Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: waThEehRtUTlTww0Qw5Ao9LREgKir98BOrhYDJ3EGq8=
Subject key identifier: 1D:AB:13:25:75:AB:73:72:19:0C:AB:D2:7A:4C:44:3F:C9:3B:5D:EF
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 019A71B9078F88B800B30D8459143083C17D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 12A5
Signing time: Tue 11 Nov 2025 07:02:22 +0000
Manifest this update: Tue 11 Nov 2025 07:02:22 +0000
Manifest next update: Wed 12 Nov 2025 07:02:22 +0000
Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: 3G79sMfFVpaitC1LsKTab/uj+JWYrLOe/sWQyDptx54=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:07:8f:88:b8:00:b3:0d:84:59:14:30:83:c1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Nov 11 07:02:22 2025 GMT
Not After : Nov 12 07:02:22 2025 GMT
Subject: CN=1dab132575ab7372190cabd27a4c443fc93b5def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:9b:83:32:b6:27:b1:9e:6e:a3:24:f6:09:
dc:f2:d5:a3:4d:9c:ab:55:23:f8:4b:47:bc:57:93:
41:e6:33:4a:cd:d6:77:41:ef:b1:31:37:9e:d5:94:
4f:8d:31:67:95:6a:95:e2:7c:13:1f:90:3a:49:5c:
ff:cd:4e:2d:8a:0c:80:1e:60:07:2f:19:f0:88:e5:
b8:5b:86:95:7c:05:a1:fe:85:86:34:48:41:91:76:
5e:5b:94:f1:c5:de:13:f3:d9:a5:42:6f:43:76:dd:
45:7d:2b:4a:40:ca:a5:e8:54:ac:ce:36:7d:8a:f0:
59:e7:46:d7:b9:25:f6:9b:ff:dd:ef:b4:af:31:c8:
4f:b8:ad:da:87:c5:73:58:7a:ea:45:ca:83:47:e9:
cd:e2:7e:1c:e7:42:2b:04:10:3b:06:5b:1a:36:b2:
45:08:ce:65:b9:c8:2c:66:9c:d5:09:71:0b:c2:fe:
75:01:2e:9b:34:e5:4c:ad:fc:83:b7:bf:53:11:05:
6e:37:df:0b:67:18:8e:e9:35:1b:13:1b:8d:97:02:
05:ec:41:7f:77:d7:ac:c0:a8:44:3e:d3:1e:b1:19:
a7:f5:b3:95:aa:d5:95:dc:93:e7:0f:95:66:cd:00:
c4:4b:36:61:a6:1f:4f:f6:02:3b:14:54:af:f6:95:
1c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:13:25:75:AB:73:72:19:0C:AB:D2:7A:4C:44:3F:C9:3B:5D:EF
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:fe:b0:61:2a:be:d5:d2:da:53:6d:be:9a:a6:c6:30:7b:23:
22:1c:10:5e:b4:b3:31:00:ee:01:e3:3a:94:0e:d1:30:d6:43:
04:7a:4b:99:a0:0b:4a:6f:2c:f1:76:92:cc:cd:e8:6e:da:fb:
42:78:76:f3:7a:ad:74:38:a9:f9:52:11:9a:fe:e4:01:7c:0e:
92:48:5c:7b:aa:e8:b0:0e:14:5b:d7:b2:5d:6d:19:a4:78:29:
f0:8b:36:5a:b7:30:96:1c:85:14:f2:47:ad:36:91:89:4a:8a:
59:e6:df:24:5b:d2:fc:58:70:8b:18:26:c5:42:81:06:a5:cb:
8e:d2:9b:12:14:2d:a0:df:b6:5c:2d:df:f7:84:94:39:bc:e4:
0f:9d:6d:d7:6f:52:3c:f6:84:be:77:d6:27:cf:86:6c:c4:fa:
af:18:7d:4b:66:f4:8d:5e:fa:51:12:61:ad:7a:16:77:31:ee:
f0:7f:a2:f7:08:a1:6f:65:14:24:8a:c9:e3:d2:c4:10:0e:ba:
6b:3f:40:03:c2:39:19:20:5b:af:94:38:62:0f:66:6d:31:2f:
3c:56:5d:1b:d8:89:b3:5f:d5:43:9d:49:4b:10:34:18:19:31:
a9:4c:f2:15:ae:37:ca:ca:78:11:f9:6d:3b:22:f4:b3:a7:1f:
6f:b0:f7:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQePiLgAsw2EWRQwg8F9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUxMTExMDcwMjIyWhcNMjUxMTEyMDcwMjIyWjAzMTEwLwYDVQQD
EygxZGFiMTMyNTc1YWI3MzcyMTkwY2FiZDI3YTRjNDQzZmM5M2I1ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvymbgzK2J7GebqMk9gnc8tWjTZyr
VSP4S0e8V5NB5jNKzdZ3Qe+xMTee1ZRPjTFnlWqV4nwTH5A6SVz/zU4tigyAHmAH
LxnwiOW4W4aVfAWh/oWGNEhBkXZeW5Txxd4T89mlQm9Ddt1FfStKQMql6FSszjZ9
ivBZ50bXuSX2m//d77SvMchPuK3ah8VzWHrqRcqDR+nN4n4c50IrBBA7BlsaNrJF
CM5lucgsZpzVCXELwv51AS6bNOVMrfyDt79TEQVuN98LZxiO6TUbExuNlwIF7EF/
d9eswKhEPtMesRmn9bOVqtWV3JPnD5VmzQDESzZhph9P9gI7FFSv9pUcUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2rEyV1q3NyGQyr0npMRD/JO13vMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAff6wYSq+
1dLaU22+mqbGMHsjIhwQXrSzMQDuAeM6lA7RMNZDBHpLmaALSm8s8XaSzM3obtr7
Qnh283qtdDip+VIRmv7kAXwOkkhce6rosA4UW9eyXW0ZpHgp8Is2WrcwlhyFFPJH
rTaRiUqKWebfJFvS/FhwixgmxUKBBqXLjtKbEhQtoN+2XC3f94SUObzkD51t129S
PPaEvnfWJ8+GbMT6rxh9S2b0jV76URJhrXoWdzHu8H+i9wihb2UUJIrJ49LEEA66
az9AA8I5GSBbr5Q4Yg9mbTEvPFZdG9iJs1/VQ51JSxA0GBkxqUzyFa43ysp4Eflt
OyL0s6cfb7D3Vw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:29 2025 by rpki-client