Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: mXiCo1XSnMmi+3wlzgJUR2n9hInAoLodpMUkyPLb3fY=
Subject key identifier: 28:49:71:94:F2:DA:FD:96:37:0B:54:F4:D2:03:D4:8C:17:39:4B:07
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 0199239F54B0225556AC40112ED89DBC4BEE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 11F8
Signing time: Sun 07 Sep 2025 10:01:08 +0000
Manifest this update: Sun 07 Sep 2025 10:01:08 +0000
Manifest next update: Mon 08 Sep 2025 10:01:08 +0000
Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: Fek1LIS2Xch3Fg/s+EQ24tRRFBe/d+IxdvpsTOTyuh8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:54:b0:22:55:56:ac:40:11:2e:d8:9d:bc:4b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Sep 7 10:01:08 2025 GMT
Not After : Sep 8 10:01:08 2025 GMT
Subject: CN=28497194f2dafd96370b54f4d203d48c17394b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:61:16:49:d5:9d:c3:b0:70:2f:75:4f:8d:52:
6c:fd:95:ec:d4:b9:da:df:22:7d:37:33:16:4f:79:
a1:31:cc:64:79:96:1c:59:a0:db:80:fb:65:d5:aa:
b8:1d:d1:75:d6:f5:18:64:d5:e4:1c:25:c5:2a:c3:
98:6a:b0:de:f4:ec:20:94:f1:8d:06:72:77:92:b0:
7e:84:06:4f:c3:50:a6:c7:d7:7f:ac:c6:2f:0e:d7:
2e:a9:05:66:97:a8:5d:fe:dc:e9:c3:32:30:ce:07:
0d:47:ce:26:56:0e:24:cd:d5:7f:ca:da:11:8f:67:
69:51:47:ea:64:50:34:22:03:41:c9:aa:34:80:fb:
db:2f:8c:b7:6f:37:a4:0a:04:64:39:cb:57:f0:ee:
a2:7e:4d:6f:4d:34:28:86:e6:a0:f6:ad:64:55:e7:
8a:83:b4:6b:e4:0a:1d:30:38:23:8d:55:e2:a1:0d:
5d:f0:03:b5:99:fa:40:e9:91:4a:8c:28:33:3f:78:
6b:5e:82:d3:4d:2e:0e:21:5e:1c:74:14:ce:7f:e4:
fd:70:f6:b7:3d:3b:0d:07:00:69:03:4f:c0:a5:0b:
0d:6b:91:3f:a4:7a:5a:ac:e0:70:0e:08:2f:78:14:
f0:74:59:73:09:0c:8c:64:aa:f2:e8:a3:5b:f0:62:
06:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:49:71:94:F2:DA:FD:96:37:0B:54:F4:D2:03:D4:8C:17:39:4B:07
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:32:ca:f5:a4:b3:7a:fb:80:cd:01:ac:97:e7:73:5b:05:aa:
ec:6f:47:be:e0:1b:0d:32:12:2c:1c:b0:8a:50:f2:77:6c:1f:
00:f8:1b:6b:11:9b:28:eb:e1:17:a1:e3:4b:2d:28:4c:a6:a1:
9b:04:fb:d8:b0:c6:4b:64:5e:c8:48:25:e6:5b:78:cd:15:e5:
d3:d0:5d:4c:c3:f1:ec:5d:9e:2d:60:a6:94:b5:65:c4:10:c4:
77:6a:88:41:ca:d8:33:16:6f:0f:5b:38:29:3c:27:cb:db:c2:
4a:85:67:9e:5b:43:36:eb:4b:9f:a2:1b:91:4e:ee:13:14:44:
16:e3:26:84:a2:ae:72:05:76:7e:84:e4:15:ca:01:5a:cb:e4:
04:c9:a8:37:31:d3:93:3a:f8:70:a7:74:31:3c:69:68:bd:b8:
9f:ca:54:62:5c:26:61:c5:d5:2f:44:2d:84:07:aa:29:b5:04:
37:b2:ef:53:ec:dc:62:80:84:d1:b8:5c:ee:4a:39:43:c1:49:
8e:3c:69:7e:a6:48:d2:87:d3:6e:59:6c:79:3b:77:5c:8f:66:
3b:f2:23:51:24:ce:b3:73:77:50:3a:e0:4a:70:94:12:d8:55:
64:3d:52:cd:6e:23:26:ad:d8:dd:78:d1:ae:10:53:c8:b5:29:
6c:ad:d2:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn1SwIlVWrEARLtidvEvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUwOTA3MTAwMTA4WhcNMjUwOTA4MTAwMTA4WjAzMTEwLwYDVQQD
EygyODQ5NzE5NGYyZGFmZDk2MzcwYjU0ZjRkMjAzZDQ4YzE3Mzk0YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mEWSdWdw7BwL3VPjVJs/ZXs1Lna
3yJ9NzMWT3mhMcxkeZYcWaDbgPtl1aq4HdF11vUYZNXkHCXFKsOYarDe9OwglPGN
BnJ3krB+hAZPw1Cmx9d/rMYvDtcuqQVml6hd/tzpwzIwzgcNR84mVg4kzdV/ytoR
j2dpUUfqZFA0IgNByao0gPvbL4y3bzekCgRkOctX8O6ifk1vTTQohuag9q1kVeeK
g7Rr5AodMDgjjVXioQ1d8AO1mfpA6ZFKjCgzP3hrXoLTTS4OIV4cdBTOf+T9cPa3
PTsNBwBpA0/ApQsNa5E/pHparOBwDggveBTwdFlzCQyMZKry6KNb8GIG1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChJcZTy2v2WNwtU9NID1IwXOUsHMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTLK9aSz
evuAzQGsl+dzWwWq7G9HvuAbDTISLBywilDyd2wfAPgbaxGbKOvhF6HjSy0oTKah
mwT72LDGS2ReyEgl5lt4zRXl09BdTMPx7F2eLWCmlLVlxBDEd2qIQcrYMxZvD1s4
KTwny9vCSoVnnltDNutLn6IbkU7uExREFuMmhKKucgV2foTkFcoBWsvkBMmoNzHT
kzr4cKd0MTxpaL24n8pUYlwmYcXVL0QthAeqKbUEN7LvU+zcYoCE0bhc7ko5Q8FJ
jjxpfqZI0ofTbllseTt3XI9mO/IjUSTOs3N3UDrgSnCUEthVZD1SzW4jJq3Y3XjR
rhBTyLUpbK3Sow==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:25:02 2025 by rpki-client