Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
File: iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft (raw, json)
Hash identifier: gqHZPX8OR5bOEYz7fZRp3O91MCG48pDMVAXUx0v3aDQ=
Subject key identifier: 7E:20:D8:6D:40:EA:60:0E:5F:9E:7E:DB:A9:3F:DC:7E:F6:94:46:53
Authority key identifier: 88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82
Certificate issuer: /CN=887fa37371d7d4593ba290ef45669ea0de293782
Certificate serial: 019A01B523449BA50D519E94B37180E52CA9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
Manifest number: 0807
Signing time: Mon 20 Oct 2025 13:00:39 +0000
Manifest this update: Mon 20 Oct 2025 13:00:39 +0000
Manifest next update: Tue 21 Oct 2025 13:00:39 +0000
Files and hashes: 1: XWaEMNo4oCmJKw7xuT_lUqU1a9o.roa (hash: vlh1Ps1w/BBZ8U+fD5oVlO0yHpfRUnw+NHa2xAJ40qE=)
2: iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl (hash: aE6LeA5GUEe6fPSya0LRv/6wkIDUeaJRS2gNwg1Q6vg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b5:23:44:9b:a5:0d:51:9e:94:b3:71:80:e5:2c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887fa37371d7d4593ba290ef45669ea0de293782
Validity
Not Before: Oct 20 13:00:39 2025 GMT
Not After : Oct 21 13:00:39 2025 GMT
Subject: CN=7e20d86d40ea600e5f9e7edba93fdc7ef6944653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8b:30:97:fd:00:7e:07:0f:2c:53:6f:9a:fc:
cf:8a:fc:6d:2a:85:7e:c0:4b:ff:04:89:e9:0b:f3:
51:ca:fd:82:3a:85:47:c5:99:de:af:f1:c0:54:ba:
ad:ce:7b:da:e3:b3:e2:48:e8:88:5f:b7:e1:08:81:
ba:63:dc:65:9a:7c:c2:4f:bd:59:d0:74:46:c0:db:
7d:6c:78:de:4a:d4:92:47:da:8d:7e:cb:b4:ee:63:
2e:84:7f:30:84:78:2a:2c:cd:ed:41:32:0e:70:2b:
08:0e:9c:69:27:c9:83:19:3a:08:04:fe:da:b4:6a:
06:9e:33:72:10:9e:63:17:26:3e:65:df:ff:71:e2:
4f:0c:bf:f0:8a:ed:a4:b6:a6:8a:b8:37:27:87:7f:
64:fe:bb:e6:cc:26:90:50:f3:8f:44:ff:7f:98:dc:
78:03:22:8a:08:5e:3a:d8:e8:fe:e0:33:25:9c:94:
81:c2:25:a1:02:28:b2:fb:4f:3d:30:af:d8:a7:3b:
26:d5:b5:b7:4c:eb:81:21:98:73:2d:a3:c6:59:3e:
a2:e9:5b:06:79:c1:19:d6:dd:a1:b1:2a:db:34:f9:
b6:0a:c6:74:54:cd:37:72:fc:d7:12:37:8e:5d:bd:
80:fb:1d:24:75:c6:d3:ba:bb:cb:fa:9f:56:cf:8e:
c5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:20:D8:6D:40:EA:60:0E:5F:9E:7E:DB:A9:3F:DC:7E:F6:94:46:53
X509v3 Authority Key Identifier:
keyid:88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:2e:e3:c0:97:ad:12:94:4c:a3:90:80:2c:87:a8:d7:2c:b7:
94:27:36:b4:35:0c:35:f4:98:4a:42:ec:55:cd:f9:3e:84:93:
25:92:8d:df:32:0c:62:ed:71:57:14:ed:05:27:b8:cc:7d:74:
0b:c4:56:f9:72:7e:fb:ad:0f:57:d6:05:41:82:86:16:2b:c3:
72:d5:20:28:d5:5a:98:62:30:4e:22:b8:70:32:f0:e4:f5:26:
56:8d:6d:35:27:a3:a0:86:8f:17:25:59:4a:e4:f4:33:c5:1e:
7e:f2:40:77:e5:c7:76:1c:1e:91:e7:78:4d:5c:0d:dd:5f:3d:
df:d7:95:6d:c6:39:fd:3c:18:c8:df:25:26:ba:60:5e:20:72:
3b:be:d6:38:70:02:47:0f:09:91:45:f2:7d:22:4f:26:eb:e1:
7b:36:b3:a9:c0:68:68:6d:70:0d:d7:49:aa:6b:cf:ff:80:80:
da:ef:bb:63:81:b6:64:e0:06:39:d8:82:f4:e8:ed:38:c2:5e:
e3:a6:e2:40:99:1a:e8:13:02:cb:0b:32:ce:9f:5c:e3:a2:02:
26:76:1a:ab:ac:76:40:a3:26:25:64:87:29:d1:54:05:8e:2b:
6f:41:a0:4e:56:b4:8f:30:03:d5:e0:d4:59:0b:5f:a4:4c:7f:
41:70:b0:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtSNEm6UNUZ6Us3GA5SypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2ZhMzczNzFkN2Q0NTkzYmEyOTBlZjQ1NjY5ZWEwZGUy
OTM3ODIwHhcNMjUxMDIwMTMwMDM5WhcNMjUxMDIxMTMwMDM5WjAzMTEwLwYDVQQD
Eyg3ZTIwZDg2ZDQwZWE2MDBlNWY5ZTdlZGJhOTNmZGM3ZWY2OTQ0NjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oswl/0AfgcPLFNvmvzPivxtKoV+
wEv/BInpC/NRyv2COoVHxZner/HAVLqtznva47PiSOiIX7fhCIG6Y9xlmnzCT71Z
0HRGwNt9bHjeStSSR9qNfsu07mMuhH8whHgqLM3tQTIOcCsIDpxpJ8mDGToIBP7a
tGoGnjNyEJ5jFyY+Zd//ceJPDL/wiu2ktqaKuDcnh39k/rvmzCaQUPOPRP9/mNx4
AyKKCF462Oj+4DMlnJSBwiWhAiiy+089MK/Ypzsm1bW3TOuBIZhzLaPGWT6i6VsG
ecEZ1t2hsSrbNPm2CsZ0VM03cvzXEjeOXb2A+x0kdcbTurvL+p9Wz47FawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4g2G1A6mAOX55+26k/3H72lEZTMB8GA1UdIwQY
MBaAFIh/o3Nx19RZO6KQ70VmnqDeKTeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDct
YTFlMjRhYWY2MTBmLzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDctYTFlMjRhYWY2MTBm
LzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy7jwJet
EpRMo5CALIeo1yy3lCc2tDUMNfSYSkLsVc35PoSTJZKN3zIMYu1xVxTtBSe4zH10
C8RW+XJ++60PV9YFQYKGFivDctUgKNVamGIwTiK4cDLw5PUmVo1tNSejoIaPFyVZ
SuT0M8UefvJAd+XHdhweked4TVwN3V8939eVbcY5/TwYyN8lJrpgXiByO77WOHAC
Rw8JkUXyfSJPJuvhezazqcBoaG1wDddJqmvP/4CA2u+7Y4G2ZOAGOdiC9OjtOMJe
46biQJka6BMCywsyzp9c46ICJnYaq6x2QKMmJWSHKdFUBY4rb0GgTla0jzAD1eDU
WQtfpEx/QXCwaA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:03:59 2025 by rpki-client