Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: XKNOB+RS0RaGjJgewx0NJ9BJ4/6/+/iIte0JsLI6saU=
Subject key identifier: 6F:1F:41:20:8C:3C:E3:95:A0:26:CA:60:B3:C2:E9:6A:BB:7D:B9:7D
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0199FCFD592CDCE1C16EBEE6ACB44ED3343B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 16E6
Signing time: Sun 19 Oct 2025 15:01:25 +0000
Manifest this update: Sun 19 Oct 2025 15:01:25 +0000
Manifest next update: Mon 20 Oct 2025 15:01:25 +0000
Files and hashes: 1: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (hash: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: ZYuKFY5hxHZGt5wGkPCMvB47oJHR2NCKXhCOv+Mwmos=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:59:2c:dc:e1:c1:6e:be:e6:ac:b4:4e:d3:34:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Oct 19 15:01:25 2025 GMT
Not After : Oct 20 15:01:25 2025 GMT
Subject: CN=6f1f41208c3ce395a026ca60b3c2e96abb7db97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ca:1e:7e:02:13:72:2a:d2:0a:98:d9:33:cd:
eb:a4:23:31:c4:12:dd:93:2a:3e:b5:10:f6:fe:5f:
d4:ef:4f:b5:51:ba:8e:9c:a3:76:5e:ae:ae:60:1b:
bb:74:2b:ae:7e:b0:27:bb:ce:bb:0a:db:f9:68:79:
96:6a:3c:37:4b:2f:a1:e7:09:0f:41:ea:78:d8:81:
f0:9e:e6:ea:8e:60:77:ab:2f:5e:45:b2:d0:07:bc:
23:63:8c:5a:40:3d:9c:93:a1:d6:e2:53:ac:60:0b:
06:a2:c8:3a:5a:4a:ac:a9:42:ff:b1:e0:00:2b:45:
64:6f:7e:21:3f:df:dd:97:43:75:bd:cc:71:b9:43:
35:c2:9d:13:a1:21:6e:28:fe:4d:d2:41:f7:ff:72:
b8:e8:38:a0:b8:d4:49:e7:3f:09:c8:cf:b8:fd:f9:
c8:ed:eb:1b:94:81:73:69:23:71:9f:ba:59:84:c4:
1f:00:08:89:bb:02:c1:93:b6:b5:2c:a2:78:b2:73:
5b:a1:3b:c4:e5:fa:11:b9:b0:f9:ca:09:60:74:7f:
e0:e1:d0:97:cd:f0:d6:d6:72:aa:88:35:3e:0a:75:
d1:bf:e0:ed:b7:06:59:b2:ba:8e:5b:fe:9d:c6:a4:
c8:64:47:01:92:02:e4:57:7f:1a:de:27:1f:b9:b0:
31:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1F:41:20:8C:3C:E3:95:A0:26:CA:60:B3:C2:E9:6A:BB:7D:B9:7D
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:54:d4:be:15:11:5d:26:db:8e:6c:3d:0b:8a:5f:bc:18:87:
22:f4:31:92:aa:01:f3:d8:60:65:8a:00:68:b5:eb:2a:43:88:
19:fb:af:5e:8d:86:52:18:79:9b:28:aa:b0:00:16:32:68:ea:
d3:db:43:bd:a0:68:f9:9f:ff:05:e1:58:9a:b7:8e:75:b7:c3:
6a:d6:64:cf:42:df:6b:7d:2a:3f:80:f4:59:09:c9:07:61:08:
60:cd:86:e2:94:d7:34:3f:98:d8:54:19:d6:f1:20:47:de:54:
79:93:62:3c:da:37:f7:c7:4a:27:49:d0:d5:c1:a9:1f:cb:24:
0c:e1:8f:ba:83:fc:32:a6:39:d7:6a:62:d1:e8:bd:43:27:36:
4e:ee:20:ac:1d:65:ad:07:f7:d8:5c:17:bb:3a:62:2d:3d:c2:
a8:18:73:dc:b6:76:28:e6:d8:d9:63:00:b5:a7:26:74:32:5d:
24:b1:f7:35:87:e5:7e:8b:0f:6e:f8:59:24:8d:cc:dc:94:98:
6b:e1:dc:8c:77:ac:23:eb:1c:ff:f6:0a:7a:fd:bc:c0:ef:05:
fe:10:13:ae:84:61:50:78:14:b4:f2:30:1a:cb:6b:e5:94:c8:
2a:cd:5d:44:a7:cc:8b:5e:63:40:68:78:58:1b:f9:04:52:43:
1b:55:c0:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Vks3OHBbr7mrLRO0zQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUxMDE5MTUwMTI1WhcNMjUxMDIwMTUwMTI1WjAzMTEwLwYDVQQD
Eyg2ZjFmNDEyMDhjM2NlMzk1YTAyNmNhNjBiM2MyZTk2YWJiN2RiOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28oefgITcirSCpjZM83rpCMxxBLd
kyo+tRD2/l/U70+1UbqOnKN2Xq6uYBu7dCuufrAnu867Ctv5aHmWajw3Sy+h5wkP
Qep42IHwnubqjmB3qy9eRbLQB7wjY4xaQD2ck6HW4lOsYAsGosg6WkqsqUL/seAA
K0Vkb34hP9/dl0N1vcxxuUM1wp0ToSFuKP5N0kH3/3K46DiguNRJ5z8JyM+4/fnI
7esblIFzaSNxn7pZhMQfAAiJuwLBk7a1LKJ4snNboTvE5foRubD5yglgdH/g4dCX
zfDW1nKqiDU+CnXRv+DttwZZsrqOW/6dxqTIZEcBkgLkV38a3icfubAxAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8fQSCMPOOVoCbKYLPC6Wq7fbl9MB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkFTUvhUR
XSbbjmw9C4pfvBiHIvQxkqoB89hgZYoAaLXrKkOIGfuvXo2GUhh5myiqsAAWMmjq
09tDvaBo+Z//BeFYmreOdbfDatZkz0Lfa30qP4D0WQnJB2EIYM2G4pTXND+Y2FQZ
1vEgR95UeZNiPNo398dKJ0nQ1cGpH8skDOGPuoP8MqY512pi0ei9Qyc2Tu4grB1l
rQf32FwXuzpiLT3CqBhz3LZ2KObY2WMAtacmdDJdJLH3NYflfosPbvhZJI3M3JSY
a+HcjHesI+sc//YKev28wO8F/hATroRhUHgUtPIwGstr5ZTIKs1dRKfMi15jQGh4
WBv5BFJDG1XAaw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:50:41 2025 by rpki-client