Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
File: hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft (raw, json)
Hash identifier: H/1WBXLZf4wNlmvoucMHS36aqgePjXG9e/xlp0L9SOY=
Subject key identifier: 28:17:F5:3A:53:5E:A3:DA:C1:F6:6E:9F:AF:5A:41:F0:6F:21:8C:67
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 019848C02590DD28E4CB7940717372B6C4A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
Manifest number: 12B9
Signing time: Sat 26 Jul 2025 22:00:08 +0000
Manifest this update: Sat 26 Jul 2025 22:00:08 +0000
Manifest next update: Sun 27 Jul 2025 22:00:08 +0000
Files and hashes: 1: ZDU98pLej6G5Y69Flle0aPv1r5A.roa (hash: A41/y0PjRZXqiD5cmhEr4Mj1BgTXTsWtK/kWghBv8z8=)
2: hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl (hash: P4MT74jA7Tayyb0E3yVljw5zCeA0r9lFaUI4tHmLTTg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:c0:25:90:dd:28:e4:cb:79:40:71:73:72:b6:c4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Jul 26 22:00:08 2025 GMT
Not After : Jul 27 22:00:08 2025 GMT
Subject: CN=2817f53a535ea3dac1f66e9faf5a41f06f218c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:4e:a7:d1:c1:9d:c8:8f:50:e1:a9:6b:7c:
8c:05:f1:a6:b6:f1:e0:57:f7:ca:2d:d5:59:02:b9:
66:43:ce:5e:92:87:de:67:2b:60:73:f4:5a:8c:67:
99:6a:2e:9c:69:17:72:17:55:60:a8:63:31:ee:6b:
c4:ad:b2:10:8f:6e:b4:54:8f:2e:28:03:e2:d5:6e:
32:0a:ce:6b:74:81:12:f3:b6:26:24:b7:06:67:84:
a2:65:47:cb:74:06:58:3a:2f:66:ba:5f:ec:51:db:
52:a8:10:1a:5f:3b:c7:a6:56:1e:ad:9b:d3:55:cb:
41:5a:27:c1:a8:d1:21:a1:38:93:e2:af:06:50:c1:
25:cf:0b:7f:60:ba:35:69:50:cb:5e:f7:1b:60:83:
33:8b:d2:53:23:a3:cf:57:b9:9b:90:8e:64:6c:c1:
b5:ae:6d:f5:52:d6:8d:7e:f7:24:6d:62:78:73:c1:
f1:42:c3:d1:19:3f:01:28:24:e7:e0:f0:f6:0f:10:
58:61:87:e5:b0:c4:ba:0d:73:d5:a4:22:fb:c6:d4:
02:26:e3:2f:41:83:0c:6c:40:22:56:a9:fc:60:ee:
11:ba:76:34:72:29:f1:35:7e:5e:37:51:48:6a:6d:
62:1f:d1:99:d6:b8:2b:89:64:6c:67:ae:e3:a7:e5:
1e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:F5:3A:53:5E:A3:DA:C1:F6:6E:9F:AF:5A:41:F0:6F:21:8C:67
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:aa:1e:a3:d0:a2:3d:d3:3c:00:20:ca:d0:1f:54:65:b5:74:
22:b7:33:1d:9f:af:62:15:8c:8f:1a:96:24:88:ba:f0:46:3a:
b4:83:30:0c:a7:b6:af:c5:2e:9a:ec:6c:5d:3a:57:47:b7:33:
98:21:95:53:0e:33:1d:7c:22:e4:e0:8c:c1:7f:a8:88:1f:f8:
39:0c:b6:c6:a1:9d:1c:39:f4:4c:e2:3f:55:99:23:00:1c:10:
c4:74:8c:b2:bc:72:b9:0b:3e:7d:76:c3:99:55:8f:42:62:4d:
7a:0c:98:ae:6a:1a:1f:06:dc:be:1a:29:53:84:a3:6e:e1:1e:
e3:bd:b5:4d:29:47:64:7f:ed:df:68:a7:27:44:e0:83:76:50:
b8:c3:b9:74:60:a4:88:58:13:f2:cb:9b:3a:29:42:e0:b0:b9:
fe:e6:ab:19:90:8f:7f:58:01:95:92:02:19:3b:1f:96:59:09:
20:62:99:b4:00:4e:09:21:d5:11:66:5c:22:9f:7a:6f:59:fb:
14:99:3c:7e:a5:1b:92:76:e3:2c:de:65:d0:3f:59:0f:ed:4e:
9e:bf:5f:e6:a5:02:1b:fa:85:b9:98:2f:b7:6c:e9:d4:b4:cc:
3a:88:54:c5:2d:db:79:92:a8:db:40:2b:40:5b:27:0e:a3:23:
1a:77:4c:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIwCWQ3Sjky3lAcXNytsSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjUwNzI2MjIwMDA4WhcNMjUwNzI3MjIwMDA4WjAzMTEwLwYDVQQD
EygyODE3ZjUzYTUzNWVhM2RhYzFmNjZlOWZhZjVhNDFmMDZmMjE4YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeROp9HBnciPUOGpa3yMBfGmtvHg
V/fKLdVZArlmQ85ekofeZytgc/RajGeZai6caRdyF1VgqGMx7mvErbIQj260VI8u
KAPi1W4yCs5rdIES87YmJLcGZ4SiZUfLdAZYOi9mul/sUdtSqBAaXzvHplYerZvT
VctBWifBqNEhoTiT4q8GUMElzwt/YLo1aVDLXvcbYIMzi9JTI6PPV7mbkI5kbMG1
rm31UtaNfvckbWJ4c8HxQsPRGT8BKCTn4PD2DxBYYYflsMS6DXPVpCL7xtQCJuMv
QYMMbEAiVqn8YO4RunY0cinxNX5eN1FIam1iH9GZ1rgriWRsZ67jp+UecwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgX9TpTXqPawfZun69aQfBvIYxnMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6oeo9Ci
PdM8ACDK0B9UZbV0IrczHZ+vYhWMjxqWJIi68EY6tIMwDKe2r8UumuxsXTpXR7cz
mCGVUw4zHXwi5OCMwX+oiB/4OQy2xqGdHDn0TOI/VZkjABwQxHSMsrxyuQs+fXbD
mVWPQmJNegyYrmoaHwbcvhopU4SjbuEe4721TSlHZH/t32inJ0Tgg3ZQuMO5dGCk
iFgT8subOilC4LC5/uarGZCPf1gBlZICGTsfllkJIGKZtABOCSHVEWZcIp96b1n7
FJk8fqUbknbjLN5l0D9ZD+1Onr9f5qUCG/qFuZgvt2zp1LTMOohUxS3beZKo20Ar
QFsnDqMjGndM2g==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:14:18 2025 by rpki-client