Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
File: hWyvHy8CkUARBe9osllX3FVVENI.mft (raw, json)
Hash identifier: cyP99BtXqLcs5u1EBR6CzwZzxrQ2WcNoQkBJfstUWwY=
Subject key identifier: BC:07:41:3C:F0:D9:63:FA:E6:5C:51:5F:C7:02:2F:CE:5D:93:7B:7D
Authority key identifier: 85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
Certificate issuer: /CN=856caf1f2f0291401105ef68b25957dc555510d2
Certificate serial: 0199FFC7A109D1C9757A5839F30DA69EBEBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
Manifest number: 124F
Signing time: Mon 20 Oct 2025 04:01:36 +0000
Manifest this update: Mon 20 Oct 2025 04:01:36 +0000
Manifest next update: Tue 21 Oct 2025 04:01:36 +0000
Files and hashes: 1: GpIZ4jE-9ieq_ECexQxa_m3ORPw.roa (hash: IjDJZYXavRzEltys5gXrAE3D7K9MgVcCUjh6DyqqaSM=)
2: hWyvHy8CkUARBe9osllX3FVVENI.crl (hash: HEHGnv5crikjgeaJrMYTXHlfRy8gYQbWbLOqfvkHyng=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:a1:09:d1:c9:75:7a:58:39:f3:0d:a6:9e:be:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856caf1f2f0291401105ef68b25957dc555510d2
Validity
Not Before: Oct 20 04:01:36 2025 GMT
Not After : Oct 21 04:01:36 2025 GMT
Subject: CN=bc07413cf0d963fae65c515fc7022fce5d937b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:30:b7:ee:11:e9:cf:e2:6d:71:3c:56:84:
94:b2:53:63:fa:b7:d1:bd:0f:39:8b:f3:09:a3:74:
73:7d:7d:0d:1c:b8:7b:2b:63:49:b9:79:1d:e7:14:
a8:58:e6:a0:8d:d6:24:64:9c:67:c4:1e:3f:d4:a8:
25:d6:cc:ca:a5:68:0d:22:70:cf:87:d4:30:75:44:
49:d4:ff:44:21:d1:01:15:2a:11:ae:0e:ad:80:fd:
6c:1c:7d:e6:2f:50:2b:d3:12:1e:7c:cd:15:e5:09:
de:4a:fd:5f:34:91:3e:86:fd:ed:42:67:46:80:11:
d2:2e:b3:a6:67:a3:79:9c:bb:ec:37:46:ef:74:ae:
d4:09:4c:60:96:6c:72:af:f4:f3:c6:41:70:e8:a0:
99:1a:4e:13:1c:8d:85:19:28:ff:2b:bc:eb:8b:5d:
3d:4e:39:d0:90:75:84:f1:d1:59:1c:e0:e2:da:7c:
b0:77:69:ef:89:03:b8:fc:1d:7c:80:9a:55:44:10:
67:f1:c4:5b:79:d9:52:c7:73:cf:be:fc:e7:59:12:
15:15:c9:42:49:dc:44:44:35:93:41:c7:39:c9:6a:
9e:ee:2d:99:cc:c9:e5:8c:7f:38:a6:b0:02:a9:a9:
55:ba:3d:b2:3e:f6:04:af:21:4d:69:0a:e4:b7:73:
1f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:07:41:3C:F0:D9:63:FA:E6:5C:51:5F:C7:02:2F:CE:5D:93:7B:7D
X509v3 Authority Key Identifier:
keyid:85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:53:fb:1a:d8:a3:7a:1e:b6:7e:f2:a1:52:58:47:41:e0:4d:
34:a3:19:6d:3e:67:59:e0:dc:1e:fa:f4:c4:1e:e6:03:62:3a:
45:c0:35:c5:0f:01:45:e2:46:b8:72:13:7f:bd:79:9f:6d:6d:
1c:1d:a7:ab:53:04:c8:cc:88:94:8e:e7:69:8a:f2:75:01:b4:
b3:eb:38:25:e3:19:e5:94:02:86:d1:60:93:1b:9f:9d:e3:39:
21:a6:da:51:53:60:e0:85:23:f4:fa:c8:07:57:20:6e:89:16:
84:42:df:4c:52:27:ee:d8:79:ba:3a:7f:b2:d9:a6:c8:99:1c:
41:e8:de:12:d3:03:ca:6a:0a:1b:5f:1f:ec:c5:00:b7:10:ec:
ad:1b:42:68:04:0c:da:55:5f:e0:c5:c3:33:10:93:9e:c3:2b:
06:86:f9:25:3a:23:e5:bc:fb:1f:ad:27:64:08:3f:6e:a0:5a:
fd:99:5f:51:e5:dd:48:3e:20:cb:81:53:12:00:8e:27:e0:87:
3f:b2:98:0e:61:db:f7:9a:01:7e:09:dd:cf:ef:e7:f7:aa:9f:
a4:c3:dc:2d:14:55:de:e8:63:aa:82:bf:2d:9e:25:2f:d1:b0:
48:ea:cd:14:15:e7:36:6a:af:da:f1:08:6c:f9:7e:81:4a:84:
64:87:3f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x6EJ0cl1elg58w2mnr66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmNhZjFmMmYwMjkxNDAxMTA1ZWY2OGIyNTk1N2RjNTU1
NTEwZDIwHhcNMjUxMDIwMDQwMTM2WhcNMjUxMDIxMDQwMTM2WjAzMTEwLwYDVQQD
EyhiYzA3NDEzY2YwZDk2M2ZhZTY1YzUxNWZjNzAyMmZjZTVkOTM3YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT8wt+4R6c/ibXE8VoSUslNj+rfR
vQ85i/MJo3RzfX0NHLh7K2NJuXkd5xSoWOagjdYkZJxnxB4/1Kgl1szKpWgNInDP
h9QwdURJ1P9EIdEBFSoRrg6tgP1sHH3mL1Ar0xIefM0V5QneSv1fNJE+hv3tQmdG
gBHSLrOmZ6N5nLvsN0bvdK7UCUxglmxyr/TzxkFw6KCZGk4THI2FGSj/K7zri109
TjnQkHWE8dFZHODi2nywd2nviQO4/B18gJpVRBBn8cRbedlSx3PPvvznWRIVFclC
SdxERDWTQcc5yWqe7i2ZzMnljH84prACqalVuj2yPvYEryFNaQrkt3MfoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwHQTzw2WP65lxRX8cCL85dk3t9MB8GA1UdIwQY
MBaAFIVsrx8vApFAEQXvaLJZV9xVVRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTct
YjBkMGJjZDkwZmFlLzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTctYjBkMGJjZDkwZmFl
LzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS1P7Gtij
eh62fvKhUlhHQeBNNKMZbT5nWeDcHvr0xB7mA2I6RcA1xQ8BReJGuHITf715n21t
HB2nq1MEyMyIlI7naYrydQG0s+s4JeMZ5ZQChtFgkxufneM5IabaUVNg4IUj9PrI
B1cgbokWhELfTFIn7th5ujp/stmmyJkcQejeEtMDymoKG18f7MUAtxDsrRtCaAQM
2lVf4MXDMxCTnsMrBob5JToj5bz7H60nZAg/bqBa/ZlfUeXdSD4gy4FTEgCOJ+CH
P7KYDmHb95oBfgndz+/n96qfpMPcLRRV3uhjqoK/LZ4lL9GwSOrNFBXnNmqv2vEI
bPl+gUqEZIc/lw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:27:54 2025 by rpki-client