Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: BZN9EganqQ9bRo8LpVsbFsyXveGFPuoQ51eT+JvB57k=
Subject key identifier: 7B:C7:E8:E2:1C:7F:74:12:62:77:6F:CE:0F:43:DC:54:37:A0:F0:72
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0199FBB35E9FE2BF3C5CF6D6E5E9118199C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 06AF
Signing time: Sun 19 Oct 2025 09:01:00 +0000
Manifest this update: Sun 19 Oct 2025 09:01:00 +0000
Manifest next update: Mon 20 Oct 2025 09:01:00 +0000
Files and hashes: 1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: S/s3AEAKddTnyDXMB0Qz5RB1W6vUg6XXJLA6AjO0cgc=)
2: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
3: x35TZBfjRzydIntP1wj4bzkffVI.roa (hash: m3lAcV9738Nh7P2x7upDgBTiTVZP/HAse993nyHmPOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:b3:5e:9f:e2:bf:3c:5c:f6:d6:e5:e9:11:81:99:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Oct 19 09:01:00 2025 GMT
Not After : Oct 20 09:01:00 2025 GMT
Subject: CN=7bc7e8e21c7f741262776fce0f43dc5437a0f072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:29:8d:56:9a:54:b0:ff:ce:d0:23:61:c1:38:
78:b1:2c:e9:6b:79:a4:28:49:f7:68:de:a1:ad:33:
92:1d:8b:04:f1:12:0d:f3:27:88:c4:30:69:b0:5f:
19:f2:09:24:cc:8d:cb:4e:6c:03:fc:9b:db:54:04:
39:6a:e5:0b:51:cd:07:54:75:95:81:cd:f2:b9:05:
9c:ad:24:e2:73:46:b6:c9:06:87:88:c6:b2:00:40:
eb:fc:92:81:4e:26:8d:56:21:c4:77:b4:be:4c:93:
8d:a2:56:62:ec:1e:81:6b:8d:61:11:8f:36:3a:f6:
86:ec:5e:65:63:78:87:46:6e:cc:4d:7c:ad:7d:61:
8e:54:e7:e1:36:0c:48:8d:df:0c:80:ce:85:f7:2c:
58:08:06:3b:63:ee:37:75:db:a5:04:87:a5:02:9b:
2c:4b:ef:13:f9:56:72:dd:f9:12:35:8b:f4:4b:ee:
ac:40:7a:f0:c3:54:77:85:17:80:52:43:17:90:86:
f4:20:ec:1f:99:86:72:13:d2:88:87:0f:af:a7:07:
02:87:32:1f:e0:e5:e9:5b:0a:ed:d6:25:d9:2b:9d:
70:d4:28:05:b6:0c:dc:91:38:ad:b2:28:eb:09:78:
ba:a3:d4:ed:fe:21:d4:52:1e:59:a2:bd:e4:fc:0d:
4e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C7:E8:E2:1C:7F:74:12:62:77:6F:CE:0F:43:DC:54:37:A0:F0:72
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:a9:1d:70:d4:b3:ec:78:05:12:0e:39:bc:46:2a:56:e5:70:
e1:10:bb:bf:28:be:61:a6:f5:bf:29:11:d2:b0:ce:2b:93:89:
f0:b7:d2:91:92:2c:10:cd:d4:59:4a:84:7e:80:21:9f:df:05:
2c:8b:4a:20:63:e8:5a:55:d3:a4:36:62:6b:a1:80:ab:89:c7:
ac:26:5c:4c:27:85:ea:bf:fd:ae:84:ea:31:88:85:d7:21:5d:
7b:94:25:20:82:7e:91:82:d0:b4:26:5c:2c:ea:3c:8a:11:98:
43:69:0d:6d:12:01:88:2e:ec:10:c1:4a:e9:2b:fd:e7:e9:3b:
c3:b0:cd:73:df:f1:c1:10:04:a3:09:af:7e:ba:89:59:75:c2:
52:ee:34:26:a3:e2:22:11:5a:cb:ed:32:6d:ba:08:65:ff:46:
28:f6:1a:ad:46:20:c1:1c:3e:2e:d0:7b:74:a3:65:b7:e7:9e:
14:dc:6a:5e:a1:32:cc:23:de:fe:7c:b4:54:2d:e1:a2:95:ab:
f4:81:9e:f6:6d:a0:9f:27:fe:c0:07:7d:ec:05:78:76:be:3d:
7f:ce:7d:8e:63:b0:99:f9:44:d1:50:e3:99:e3:41:4c:d7:74:
e3:94:76:46:18:91:47:83:c0:0d:b2:83:3c:75:3c:27:1b:74:
27:b8:5f:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s16f4r88XPbW5ekRgZnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUxMDE5MDkwMTAwWhcNMjUxMDIwMDkwMTAwWjAzMTEwLwYDVQQD
Eyg3YmM3ZThlMjFjN2Y3NDEyNjI3NzZmY2UwZjQzZGM1NDM3YTBmMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSmNVppUsP/O0CNhwTh4sSzpa3mk
KEn3aN6hrTOSHYsE8RIN8yeIxDBpsF8Z8gkkzI3LTmwD/JvbVAQ5auULUc0HVHWV
gc3yuQWcrSTic0a2yQaHiMayAEDr/JKBTiaNViHEd7S+TJONolZi7B6Ba41hEY82
OvaG7F5lY3iHRm7MTXytfWGOVOfhNgxIjd8MgM6F9yxYCAY7Y+43ddulBIelApss
S+8T+VZy3fkSNYv0S+6sQHrww1R3hReAUkMXkIb0IOwfmYZyE9KIhw+vpwcChzIf
4OXpWwrt1iXZK51w1CgFtgzckTitsijrCXi6o9Tt/iHUUh5Zor3k/A1OIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvH6OIcf3QSYndvzg9D3FQ3oPByMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6kdcNSz
7HgFEg45vEYqVuVw4RC7vyi+Yab1vykR0rDOK5OJ8LfSkZIsEM3UWUqEfoAhn98F
LItKIGPoWlXTpDZia6GAq4nHrCZcTCeF6r/9roTqMYiF1yFde5QlIIJ+kYLQtCZc
LOo8ihGYQ2kNbRIBiC7sEMFK6Sv95+k7w7DNc9/xwRAEowmvfrqJWXXCUu40JqPi
IhFay+0ybboIZf9GKPYarUYgwRw+LtB7dKNlt+eeFNxqXqEyzCPe/ny0VC3hopWr
9IGe9m2gnyf+wAd97AV4dr49f859jmOwmflE0VDjmeNBTNd045R2RhiRR4PADbKD
PHU8Jxt0J7hf8A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:32:05 2025 by rpki-client