Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.mft
File: HqsBKTydvRqdatyGGCtSDNF2wAc.mft (raw, json)
Hash identifier: 0qLSthspkzElotdvY0KyW7AGWDCqXQMgwGPHLteSIAA=
Subject key identifier: FD:F1:1C:EF:1B:1E:25:DA:6D:E5:9E:A0:39:B4:3C:86:34:C6:A8:9A
Authority key identifier: 1E:AB:01:29:3C:9D:BD:1A:9D:6A:DC:86:18:2B:52:0C:D1:76:C0:07
Certificate issuer: /CN=1eab01293c9dbd1a9d6adc86182b520cd176c007
Certificate serial: 019A6DDC10066858AFF52C964971920A570E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.mft
Manifest number: 14CF
Signing time: Mon 10 Nov 2025 13:02:09 +0000
Manifest this update: Mon 10 Nov 2025 13:02:09 +0000
Manifest next update: Tue 11 Nov 2025 13:02:09 +0000
Files and hashes: 1: HqsBKTydvRqdatyGGCtSDNF2wAc.crl (hash: 0AoOQHvdR9fyU12tHvnnWTPYaT60OpjAEPWS9l2ugto=)
2: ub3jhWL8KmU55QyzLWlOgggBar8.roa (hash: uMoRi+7KkYToPIHx+yE4FpiPieRkes7ACBQfGkW0VCM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Nov 2025 08:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6d:dc:10:06:68:58:af:f5:2c:96:49:71:92:0a:57:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eab01293c9dbd1a9d6adc86182b520cd176c007
Validity
Not Before: Nov 10 13:02:09 2025 GMT
Not After : Nov 11 13:02:09 2025 GMT
Subject: CN=fdf11cef1b1e25da6de59ea039b43c8634c6a89a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9a:6e:17:29:85:a5:44:95:8f:99:97:04:05:
c4:fb:be:9b:c6:c4:ab:d5:40:18:1b:99:73:76:32:
77:91:0c:dc:0d:6b:7a:b5:5f:6c:ba:31:17:b5:22:
50:f3:6e:24:65:7c:bf:51:33:ec:e5:1f:a0:70:2a:
21:e1:6e:dd:7f:7c:08:d5:44:b3:ab:45:bc:57:e2:
bf:8f:be:9c:c2:ea:4c:7f:35:de:36:c7:53:57:4e:
f4:c4:8d:1b:a1:79:de:85:2d:30:b3:a5:5c:81:e5:
58:cf:43:23:76:58:01:9b:3d:d6:5d:66:ac:79:b8:
39:b5:9a:92:19:0f:ef:9a:70:bf:a0:c6:bf:11:83:
6f:ca:eb:02:85:ef:8b:0a:9f:1d:b3:81:b3:42:8a:
c3:83:74:28:de:34:6d:92:6f:3c:aa:1a:bd:31:6f:
63:02:8e:63:71:38:0d:9d:fa:e9:90:c4:38:b2:30:
39:44:9c:c5:f8:ad:0c:48:a8:13:f5:0a:ac:e6:73:
42:13:ab:6d:9f:04:bf:c2:bd:c6:75:57:6f:e6:27:
48:1b:fa:98:22:17:87:28:f8:36:0e:46:f8:9a:b8:
5a:05:66:93:07:29:87:7f:6a:62:94:67:90:db:a5:
6a:c6:51:a3:93:0c:fa:8f:8f:68:66:7b:ca:43:f0:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F1:1C:EF:1B:1E:25:DA:6D:E5:9E:A0:39:B4:3C:86:34:C6:A8:9A
X509v3 Authority Key Identifier:
keyid:1E:AB:01:29:3C:9D:BD:1A:9D:6A:DC:86:18:2B:52:0C:D1:76:C0:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:97:9b:54:e6:0b:2c:72:de:e6:db:c4:4e:1a:8d:24:8f:3b:
cf:51:2d:75:44:eb:a2:4e:44:92:07:7e:67:15:1b:b0:b7:b9:
98:e5:c6:de:bc:e1:fe:b1:23:bf:3a:71:c2:19:f4:7f:91:41:
8f:dc:5b:54:08:fb:02:6f:df:43:9f:66:3d:85:e0:97:f7:80:
3f:7a:20:91:45:4a:af:f7:50:66:89:d1:cb:86:f9:6e:27:c9:
84:73:cb:8b:0c:bd:19:86:db:07:00:34:9c:f0:e8:76:ac:1c:
51:ab:0e:b6:10:4e:d9:c7:38:8d:77:2a:d2:e0:7b:24:cb:f3:
59:e9:75:6f:fc:1c:af:57:92:42:45:49:67:66:b4:e1:e4:47:
24:06:b7:e4:25:0a:90:8b:c2:24:a8:01:2c:2d:a9:2e:1d:c8:
f1:e6:aa:91:93:48:6d:6e:02:6b:74:1f:01:27:2d:bb:de:f6:
a0:4f:81:d6:54:a2:c9:54:46:1e:2f:5c:44:18:1c:11:8e:5f:
19:d1:08:7f:f5:6b:0f:f7:49:38:69:b2:aa:ae:ae:da:84:93:
c6:d4:50:6c:13:cf:20:36:12:29:fc:b5:f2:e0:0a:9c:d5:1e:
1d:70:6e:a2:e5:31:38:c9:8a:16:1e:63:c2:a1:c6:95:86:9b:
7e:50:42:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpt3BAGaFiv9SyWSXGSClcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWIwMTI5M2M5ZGJkMWE5ZDZhZGM4NjE4MmI1MjBjZDE3
NmMwMDcwHhcNMjUxMTEwMTMwMjA5WhcNMjUxMTExMTMwMjA5WjAzMTEwLwYDVQQD
EyhmZGYxMWNlZjFiMWUyNWRhNmRlNTllYTAzOWI0M2M4NjM0YzZhODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJpuFymFpUSVj5mXBAXE+76bxsSr
1UAYG5lzdjJ3kQzcDWt6tV9sujEXtSJQ824kZXy/UTPs5R+gcCoh4W7df3wI1USz
q0W8V+K/j76cwupMfzXeNsdTV070xI0boXnehS0ws6VcgeVYz0MjdlgBmz3WXWas
ebg5tZqSGQ/vmnC/oMa/EYNvyusChe+LCp8ds4GzQorDg3Qo3jRtkm88qhq9MW9j
Ao5jcTgNnfrpkMQ4sjA5RJzF+K0MSKgT9Qqs5nNCE6ttnwS/wr3GdVdv5idIG/qY
IheHKPg2Dkb4mrhaBWaTBymHf2pilGeQ26VqxlGjkwz6j49oZnvKQ/A6CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3xHO8bHiXabeWeoDm0PIY0xqiaMB8GA1UdIwQY
MBaAFB6rASk8nb0anWrchhgrUgzRdsAHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFzQktUeWR2UnFkYXR5R0dDdFNETkYyd0FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jMDBjMTMtNzkxYS00ZTE1LWJhZjct
ZTAzYWM1ODlhMDNmLzEvSHFzQktUeWR2UnFkYXR5R0dDdFNETkYyd0FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9jMDBjMTMtNzkxYS00ZTE1LWJhZjctZTAzYWM1ODlhMDNm
LzEvSHFzQktUeWR2UnFkYXR5R0dDdFNETkYyd0FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpebVOYL
LHLe5tvEThqNJI87z1EtdUTrok5Ekgd+ZxUbsLe5mOXG3rzh/rEjvzpxwhn0f5FB
j9xbVAj7Am/fQ59mPYXgl/eAP3ogkUVKr/dQZonRy4b5bifJhHPLiwy9GYbbBwA0
nPDodqwcUasOthBO2cc4jXcq0uB7JMvzWel1b/wcr1eSQkVJZ2a04eRHJAa35CUK
kIvCJKgBLC2pLh3I8eaqkZNIbW4Ca3QfASctu972oE+B1lSiyVRGHi9cRBgcEY5f
GdEIf/VrD/dJOGmyqq6u2oSTxtRQbBPPIDYSKfy18uAKnNUeHXBuouUxOMmKFh5j
wqHGlYabflBCZA==
-----END CERTIFICATE-----
Generated at Mon Nov 10 16:05:49 2025 by rpki-client