Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: eT6pntHPR89/ToCsXG06dmg0rySkPeFXWAlKrmkqVzk=
Subject key identifier: 65:35:9A:40:32:6A:60:30:AA:6E:6D:A4:04:39:37:69:5F:FC:B5:80
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 0199FCC6C4C436512DD8981146AA2738BB66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0B87
Signing time: Sun 19 Oct 2025 14:01:48 +0000
Manifest this update: Sun 19 Oct 2025 14:01:48 +0000
Manifest next update: Mon 20 Oct 2025 14:01:48 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: 3b6+4bcFySXfXfvlYHt6vvd4DnEg5t4nY3X67FE4nA8=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:c4:c4:36:51:2d:d8:98:11:46:aa:27:38:bb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Oct 19 14:01:48 2025 GMT
Not After : Oct 20 14:01:48 2025 GMT
Subject: CN=65359a40326a6030aa6e6da4043937695ffcb580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:19:3c:12:8d:04:17:64:f7:76:48:61:ea:2b:
fd:61:ef:4b:a7:64:63:ea:12:f4:55:37:92:30:8c:
5f:77:15:fa:64:27:31:a9:41:66:ba:eb:17:e0:34:
bd:fa:f7:ce:2c:ed:ad:a8:2e:d0:13:92:6c:65:6e:
8a:96:e0:66:5d:a3:73:40:f4:ac:4e:cc:7a:63:00:
e3:a1:38:df:c4:8b:69:dc:e9:0d:30:6e:9c:5e:70:
43:3d:41:95:df:a3:b7:8f:40:b6:50:73:42:64:93:
99:75:34:5b:89:b1:bf:99:23:2d:1d:5b:96:98:75:
c6:ed:d1:27:77:26:21:54:55:6e:5e:95:6a:cc:7b:
3e:e4:a5:09:9b:a7:aa:de:28:6c:c1:22:82:a9:df:
0c:ad:ea:7a:09:d3:b6:00:1d:25:1c:76:d0:e3:70:
fb:4f:8a:bf:10:2b:b5:85:ed:c7:37:04:b4:8c:09:
3a:da:e0:e0:b2:fa:a6:76:fd:56:ea:a0:b2:78:ab:
d1:70:7d:63:d6:60:43:17:a3:3a:5b:cf:01:02:a1:
07:6e:06:9b:f4:c2:f0:29:4f:50:1a:37:d7:60:ff:
46:fb:8c:a8:06:6f:25:ce:f9:3a:00:32:83:dd:3b:
cf:6b:4e:80:4f:39:c3:29:48:83:5b:19:c4:4c:4b:
36:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:35:9A:40:32:6A:60:30:AA:6E:6D:A4:04:39:37:69:5F:FC:B5:80
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:23:5f:24:b9:b8:cb:a6:07:f2:62:42:98:a5:20:c2:1f:9e:
b0:1f:36:87:8e:bc:89:7c:40:4e:ae:a4:69:3c:4d:0e:c3:fa:
15:1f:f6:54:ab:89:99:81:35:fd:3a:27:37:b3:db:90:b9:a5:
05:7b:d1:8d:ec:d1:03:0d:ad:df:c3:e5:ce:f0:b9:b6:38:9d:
6b:0f:0e:8e:df:00:46:9d:2f:f2:72:e1:e3:39:b5:f9:ee:00:
5b:cf:c6:ff:30:87:89:13:a1:4e:6b:7d:89:ee:dd:05:25:23:
a3:84:30:a4:25:45:3e:7a:67:83:fe:21:e6:ee:85:ee:ba:12:
d6:94:20:d3:ac:2a:94:0f:59:db:e6:cf:7c:86:21:74:0d:c4:
5f:9e:9c:d2:3e:d0:a4:9b:79:6d:93:46:7d:09:05:33:37:d1:
d9:a4:cb:59:3b:e6:e7:87:b9:2e:39:3e:4a:d4:19:71:12:dd:
0b:47:f7:97:47:a1:c1:31:6e:53:20:19:fe:14:bc:0a:18:05:
0a:4e:fa:e1:ac:9f:94:b7:53:51:6d:7d:dd:b7:ff:38:b2:da:
33:4e:b8:24:5f:c4:f3:25:bd:74:10:a3:7e:33:50:02:c2:a6:
64:83:c8:6a:c5:fb:65:69:2b:c8:17:ac:af:b3:dd:c1:1f:60:
dd:52:f6:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xsTENlEt2JgRRqonOLtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUxMDE5MTQwMTQ4WhcNMjUxMDIwMTQwMTQ4WjAzMTEwLwYDVQQD
Eyg2NTM1OWE0MDMyNmE2MDMwYWE2ZTZkYTQwNDM5Mzc2OTVmZmNiNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhk8Eo0EF2T3dkhh6iv9Ye9Lp2Rj
6hL0VTeSMIxfdxX6ZCcxqUFmuusX4DS9+vfOLO2tqC7QE5JsZW6KluBmXaNzQPSs
Tsx6YwDjoTjfxItp3OkNMG6cXnBDPUGV36O3j0C2UHNCZJOZdTRbibG/mSMtHVuW
mHXG7dEndyYhVFVuXpVqzHs+5KUJm6eq3ihswSKCqd8Mrep6CdO2AB0lHHbQ43D7
T4q/ECu1he3HNwS0jAk62uDgsvqmdv1W6qCyeKvRcH1j1mBDF6M6W88BAqEHbgab
9MLwKU9QGjfXYP9G+4yoBm8lzvk6ADKD3TvPa06ATznDKUiDWxnETEs2pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGU1mkAyamAwqm5tpAQ5N2lf/LWAMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyNfJLm4
y6YH8mJCmKUgwh+esB82h468iXxATq6kaTxNDsP6FR/2VKuJmYE1/TonN7PbkLml
BXvRjezRAw2t38PlzvC5tjidaw8Ojt8ARp0v8nLh4zm1+e4AW8/G/zCHiROhTmt9
ie7dBSUjo4QwpCVFPnpng/4h5u6F7roS1pQg06wqlA9Z2+bPfIYhdA3EX56c0j7Q
pJt5bZNGfQkFMzfR2aTLWTvm54e5Ljk+StQZcRLdC0f3l0ehwTFuUyAZ/hS8ChgF
Ck764ayflLdTUW193bf/OLLaM064JF/E8yW9dBCjfjNQAsKmZIPIasX7ZWkryBes
r7PdwR9g3VL2dg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:52:41 2025 by rpki-client