Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
File: HlqvPQaD3IoNWMZDgm4WbTwozKk.mft (raw, json)
Hash identifier: g6K4wdgyWqKNtp5PbQQjKIcoynDMTB4PN7pl6QKkzvc=
Subject key identifier: CF:8B:F1:C2:A5:1E:E7:77:7A:00:FA:6A:53:80:A6:53:E2:EF:5B:BC
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 019A2C68267BF3C4BF989DE1A0EDF148B549
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
Manifest number: 1705
Signing time: Tue 28 Oct 2025 20:00:14 +0000
Manifest this update: Tue 28 Oct 2025 20:00:14 +0000
Manifest next update: Wed 29 Oct 2025 20:00:14 +0000
Files and hashes: 1: HlqvPQaD3IoNWMZDgm4WbTwozKk.crl (hash: nTPGTCCr6+lSy+KCvJf864HCa9VzT6gM8jDxvjUl8BM=)
2: RKyzB9bUwZYi5TsxSj7CGxt394k.roa (hash: Hh9WM4Bb/ik/WwsavUvg8LAp8Fn8QkXbUV4e4PeWt3s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 20:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:68:26:7b:f3:c4:bf:98:9d:e1:a0:ed:f1:48:b5:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Oct 28 20:00:14 2025 GMT
Not After : Oct 29 20:00:14 2025 GMT
Subject: CN=cf8bf1c2a51ee7777a00fa6a5380a653e2ef5bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:98:cb:32:7a:83:72:ee:f5:4f:15:31:c5:
76:58:f8:79:ce:3b:d7:ed:ec:4a:da:e0:25:70:0a:
11:35:d9:9f:4f:35:cb:14:32:ec:01:87:bf:b2:95:
98:0f:56:aa:44:38:1f:86:35:24:b0:74:a2:ba:87:
0f:82:c5:9c:79:84:38:5f:d5:2a:d0:16:42:c2:a7:
20:df:aa:d3:1d:0e:c4:d4:4b:33:48:84:12:f0:ef:
89:87:6d:bf:f5:dc:f3:37:4d:c2:8d:45:10:94:96:
5d:74:24:67:ad:7c:32:1a:37:38:f7:ad:e9:87:c6:
e7:fd:3a:c2:8b:28:79:28:ab:4a:7d:ad:73:84:be:
89:c1:70:dd:42:45:20:5f:ed:73:e5:81:a1:14:8e:
d6:66:85:46:33:f1:8f:a8:04:d4:19:53:d2:13:d7:
91:b5:c2:b8:e4:92:d4:f4:88:09:53:e8:69:0d:e4:
e5:58:ad:52:be:07:47:90:2b:4d:a8:9f:29:d2:c0:
ba:9c:7e:4e:0a:48:f0:cb:b5:f9:6f:22:35:fc:89:
fb:75:fa:54:23:aa:d0:80:99:80:29:32:ee:a4:6c:
94:36:2a:a2:d9:05:15:61:ca:0a:73:97:3b:e8:a4:
c0:56:e2:ae:5e:08:48:e1:88:3a:f2:65:f9:90:b6:
4d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8B:F1:C2:A5:1E:E7:77:7A:00:FA:6A:53:80:A6:53:E2:EF:5B:BC
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:08:7a:60:77:8a:63:94:4d:1a:7b:2a:1d:f9:7c:64:4b:9d:
a6:0b:41:d2:a9:e1:f1:73:4d:4e:c1:d1:4e:98:13:c5:01:59:
24:f0:c4:25:05:c4:e8:29:32:c9:51:18:6e:38:db:d4:79:e8:
32:fb:c2:ad:f2:23:5d:e8:d0:73:76:ea:35:7f:ce:93:28:8e:
a0:89:bb:1e:9a:d6:7a:68:33:67:d9:52:f9:bc:ea:6c:d9:05:
25:d3:96:91:69:3b:95:0a:4e:76:06:2f:49:02:98:96:92:f8:
1e:4f:70:bd:8c:e4:81:bb:e8:a7:f4:1f:c8:75:20:98:cf:9d:
14:2d:13:c8:1d:c1:99:f9:ef:7e:ac:60:b6:9e:4a:62:41:d6:
f7:1c:ca:cf:88:9a:c5:23:3e:11:24:4a:ab:3d:c0:bf:41:8e:
72:f7:c9:05:52:ec:05:09:e5:d5:17:25:d4:bb:a6:b1:4b:2e:
9c:e7:af:d7:48:b4:1f:fd:a8:0a:ba:fe:da:fa:4c:1f:f5:44:
7c:b7:1b:12:8e:4c:99:9d:9d:c7:76:e5:e7:c8:85:4a:f1:a5:
0f:0c:2b:d4:0c:12:e9:18:73:b6:29:7e:07:9d:13:49:bc:22:
ad:52:05:0c:96:0c:0e:05:5f:1c:94:83:b7:38:14:cd:b6:a0:
71:92:ef:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosaCZ788S/mJ3hoO3xSLVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjUxMDI4MjAwMDE0WhcNMjUxMDI5MjAwMDE0WjAzMTEwLwYDVQQD
EyhjZjhiZjFjMmE1MWVlNzc3N2EwMGZhNmE1MzgwYTY1M2UyZWY1YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlOYyzJ6g3Lu9U8VMcV2WPh5zjvX
7exK2uAlcAoRNdmfTzXLFDLsAYe/spWYD1aqRDgfhjUksHSiuocPgsWceYQ4X9Uq
0BZCwqcg36rTHQ7E1EszSIQS8O+Jh22/9dzzN03CjUUQlJZddCRnrXwyGjc4963p
h8bn/TrCiyh5KKtKfa1zhL6JwXDdQkUgX+1z5YGhFI7WZoVGM/GPqATUGVPSE9eR
tcK45JLU9IgJU+hpDeTlWK1SvgdHkCtNqJ8p0sC6nH5OCkjwy7X5byI1/In7dfpU
I6rQgJmAKTLupGyUNiqi2QUVYcoKc5c76KTAVuKuXghI4Yg68mX5kLZNlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+L8cKlHud3egD6alOAplPi71u8MB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQh6YHeK
Y5RNGnsqHfl8ZEudpgtB0qnh8XNNTsHRTpgTxQFZJPDEJQXE6CkyyVEYbjjb1Hno
MvvCrfIjXejQc3bqNX/OkyiOoIm7HprWemgzZ9lS+bzqbNkFJdOWkWk7lQpOdgYv
SQKYlpL4Hk9wvYzkgbvop/QfyHUgmM+dFC0TyB3Bmfnvfqxgtp5KYkHW9xzKz4ia
xSM+ESRKqz3Av0GOcvfJBVLsBQnl1Rcl1LumsUsunOev10i0H/2oCrr+2vpMH/VE
fLcbEo5MmZ2dx3bl58iFSvGlDwwr1AwS6Rhztil+B50TSbwirVIFDJYMDgVfHJSD
tzgUzbagcZLvow==
-----END CERTIFICATE-----
Generated at Wed Oct 29 02:34:06 2025 by rpki-client