Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: kcEriesYaPu1M7K1qZegyR8g0984M9dLQ1TusoQymm0=
Subject key identifier: 35:60:39:92:5D:5B:53:76:3D:C3:CF:A1:C5:59:0C:E4:40:6F:8C:85
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019A0035AD48D8C14D37FF0263788A08F319
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 1290
Signing time: Mon 20 Oct 2025 06:01:48 +0000
Manifest this update: Mon 20 Oct 2025 06:01:48 +0000
Manifest next update: Tue 21 Oct 2025 06:01:48 +0000
Files and hashes: 1: EgrdXaLN-vc8C2zZS8RN3DywvDo.roa (hash: hzm54PDUPW3onP/qtSLZRsQOvKv3wuQ4riGx7IRQcQA=)
2: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: +Ip/JeCoFPQXSTL7bTd0YPR0Z/PcAOFMGlXcbFJCKro=)
3: rAaiXMvO9i5snovqluPbyo_QCN0.roa (hash: pt3vDzVbNzSpy4PSZ8+XX3gpZBn6uEG/ZRILx9TbDQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:ad:48:d8:c1:4d:37:ff:02:63:78:8a:08:f3:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Oct 20 06:01:48 2025 GMT
Not After : Oct 21 06:01:48 2025 GMT
Subject: CN=356039925d5b53763dc3cfa1c5590ce4406f8c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:b7:02:08:e3:e4:c0:92:1b:ad:1d:d0:14:
47:ae:33:0a:de:81:75:1c:e9:2e:ba:85:e0:5b:1b:
44:5e:90:e4:c0:ff:ea:46:27:25:a4:f5:f2:dc:9e:
ff:18:ac:f5:8c:ae:3e:1f:96:c0:7a:5f:58:cc:82:
db:e3:d5:b6:25:2a:52:7a:0c:85:d2:a1:c8:7c:21:
92:b5:d7:fc:c8:09:74:74:5a:de:99:70:7f:e7:51:
36:eb:eb:59:ef:a8:3e:76:94:9d:a7:39:44:25:d0:
06:2a:b7:f0:74:c3:46:6e:4d:77:0c:43:18:b9:c0:
fc:f0:af:9f:ec:e3:a6:8c:db:cb:a1:3e:e3:6a:e0:
86:ff:5d:53:8b:4b:8f:44:c0:2f:8f:df:84:0a:26:
3d:c9:47:2d:9b:6c:f1:71:c9:8d:69:dc:2a:64:06:
9d:a3:2d:7c:8b:c4:89:df:4f:65:31:24:85:81:89:
b5:ec:ee:a9:1b:89:cb:7b:fe:1d:bd:8e:12:98:b1:
0f:86:52:10:1f:f3:00:87:f0:24:2f:2d:51:38:86:
81:cf:67:44:b1:f2:18:69:56:31:23:e7:6b:9f:f9:
76:6c:db:96:f4:9a:2d:2c:e6:59:61:8c:43:40:1d:
c2:ca:8a:64:a1:21:72:65:f7:42:7b:e0:92:f2:4d:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:60:39:92:5D:5B:53:76:3D:C3:CF:A1:C5:59:0C:E4:40:6F:8C:85
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:93:e1:d4:36:7a:d8:0d:35:85:5c:0c:5b:3c:5a:8c:9a:a8:
7e:8c:9f:cc:c2:0a:47:5f:79:6a:f2:2a:73:ad:5e:ef:87:04:
de:d4:9d:d3:7b:47:4a:a3:3c:a3:53:c9:a0:4b:2b:ee:c4:e8:
e2:44:40:77:7d:36:dc:4c:c8:eb:8c:ba:2b:a2:97:f9:29:fa:
4a:e1:dd:b0:9f:fb:75:22:2c:39:9f:50:43:f0:54:24:95:fa:
66:82:2b:63:3b:40:31:11:44:b0:bf:ad:f8:be:d9:cb:b0:82:
9c:a2:36:12:80:73:2c:d6:41:76:ce:d2:66:f4:b5:c3:eb:85:
91:9c:3d:31:ab:a9:14:86:dd:86:29:14:c9:94:4c:e2:94:28:
f0:dc:43:62:03:0e:68:4a:f8:71:ed:d4:d2:f7:99:6f:7d:d7:
14:c6:d7:67:29:6d:f1:16:e9:3f:75:15:3d:69:3c:8e:b7:c0:
57:46:1d:38:f2:50:a6:13:ca:bc:a9:7f:48:34:ee:8b:c4:55:
58:b2:8c:46:d2:82:ae:e0:3a:86:5c:cd:b1:6f:6b:a7:a2:d9:
9d:11:bc:50:40:6c:82:8d:de:a7:db:2b:04:0e:f4:a8:3d:21:
60:e3:57:80:ae:cb:e9:0f:e7:54:2f:13:2e:16:29:7d:95:b6:
e7:d0:62:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANa1I2MFNN/8CY3iKCPMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjUxMDIwMDYwMTQ4WhcNMjUxMDIxMDYwMTQ4WjAzMTEwLwYDVQQD
EygzNTYwMzk5MjVkNWI1Mzc2M2RjM2NmYTFjNTU5MGNlNDQwNmY4Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXq3Agjj5MCSG60d0BRHrjMK3oF1
HOkuuoXgWxtEXpDkwP/qRiclpPXy3J7/GKz1jK4+H5bAel9YzILb49W2JSpSegyF
0qHIfCGStdf8yAl0dFremXB/51E26+tZ76g+dpSdpzlEJdAGKrfwdMNGbk13DEMY
ucD88K+f7OOmjNvLoT7jauCG/11Ti0uPRMAvj9+ECiY9yUctm2zxccmNadwqZAad
oy18i8SJ309lMSSFgYm17O6pG4nLe/4dvY4SmLEPhlIQH/MAh/AkLy1ROIaBz2dE
sfIYaVYxI+drn/l2bNuW9JotLOZZYYxDQB3CyopkoSFyZfdCe+CS8k1vKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVgOZJdW1N2PcPPocVZDORAb4yFMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpPh1DZ6
2A01hVwMWzxajJqofoyfzMIKR195avIqc61e74cE3tSd03tHSqM8o1PJoEsr7sTo
4kRAd3023EzI64y6K6KX+Sn6SuHdsJ/7dSIsOZ9QQ/BUJJX6ZoIrYztAMRFEsL+t
+L7Zy7CCnKI2EoBzLNZBds7SZvS1w+uFkZw9MaupFIbdhikUyZRM4pQo8NxDYgMO
aEr4ce3U0veZb33XFMbXZylt8RbpP3UVPWk8jrfAV0YdOPJQphPKvKl/SDTui8RV
WLKMRtKCruA6hlzNsW9rp6LZnRG8UEBsgo3ep9srBA70qD0hYONXgK7L6Q/nVC8T
LhYpfZW259BieQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:41:13 2025 by rpki-client