Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
File: hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft (raw, json)
Hash identifier: Oc1jtMwe7FPCeBjg2q0vDNo8gNyG0k1TFGIEFBQXFJg=
Subject key identifier: D9:1A:9F:56:37:38:1E:58:95:3D:9E:EE:70:69:A5:81:73:53:78:75
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 0199FE7DC24BD97445575F54D38D9B31DF19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
Manifest number: 0973
Signing time: Sun 19 Oct 2025 22:01:18 +0000
Manifest this update: Sun 19 Oct 2025 22:01:18 +0000
Manifest next update: Mon 20 Oct 2025 22:01:18 +0000
Files and hashes: 1: 5iC1C_l2xnIVtV_ynL6awoKgYMQ.roa (hash: c0Zm1e9RjgR5PBfasK6Q1TzGKpfYhKyszQz9aW+gUGA=)
2: K2099PO4iAtvBzGlnwl1axWP2hE.roa (hash: 6aTZlr/sfRYyJqs+vE8kRpR5W2QDPbSiPNBoLmmWJlA=)
3: hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl (hash: XSD8/uMUiqEpLJFwYajX39IpgeDEbY2BHCdVcGCdmbA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:7d:c2:4b:d9:74:45:57:5f:54:d3:8d:9b:31:df:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Oct 19 22:01:18 2025 GMT
Not After : Oct 20 22:01:18 2025 GMT
Subject: CN=d91a9f5637381e58953d9eee7069a58173537875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:68:b5:32:69:6f:fd:42:0c:9c:0c:3f:30:
bf:02:0c:2e:f3:bb:9e:56:02:15:d3:5a:dd:c6:32:
8b:53:5d:07:4d:63:96:d1:dd:48:21:18:c3:77:98:
47:36:fb:14:ae:ca:50:12:37:e2:8b:ac:8a:54:6f:
06:a3:c7:25:ea:aa:08:cd:b4:a7:46:9f:27:f1:8c:
d8:4b:d6:3d:a0:dd:35:33:6f:d4:a0:8c:b1:89:78:
fc:81:76:dc:6e:73:07:2c:6f:58:78:dd:64:3d:9a:
6e:38:d2:f5:5d:d7:52:6f:46:e2:64:ab:21:04:d5:
a0:48:8f:6a:32:10:86:71:f3:df:a1:80:32:9d:f8:
89:21:b3:e2:36:c3:53:47:62:8a:3a:49:57:ff:b3:
ae:d9:fb:c2:e6:70:0d:76:b7:8d:b8:73:0d:43:06:
e8:43:75:6d:9e:b3:00:ed:40:1e:81:f2:0f:a3:6b:
53:54:17:d5:16:8e:a4:77:9b:be:80:4b:8e:77:1b:
d3:59:e8:98:7e:70:c5:cc:dc:3d:99:5c:f8:15:a4:
fe:fa:da:8f:2c:f1:8f:e8:25:0b:f7:6e:0c:94:34:
90:85:6c:81:b4:2c:26:fa:24:87:ff:6f:62:fb:df:
b8:51:1b:87:6e:de:78:59:8c:76:05:6b:cb:62:43:
c8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1A:9F:56:37:38:1E:58:95:3D:9E:EE:70:69:A5:81:73:53:78:75
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e9:4e:d7:d9:a7:10:bc:09:e6:26:d9:e1:25:d7:40:41:45:96:
20:de:42:99:5b:38:29:38:b4:94:c4:c4:8c:18:0e:5f:37:47:
b6:b3:d9:9a:45:83:a7:cd:20:de:58:f5:91:bf:f3:63:93:cd:
60:8e:31:bc:73:f2:d3:12:b4:99:31:74:1a:03:55:f4:f5:1a:
db:35:04:4c:4d:32:6c:a2:15:13:65:3d:2b:b6:cc:02:95:d2:
06:3a:08:27:80:c6:51:04:ee:d0:f6:49:4b:08:b0:de:4b:52:
5a:ea:b4:7b:36:87:9c:26:de:9a:8a:28:b4:84:da:0b:db:da:
c7:91:1b:5e:f4:fc:ea:89:70:97:cc:69:f9:e5:47:5a:c7:3a:
f4:a4:12:2d:4c:a4:38:30:46:b3:29:8d:02:4f:0d:c1:1b:79:
12:29:b6:a6:44:b0:50:f8:86:87:b1:dc:7a:0e:a4:13:e6:9c:
42:22:9d:f3:10:48:25:08:c5:2b:8d:6b:6a:ef:da:b1:64:86:
4f:61:84:fc:51:c3:e8:6c:f8:6b:69:43:64:a9:02:12:e6:39:
9a:54:05:11:63:84:e1:cc:4e:dc:bd:e7:92:31:22:7c:6f:4e:
c9:bb:6a:b2:c8:2b:95:db:da:c4:06:42:84:9b:74:5c:d1:92:
92:98:ba:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fcJL2XRFV19U042bMd8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjUxMDE5MjIwMTE4WhcNMjUxMDIwMjIwMTE4WjAzMTEwLwYDVQQD
EyhkOTFhOWY1NjM3MzgxZTU4OTUzZDllZWU3MDY5YTU4MTczNTM3ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM9otTJpb/1CDJwMPzC/Agwu87ue
VgIV01rdxjKLU10HTWOW0d1IIRjDd5hHNvsUrspQEjfii6yKVG8Go8cl6qoIzbSn
Rp8n8YzYS9Y9oN01M2/UoIyxiXj8gXbcbnMHLG9YeN1kPZpuONL1XddSb0biZKsh
BNWgSI9qMhCGcfPfoYAynfiJIbPiNsNTR2KKOklX/7Ou2fvC5nANdreNuHMNQwbo
Q3VtnrMA7UAegfIPo2tTVBfVFo6kd5u+gEuOdxvTWeiYfnDFzNw9mVz4FaT++tqP
LPGP6CUL924MlDSQhWyBtCwm+iSH/29i+9+4URuHbt54WYx2BWvLYkPIewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkan1Y3OB5YlT2e7nBppYFzU3h1MB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6U7X2acQ
vAnmJtnhJddAQUWWIN5CmVs4KTi0lMTEjBgOXzdHtrPZmkWDp80g3lj1kb/zY5PN
YI4xvHPy0xK0mTF0GgNV9PUa2zUETE0ybKIVE2U9K7bMApXSBjoIJ4DGUQTu0PZJ
Swiw3ktSWuq0ezaHnCbemoootITaC9vax5EbXvT86olwl8xp+eVHWsc69KQSLUyk
ODBGsymNAk8NwRt5Eim2pkSwUPiGh7Hceg6kE+acQiKd8xBIJQjFK41rau/asWSG
T2GE/FHD6Gz4a2lDZKkCEuY5mlQFEWOE4cxO3L3nkjEifG9OybtqssgrldvaxAZC
hJt0XNGSkpi6bQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:08:13 2025 by rpki-client