Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
File: h9OLoS9GKcITH8YOiVDWwwO-fSI.mft (raw, json)
Hash identifier: Vol3vXPzq73FAmZsPB/31751GRASs4+CPsf8j0yZZ2U=
Subject key identifier: D7:D3:8B:04:9A:37:A7:06:7C:24:7C:38:89:61:FE:D5:26:9B:76:B4
Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Certificate serial: 0199FC21849C1E1CC339BF3FD82AE323AB8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
Manifest number: 0844
Signing time: Sun 19 Oct 2025 11:01:18 +0000
Manifest this update: Sun 19 Oct 2025 11:01:18 +0000
Manifest next update: Mon 20 Oct 2025 11:01:18 +0000
Files and hashes: 1: NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa (hash: UBan9KbEcKtiRn9epXoesYMRtYi5lW0QY6/c4yNUKv8=)
2: h9OLoS9GKcITH8YOiVDWwwO-fSI.crl (hash: pxR8R302yybG2rOazqjlEku/N5NSCpSKpeXQBp01UPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:84:9c:1e:1c:c3:39:bf:3f:d8:2a:e3:23:ab:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Validity
Not Before: Oct 19 11:01:18 2025 GMT
Not After : Oct 20 11:01:18 2025 GMT
Subject: CN=d7d38b049a37a7067c247c388961fed5269b76b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4a:b1:03:65:0d:45:72:2e:65:b7:4b:c1:fe:
a7:5b:ec:a3:76:b0:dc:46:f4:90:32:71:d5:dd:21:
dc:b9:22:f1:36:c3:af:0c:8c:19:3d:04:28:ec:12:
ab:22:3b:7b:fe:0a:34:44:af:df:56:b5:eb:7a:a4:
a7:58:6c:f1:75:9d:25:f1:9d:6c:dd:74:3a:ca:54:
f3:2a:02:2e:d3:be:92:0c:2f:40:55:b6:f7:3a:a1:
b5:b7:68:3c:07:e6:90:aa:de:96:81:6c:c5:7b:24:
bf:5c:d6:4b:3f:3e:8c:90:8f:76:54:86:53:b9:08:
fb:98:25:1b:8a:f1:f5:33:47:5b:31:3f:ec:93:8e:
41:f8:d5:ee:a6:a7:bd:be:c8:68:39:e9:fd:ee:a9:
17:83:aa:fa:13:37:43:42:1a:37:31:03:c8:4a:d3:
92:d4:51:6a:34:6f:2b:e6:e1:c6:96:c9:24:35:6d:
bd:79:8e:b4:a5:04:80:18:7e:ce:17:2b:2e:5f:46:
55:8b:5b:c5:9c:05:11:c0:44:2d:5e:be:ee:45:61:
6a:de:04:2b:44:88:79:4f:8c:44:7b:5d:b4:db:fb:
d2:39:f8:5a:f0:43:9a:ed:92:63:30:76:f5:16:5a:
4d:ac:2f:4e:fd:5f:7c:a1:d1:32:03:c1:0d:39:44:
a9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:D3:8B:04:9A:37:A7:06:7C:24:7C:38:89:61:FE:D5:26:9B:76:B4
X509v3 Authority Key Identifier:
keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:aa:76:a0:70:15:84:71:e7:01:ee:40:cc:30:96:c7:b0:ea:
aa:4a:43:28:47:dd:ac:d2:f3:07:c9:49:31:d4:67:13:a9:aa:
05:8f:d9:19:11:6f:0a:88:0f:d4:b7:8b:13:44:03:c3:dc:70:
f4:f0:66:19:95:27:5c:d8:c6:c8:bd:79:be:34:80:42:b2:ee:
aa:06:07:43:03:e2:29:91:36:c7:2a:e3:85:38:d6:71:46:4d:
ea:98:ad:a2:8a:d9:eb:41:1d:8b:2a:58:9b:ea:d4:13:41:bf:
c6:54:db:21:68:ef:90:37:c3:6b:23:5f:12:29:02:db:52:6a:
ef:82:31:d4:f4:34:08:70:c7:be:60:39:c0:89:92:94:e2:e6:
e2:ba:6d:4d:0f:ed:b1:8b:c6:7f:75:de:28:09:2a:9d:49:d5:
a0:e6:ac:01:c5:4c:60:b3:93:b7:c4:79:4e:12:f1:aa:d9:94:
f7:3a:4b:7a:db:b9:ff:f6:fb:a6:8f:ab:ce:84:3e:e0:63:68:
89:a4:91:1d:13:fe:a8:fe:4d:3f:2c:e3:d1:59:9b:10:84:b5:
b2:21:eb:d4:91:44:46:5b:28:3f:ef:dc:5c:e0:f1:c2:ac:ab:
b1:a4:6a:88:62:8a:d6:ae:40:de:d0:ff:e6:e4:df:dd:79:fc:
67:69:e6:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IYScHhzDOb8/2CrjI6uKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi
ZTdkMjIwHhcNMjUxMDE5MTEwMTE4WhcNMjUxMDIwMTEwMTE4WjAzMTEwLwYDVQQD
EyhkN2QzOGIwNDlhMzdhNzA2N2MyNDdjMzg4OTYxZmVkNTI2OWI3NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0qxA2UNRXIuZbdLwf6nW+yjdrDc
RvSQMnHV3SHcuSLxNsOvDIwZPQQo7BKrIjt7/go0RK/fVrXreqSnWGzxdZ0l8Z1s
3XQ6ylTzKgIu076SDC9AVbb3OqG1t2g8B+aQqt6WgWzFeyS/XNZLPz6MkI92VIZT
uQj7mCUbivH1M0dbMT/sk45B+NXupqe9vshoOen97qkXg6r6EzdDQho3MQPIStOS
1FFqNG8r5uHGlskkNW29eY60pQSAGH7OFysuX0ZVi1vFnAURwEQtXr7uRWFq3gQr
RIh5T4xEe1202/vSOfha8EOa7ZJjMHb1FlpNrC9O/V98odEyA8ENOUSpxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfTiwSaN6cGfCR8OIlh/tUmm3a0MB8GA1UdIwQY
MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt
ZmQ1NWM1OGVkYWY3LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3
LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyap2oHAV
hHHnAe5AzDCWx7DqqkpDKEfdrNLzB8lJMdRnE6mqBY/ZGRFvCogP1LeLE0QDw9xw
9PBmGZUnXNjGyL15vjSAQrLuqgYHQwPiKZE2xyrjhTjWcUZN6pitoorZ60EdiypY
m+rUE0G/xlTbIWjvkDfDayNfEikC21Jq74Ix1PQ0CHDHvmA5wImSlOLm4rptTQ/t
sYvGf3XeKAkqnUnVoOasAcVMYLOTt8R5ThLxqtmU9zpLetu5//b7po+rzoQ+4GNo
iaSRHRP+qP5NPyzj0VmbEIS1siHr1JFERlsoP+/cXODxwqyrsaRqiGKK1q5A3tD/
5uTf3Xn8Z2nmUw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:31:09 2025 by rpki-client