Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
File: hWhAcEemLmSDAMUYKik1P_WOsF8.mft (raw, json)
Hash identifier: kMoCTKcrBwGKEhGyOuik5QanLpTaMRkV0tU/0jkV7cA=
Subject key identifier: A6:68:71:C7:7B:2F:B4:D9:F7:05:AB:D3:28:85:10:06:84:EC:3C:CF
Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f
Certificate serial: 0199FAD856080415CF0278CCF32AFF3A8491
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
Manifest number: 0432
Signing time: Sun 19 Oct 2025 05:01:45 +0000
Manifest this update: Sun 19 Oct 2025 05:01:45 +0000
Manifest next update: Mon 20 Oct 2025 05:01:45 +0000
Files and hashes: 1: 0nvhqw7aFiUkSIOiOEerDMnQ_ZQ.roa (hash: HMe62SGaPYEENwRxXbOtER7G/ZP8W5TpI/QjfFDw0sg=)
2: hWhAcEemLmSDAMUYKik1P_WOsF8.crl (hash: ceEO0yiJe++RVryFr3oVAt3Yg4YSoY2YU/J5VVzMgjk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:d8:56:08:04:15:cf:02:78:cc:f3:2a:ff:3a:84:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f
Validity
Not Before: Oct 19 05:01:45 2025 GMT
Not After : Oct 20 05:01:45 2025 GMT
Subject: CN=a66871c77b2fb4d9f705abd32885100684ec3ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:2c:d3:db:78:f5:e7:88:e2:5d:36:09:7d:
36:af:1f:1d:3b:86:7d:3e:30:dc:62:6d:5a:2a:ce:
a6:1a:d0:fd:c2:ae:bf:ac:bb:fa:28:8e:44:c8:b3:
9b:a9:d9:ec:69:41:1d:f6:e4:a3:46:97:f4:0d:c1:
a2:6c:b2:75:cb:00:f5:55:9a:c3:f9:cc:6c:20:65:
a1:b1:0e:c2:41:4b:2e:73:7b:54:67:1e:18:3a:f3:
05:b6:e0:7f:fa:df:f3:45:00:fa:5a:91:61:22:60:
55:b9:61:e0:4f:39:42:61:5f:d5:a8:6a:e2:5a:ef:
e2:aa:ae:39:7f:2b:d6:4b:a5:ef:a0:19:6c:70:d8:
16:d9:61:4d:35:a8:29:e0:c2:28:3e:eb:5c:f9:f1:
11:f3:6d:af:db:8f:0f:24:fd:4f:fb:d0:87:2b:95:
96:73:58:5e:dc:1b:3e:cc:48:a8:cf:ad:e8:b5:13:
75:68:9a:21:85:ea:db:b7:66:00:dc:d5:06:82:c4:
10:5f:80:88:b8:9d:13:dc:ca:65:52:8f:5f:90:c4:
e5:e8:5f:e6:58:cb:9e:bb:90:73:51:63:f9:61:0c:
ad:74:11:44:01:21:c3:8d:e6:6f:46:c3:b5:4e:2e:
f4:84:87:97:d6:bb:18:4a:83:b7:4a:91:60:6f:62:
66:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:68:71:C7:7B:2F:B4:D9:F7:05:AB:D3:28:85:10:06:84:EC:3C:CF
X509v3 Authority Key Identifier:
keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:69:e4:92:35:15:c6:c4:a2:4a:d6:ab:cc:84:dd:7b:6d:ba:
85:f6:68:45:93:82:ae:ed:96:bc:ec:8e:12:80:ad:60:3f:ea:
f0:44:d6:a0:b5:2b:d8:8a:13:71:78:1f:4a:61:c7:35:24:84:
af:68:0c:50:0c:d1:f4:68:ae:47:53:ba:36:00:91:ba:3f:54:
29:9f:2a:1f:e1:ba:97:6a:3d:70:09:b3:b0:32:e3:da:a5:de:
60:ef:d5:d2:00:62:73:08:39:ec:58:8a:8f:40:3d:99:79:b0:
d6:81:2f:66:06:b4:21:4c:55:1c:f2:99:eb:55:9a:0c:d8:5b:
9d:a9:83:05:48:cb:07:c6:bd:f9:32:cc:f2:5b:f9:48:ac:06:
0b:b8:2a:0d:13:0e:26:b2:e6:4a:8a:46:e3:98:03:90:d7:47:
a5:75:d9:95:3a:da:d5:c5:c8:24:c7:44:7b:6b:88:88:7e:0b:
af:86:6b:0b:e2:20:45:ed:ba:0b:00:10:00:e7:39:f9:12:60:
96:9e:6e:7a:77:fe:e9:1f:e2:47:8f:74:4f:6f:c3:11:31:f6:
ec:c6:5f:51:cb:40:5b:f4:72:e8:09:6d:7b:73:65:67:4d:be:
45:4f:66:b6:c7:0b:52:9a:4d:fa:7d:81:22:97:e4:86:8c:33:
07:9f:5e:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62FYIBBXPAnjM8yr/OoSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4
ZWIwNWYwHhcNMjUxMDE5MDUwMTQ1WhcNMjUxMDIwMDUwMTQ1WjAzMTEwLwYDVQQD
EyhhNjY4NzFjNzdiMmZiNGQ5ZjcwNWFiZDMyODg1MTAwNjg0ZWMzY2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjcs09t49eeI4l02CX02rx8dO4Z9
PjDcYm1aKs6mGtD9wq6/rLv6KI5EyLObqdnsaUEd9uSjRpf0DcGibLJ1ywD1VZrD
+cxsIGWhsQ7CQUsuc3tUZx4YOvMFtuB/+t/zRQD6WpFhImBVuWHgTzlCYV/VqGri
Wu/iqq45fyvWS6XvoBlscNgW2WFNNagp4MIoPutc+fER822v248PJP1P+9CHK5WW
c1he3Bs+zEioz63otRN1aJohherbt2YA3NUGgsQQX4CIuJ0T3MplUo9fkMTl6F/m
WMueu5BzUWP5YQytdBFEASHDjeZvRsO1Ti70hIeX1rsYSoO3SpFgb2JmbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZoccd7L7TZ9wWr0yiFEAaE7DzPMB8GA1UdIwQY
MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt
ZWQzZTk4YzY1NmUxLzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx
LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASGnkkjUV
xsSiStarzITde226hfZoRZOCru2WvOyOEoCtYD/q8ETWoLUr2IoTcXgfSmHHNSSE
r2gMUAzR9GiuR1O6NgCRuj9UKZ8qH+G6l2o9cAmzsDLj2qXeYO/V0gBicwg57FiK
j0A9mXmw1oEvZga0IUxVHPKZ61WaDNhbnamDBUjLB8a9+TLM8lv5SKwGC7gqDRMO
JrLmSopG45gDkNdHpXXZlTra1cXIJMdEe2uIiH4Lr4ZrC+IgRe26CwAQAOc5+RJg
lp5uenf+6R/iR490T2/DETH27MZfUctAW/Ry6Alte3NlZ02+RU9mtscLUppN+n2B
IpfkhowzB59ecg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:29 2025 by rpki-client