Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
File: hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft (raw, json)
Hash identifier: x4vFEoFBy9+FVwnRKeiiXfvLTH3q1eV0Wi/Xy6fdAus=
Subject key identifier: B5:BA:AA:FD:62:36:CD:FE:01:E4:59:44:30:39:F8:9E:B1:EC:1D:A7
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0199FC8F727F2DFD526125C8E6ABC20B35CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
Manifest number: 0D25
Signing time: Sun 19 Oct 2025 13:01:23 +0000
Manifest this update: Sun 19 Oct 2025 13:01:23 +0000
Manifest next update: Mon 20 Oct 2025 13:01:23 +0000
Files and hashes: 1: MWwCkyjKodNxojuXE4ToQXLtm5w.roa (hash: Ak0owLXzMtwfRek9KqA/lWNxi61mLQqKV5qpbUxSWP4=)
2: NLcJ1zHiWemoNGCQqxBLJZM1epY.roa (hash: sN7g+z3kFVXgkKd1egNCxj+JRztRoGDD2QPyWEFToRI=)
3: hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl (hash: qiibny2/5Ny46xOvCosDiZ1VnshoPvUh+X1O0kWAwXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:72:7f:2d:fd:52:61:25:c8:e6:ab:c2:0b:35:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Oct 19 13:01:23 2025 GMT
Not After : Oct 20 13:01:23 2025 GMT
Subject: CN=b5baaafd6236cdfe01e459443039f89eb1ec1da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:05:5a:8e:87:04:e4:11:83:1a:c0:88:41:51:
65:4b:e1:91:22:72:25:ce:b6:b8:35:d7:d9:86:e7:
a4:25:60:6e:92:97:dc:3e:cf:cb:27:ae:2a:b4:de:
c3:c7:94:ef:8c:08:69:39:3e:62:7a:2c:f8:fc:8d:
34:01:7d:c5:19:86:71:71:12:85:f2:12:96:3b:d6:
f1:07:45:e3:d5:bb:7f:ba:16:c4:9d:cb:6e:2b:c1:
81:79:24:e6:5e:8c:2f:22:dd:06:19:cf:7f:fe:c1:
22:4c:a7:a6:c1:d4:1d:59:15:aa:d4:a3:dd:ae:a9:
38:8e:e8:74:f2:a5:62:16:02:fd:d1:ad:8d:20:91:
5a:2b:d6:43:ab:9e:34:c7:38:5f:96:d2:c5:59:16:
e3:da:96:e6:98:44:4d:e0:d3:60:da:bf:13:8c:e4:
c2:25:72:a7:71:8b:83:c5:0f:01:66:73:a3:a7:41:
9b:d4:b2:bf:15:89:c3:6b:99:7d:75:b2:47:8d:ab:
f9:1c:30:f4:94:1b:70:e5:6d:26:3f:85:ef:77:4a:
e7:50:cf:6e:5e:3f:86:ab:31:85:ab:4e:e6:da:ff:
0d:bc:ed:19:2a:1a:bf:a5:9d:97:5d:09:de:f1:b5:
83:fd:f9:11:7d:20:1d:44:79:c1:45:c7:6f:3c:30:
28:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BA:AA:FD:62:36:CD:FE:01:E4:59:44:30:39:F8:9E:B1:EC:1D:A7
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:31:a2:71:74:1f:df:08:6d:30:cd:10:e9:19:98:3a:69:8b:
1c:b2:bd:91:94:0b:81:fe:66:a4:aa:d8:d6:6a:3a:19:fe:1a:
05:e6:9d:58:0d:d6:d1:f7:c0:23:c9:a2:4b:d1:33:67:7d:7a:
70:e2:ca:87:c5:2b:df:90:cf:db:69:b6:5d:72:32:ff:36:c1:
92:b4:6e:14:8a:db:21:a4:31:60:bf:d2:96:26:39:d1:8f:03:
d0:17:07:fd:0f:94:e8:14:2f:73:aa:83:be:eb:27:37:39:02:
f9:6d:3b:2b:3e:1e:52:5a:ef:de:b4:f3:a7:0f:c3:86:38:be:
ad:a0:30:11:72:35:e3:89:37:88:ab:e4:96:c0:07:0d:76:f7:
2a:c4:4e:5b:37:65:dd:62:19:f1:8e:df:f4:50:a2:ad:62:85:
dd:c9:1c:7b:2f:bb:7d:2f:ed:bb:8b:20:47:bf:0d:a8:3a:d3:
18:60:d2:33:8f:88:d7:2e:fb:a6:47:71:3c:06:a3:33:9c:98:
4f:d6:14:70:77:ee:6f:fd:d0:83:d8:bf:c8:d4:3f:2d:e3:a0:
32:04:c2:36:2a:69:94:80:48:34:a8:0c:43:fd:24:c2:36:ac:
43:97:2c:59:1b:44:27:94:5d:27:e6:42:13:be:32:bf:13:70:
5c:22:a8:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j3J/Lf1SYSXI5qvCCzXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjUxMDE5MTMwMTIzWhcNMjUxMDIwMTMwMTIzWjAzMTEwLwYDVQQD
EyhiNWJhYWFmZDYyMzZjZGZlMDFlNDU5NDQzMDM5Zjg5ZWIxZWMxZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAVajocE5BGDGsCIQVFlS+GRInIl
zra4NdfZhuekJWBukpfcPs/LJ64qtN7Dx5TvjAhpOT5ieiz4/I00AX3FGYZxcRKF
8hKWO9bxB0Xj1bt/uhbEnctuK8GBeSTmXowvIt0GGc9//sEiTKemwdQdWRWq1KPd
rqk4juh08qViFgL90a2NIJFaK9ZDq540xzhfltLFWRbj2pbmmERN4NNg2r8TjOTC
JXKncYuDxQ8BZnOjp0Gb1LK/FYnDa5l9dbJHjav5HDD0lBtw5W0mP4Xvd0rnUM9u
Xj+GqzGFq07m2v8NvO0ZKhq/pZ2XXQne8bWD/fkRfSAdRHnBRcdvPDAoowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLW6qv1iNs3+AeRZRDA5+J6x7B2nMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzGicXQf
3whtMM0Q6RmYOmmLHLK9kZQLgf5mpKrY1mo6Gf4aBeadWA3W0ffAI8miS9EzZ316
cOLKh8Ur35DP22m2XXIy/zbBkrRuFIrbIaQxYL/SliY50Y8D0BcH/Q+U6BQvc6qD
vusnNzkC+W07Kz4eUlrv3rTzpw/Dhji+raAwEXI144k3iKvklsAHDXb3KsROWzdl
3WIZ8Y7f9FCirWKF3ckcey+7fS/tu4sgR78NqDrTGGDSM4+I1y77pkdxPAajM5yY
T9YUcHfub/3Qg9i/yNQ/LeOgMgTCNipplIBINKgMQ/0kwjasQ5csWRtEJ5RdJ+ZC
E74yvxNwXCKoGw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:30:21 2025 by rpki-client