:a3:57:b8:fa:1b:18:81:9a:c9:89:fd:26:
5c:dc:65:3b:f0:e7:1f:7f:3d:2c:fd:56:9b:63:a0:
d5:14:8e:aa:93:db:95:ee:08:4a:bb:ad:b8:ad:d9:
0f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:52:F7:33:A3:81:79:03:96:05:B9:22:6B:19:25:B8:90:AD:A3:7D
X509v3 Authority Key Identifier:
keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:03:e8:a8:0e:f6:8d:72:53:1a:13:e9:aa:4d:43:b0:32:90:
d3:5b:9b:7a:a6:84:70:a2:9e:99:28:3d:ac:39:61:e8:47:2b:
20:95:3f:c0:f1:7c:23:21:73:92:2e:e1:55:85:6f:86:52:5d:
0e:04:46:52:5b:d8:53:ad:7a:79:09:d8:98:e5:2a:a1:77:50:
54:ab:02:98:1d:bd:e8:0d:19:65:aa:71:9e:8b:50:4e:9e:92:
85:ea:2e:27:b1:17:66:11:bb:55:e2:4a:9e:0c:cd:c3:4c:b9:
f9:89:b5:9f:d8:69:03:6e:31:22:b8:27:b6:3b:ee:e0:96:ca:
b2:8f:0a:63:9a:37:d1:b4:4b:2f:67:ef:34:dd:0c:82:48:c6:
f0:b8:e4:e3:18:a2:00:ac:48:2c:73:c4:d4:ed:99:8a:92:04:
04:e7:63:1f:2f:40:cf:f1:22:73:86:a9:53:82:6f:13:ae:f6:
ba:72:3a:89:b1:e9:c1:54:f7:e3:c2:78:98:a4:6d:8a:bd:17:
cb:a8:02:c6:7a:00:22:c0:dc:19:32:2d:31:98:8f:b2:32:e4:
53:d5:cb:c6:d1:e4:38:0e:62:dd:8d:10:97:d6:11:ed:c8:d6:
d9:2e:46:fb:de:e0:5f:4a:5b:48:d7:0b:97:05:60:b9:68:4f:
d1:8e:92:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766YF+k8CfKZv0XOVMWz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjUxMDE5MTAwMjI4WhcNMjUxMDIwMTAwMjI4WjAzMTEwLwYDVQQD
Eyg0MjUyZjczM2EzODE3OTAzOTYwNWI5MjI2YjE5MjViODkwYWRhMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqklKvLyJsijFkiTUfXupLWRlPTxw
Pi2xBr8byPnPSOh5RunDSMtBwbBYuACwww5Qk8/ibOj+aXH0GkFWCvNMC3pcbIEs
7s2fGc6L7QQgJcF632AUBqFXGASSdW63zbwxo701WBN2agccKwnc3wUTAHEda8Uc
pOhRkYkhvvYVvVSDwc8xPM+2R0hNOywbjxs4+fZPBwtFsPiTEjEqV4FLr0Y6UPbQ
1u2gFDxFM0NdcLgWUrDADHWePHLC6m1Ds/FV5gCK4WXR6LPbuWSEC2rRG1iT336j
V7j6GxiBmsmJ/SZc3GU78Ocffz0s/VabY6DVFI6qk9uV7ghKu624rdkP8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJS9zOjgXkDlgW5ImsZJbiQraN9MB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQPoqA72
jXJTGhPpqk1DsDKQ01ubeqaEcKKemSg9rDlh6EcrIJU/wPF8IyFzki7hVYVvhlJd
DgRGUlvYU616eQnYmOUqoXdQVKsCmB296A0ZZapxnotQTp6SheouJ7EXZhG7VeJK
ngzNw0y5+Ym1n9hpA24xIrgntjvu4JbKso8KY5o30bRLL2fvNN0MgkjG8Ljk4xii
AKxILHPE1O2ZipIEBOdjHy9Az/Eic4apU4JvE672unI6ibHpwVT348J4mKRtir0X
y6gCxnoAIsDcGTItMZiPsjLkU9XLxtHkOA5i3Y0Ql9YR7cjW2S5G+97gX0pbSNcL
lwVguWhP0Y6S1g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:26 2025 by rpki-client