Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft
File: H8jtRm3i5spZZNHu0PJA3dJR3kg.mft (raw, json)
Hash identifier: gYySkg6B/EL/2CjUSjGoKzcVKu3c6MvQL1kebyPQKwQ=
Subject key identifier: CA:BD:25:F9:24:DB:D5:AC:85:7E:28:A8:90:07:FA:98:8F:47:B5:3C
Authority key identifier: 1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
Certificate issuer: /CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Certificate serial: 0199FE7E087704C52658D25440EA3C2BC065
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft
Manifest number: 163A
Signing time: Sun 19 Oct 2025 22:01:36 +0000
Manifest this update: Sun 19 Oct 2025 22:01:36 +0000
Manifest next update: Mon 20 Oct 2025 22:01:36 +0000
Files and hashes: 1: H8jtRm3i5spZZNHu0PJA3dJR3kg.crl (hash: 3JzL+3RCv90nUMXeRotxs9S/fLkddauiYPiyFMbiFpw=)
2: nevmretTwrxwqsKKQjHFsjVUEY0.roa (hash: fWFJu1Hs2S96Xtm1+v7RRTX9W7ZYHV7fdQSuyQbPzQU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft
rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:7e:08:77:04:c5:26:58:d2:54:40:ea:3c:2b:c0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48
Validity
Not Before: Oct 19 22:01:36 2025 GMT
Not After : Oct 20 22:01:36 2025 GMT
Subject: CN=cabd25f924dbd5ac857e28a89007fa988f47b53c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:ea:6a:b7:e4:a7:0f:4f:5a:e3:8a:dc:5b:
47:35:a1:d2:ce:28:63:53:5d:ae:bc:87:19:9a:de:
44:4f:d6:9f:6f:db:bb:05:d5:d0:99:fd:59:aa:2f:
5b:3b:1c:78:97:a7:6b:57:81:db:fd:76:db:51:1a:
4e:a6:d3:9c:36:ab:df:1b:1d:3e:4c:ec:46:09:6a:
cd:19:3d:c4:fc:79:dd:69:00:91:70:a0:e6:8a:33:
8b:88:43:d6:36:7c:e1:e6:c0:ff:83:be:f0:cf:0e:
7b:ad:50:bb:60:a3:fd:22:a9:bc:2e:32:79:77:5d:
13:e6:85:6e:ca:9c:7f:4e:29:07:02:2a:60:a4:ef:
b0:e7:7d:14:81:ac:00:ec:c1:d3:75:a8:74:aa:2a:
95:30:1c:1d:2e:fa:18:27:53:e7:43:bf:ed:7e:17:
3c:0b:fd:50:b1:c7:5d:5e:7b:70:63:c1:37:8a:6f:
ff:49:f6:54:23:06:54:41:48:bf:4b:55:a8:58:8b:
5e:fb:58:52:07:fb:f5:cf:e2:fa:9b:41:7c:2a:f8:
74:23:d9:43:0b:99:48:1e:05:11:33:ca:d1:09:2b:
91:1c:5c:8a:12:46:db:bd:a6:7f:d6:1a:66:2a:ea:
ab:78:67:bf:6f:07:f3:c0:4e:b2:1f:5a:e1:76:93:
fc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BD:25:F9:24:DB:D5:AC:85:7E:28:A8:90:07:FA:98:8F:47:B5:3C
X509v3 Authority Key Identifier:
keyid:1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:bd:9b:7b:81:27:1e:02:44:3a:97:77:77:2c:c3:a1:e5:93:
64:66:39:e7:ce:89:ad:31:e1:cb:67:57:b8:32:b3:7a:64:4f:
a7:5d:21:af:6c:28:f3:2e:f4:d8:df:49:a9:f8:a1:b7:02:9e:
14:7c:64:41:d0:49:a7:eb:39:91:fd:95:67:06:2c:03:51:94:
b7:9a:d4:23:07:33:b3:eb:d7:47:0c:ff:e0:9f:0b:10:7a:c6:
0f:54:1c:c5:7d:d8:64:10:91:9f:e9:a4:6e:28:17:28:4f:10:
09:f4:17:e1:95:fc:dd:6b:77:d4:5a:93:5e:6b:07:a0:f7:e7:
34:27:d1:5a:7f:7b:95:bb:cd:8d:9d:53:37:ea:b9:5d:89:1e:
01:1d:31:33:f2:e5:e8:fe:c3:39:74:1c:3b:03:be:65:62:1e:
94:8e:4c:f8:85:c3:62:b6:a6:34:0a:bb:c9:c9:e4:b3:10:91:
1e:b8:6b:61:14:fe:8b:64:1b:65:88:ab:78:00:66:cc:e2:cd:
63:82:43:2f:e4:2d:ee:a7:6d:bc:96:7c:47:6a:01:fe:fd:53:
de:23:a2:51:76:b8:9f:d3:ca:66:58:0a:8b:68:6a:1c:22:ef:
02:ae:23:a8:30:45:bb:9d:38:02:29:27:70:d4:77:ab:f5:d6:
92:f4:6b:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fgh3BMUmWNJUQOo8K8BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzhlZDQ2NmRlMmU2Y2E1OTY0ZDFlZWQwZjI0MGRkZDI1
MWRlNDgwHhcNMjUxMDE5MjIwMTM2WhcNMjUxMDIwMjIwMTM2WjAzMTEwLwYDVQQD
EyhjYWJkMjVmOTI0ZGJkNWFjODU3ZTI4YTg5MDA3ZmE5ODhmNDdiNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyHqarfkpw9PWuOK3FtHNaHSzihj
U12uvIcZmt5ET9afb9u7BdXQmf1Zqi9bOxx4l6drV4Hb/XbbURpOptOcNqvfGx0+
TOxGCWrNGT3E/HndaQCRcKDmijOLiEPWNnzh5sD/g77wzw57rVC7YKP9Iqm8LjJ5
d10T5oVuypx/TikHAipgpO+w530UgawA7MHTdah0qiqVMBwdLvoYJ1PnQ7/tfhc8
C/1QscddXntwY8E3im//SfZUIwZUQUi/S1WoWIte+1hSB/v1z+L6m0F8Kvh0I9lD
C5lIHgURM8rRCSuRHFyKEkbbvaZ/1hpmKuqreGe/bwfzwE6yH1rhdpP8cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMq9Jfkk29WshX4oqJAH+piPR7U8MB8GA1UdIwQY
MBaAFB/I7UZt4ubKWWTR7tDyQN3SUd5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDkt
ZjQ4ZDRiYWJkNTBmLzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDktZjQ4ZDRiYWJkNTBm
LzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO72be4En
HgJEOpd3dyzDoeWTZGY5586JrTHhy2dXuDKzemRPp10hr2wo8y702N9JqfihtwKe
FHxkQdBJp+s5kf2VZwYsA1GUt5rUIwczs+vXRwz/4J8LEHrGD1QcxX3YZBCRn+mk
bigXKE8QCfQX4ZX83Wt31FqTXmsHoPfnNCfRWn97lbvNjZ1TN+q5XYkeAR0xM/Ll
6P7DOXQcOwO+ZWIelI5M+IXDYramNAq7ycnksxCRHrhrYRT+i2QbZYireABmzOLN
Y4JDL+Qt7qdtvJZ8R2oB/v1T3iOiUXa4n9PKZlgKi2hqHCLvAq4jqDBFu504Aikn
cNR3q/XWkvRrxA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:02:08 2025 by rpki-client