Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json)
Hash identifier: l0Kzj2kSA/i7/lIaL7IeflZKvH35x0V17ptSwa4gbHQ=
Subject key identifier: 3F:B7:CA:0D:FB:98:05:EC:8B:89:16:F3:53:57:7A:25:C2:73:4E:DA
Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Certificate serial: 0199228C2A7953F1EA811D430E5429163A58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
Manifest number: 1297
Signing time: Sun 07 Sep 2025 05:00:35 +0000
Manifest this update: Sun 07 Sep 2025 05:00:35 +0000
Manifest next update: Mon 08 Sep 2025 05:00:35 +0000
Files and hashes: 1: CSj4rvQmRyDsyaDEw0jstidXLzo.roa (hash: 3pSnEcRnf/ULKrT/Poc1HoH7UgR2xUCZ7SNrN3hfNmI=)
2: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: pEIqU+Xn7TzM6oVYOZ63UdCWJwGHHj3/rROi901azwg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:2a:79:53:f1:ea:81:1d:43:0e:54:29:16:3a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Validity
Not Before: Sep 7 05:00:35 2025 GMT
Not After : Sep 8 05:00:35 2025 GMT
Subject: CN=3fb7ca0dfb9805ec8b8916f353577a25c2734eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:1b:dd:86:2a:21:3f:bf:ec:14:f0:bd:c0:
6d:ed:bd:a8:e1:aa:78:75:9d:c1:b6:be:df:21:b8:
30:84:3e:20:80:20:ed:8d:ca:95:89:29:60:d3:74:
dd:bf:0e:32:62:8f:fd:90:d5:ce:d7:4c:88:4d:49:
84:dc:c0:9b:d1:49:b2:79:dd:4a:44:4b:14:b8:cc:
00:8b:ba:18:04:33:39:80:43:8e:2c:0f:a0:84:5d:
0d:de:3a:b2:7b:16:1a:dd:0b:23:d5:91:a2:97:e7:
f4:e4:3b:6c:8d:ea:af:6d:86:a9:e1:5d:19:cb:25:
c8:78:6e:47:06:98:33:7d:8a:56:8b:95:9b:35:4c:
21:cd:b4:77:d9:88:fc:9c:41:4d:21:78:3d:fe:2f:
8e:b9:71:21:75:ce:5f:6d:4c:7f:86:45:fc:a4:a0:
86:56:08:e0:9b:61:90:69:f0:f0:62:0c:5a:b2:04:
58:4e:e2:37:e7:ca:0a:42:4b:81:c5:57:35:b9:e5:
df:6f:70:29:72:1e:a6:72:a5:48:b7:f0:76:2b:cd:
c3:f0:e0:00:b3:97:2b:0b:bb:d3:e2:b6:b3:05:a4:
90:91:4f:95:bc:f7:34:5b:2e:ef:a7:36:62:e9:5a:
7b:96:6f:2f:e2:7d:d3:29:52:f9:25:a7:02:df:74:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B7:CA:0D:FB:98:05:EC:8B:89:16:F3:53:57:7A:25:C2:73:4E:DA
X509v3 Authority Key Identifier:
keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:27:8a:b6:cd:c7:35:7c:a1:dd:a9:9e:b0:2b:1a:51:28:0d:
66:2a:55:d0:6f:a4:9c:8b:51:5d:4d:05:99:ef:cd:5a:7b:71:
4c:a2:4d:1a:a2:ee:d4:22:43:24:07:30:88:8a:17:40:52:83:
85:51:a8:b3:06:fa:60:48:e1:3a:cd:1f:60:5e:69:ad:aa:2a:
aa:d7:d0:b0:48:1f:17:43:05:12:49:cd:3c:e7:80:c7:e8:38:
2b:f2:1a:6c:bb:a2:79:b5:7f:ed:4b:1e:0d:52:ed:cd:7b:29:
1c:b0:13:5c:ea:a3:04:5f:6e:7d:ec:44:19:7e:48:d1:d4:ad:
28:be:c7:6d:15:a6:b4:ab:86:8a:63:a6:58:83:a9:5a:76:d1:
0d:a0:b8:9a:c5:fc:4e:0d:80:33:19:94:8c:f4:1b:2c:5b:df:
ff:2d:d6:76:c7:7b:23:66:7a:3f:a8:6c:05:99:cd:2d:e5:20:
39:73:3c:67:e6:60:47:06:1c:cf:8a:e1:b3:8b:10:54:95:b2:
57:31:e6:25:9c:e0:9d:fc:01:3e:1f:67:ba:d1:12:3a:b5:bf:
c4:8d:d3:8f:08:18:bc:3a:3e:67:ea:cd:24:55:d1:db:59:68:
91:de:a7:ac:0d:47:6b:b5:04:aa:44:f4:1d:4d:ff:0a:86:69:
f9:3b:32:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijCp5U/HqgR1DDlQpFjpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy
OTcwYjEwHhcNMjUwOTA3MDUwMDM1WhcNMjUwOTA4MDUwMDM1WjAzMTEwLwYDVQQD
EygzZmI3Y2EwZGZiOTgwNWVjOGI4OTE2ZjM1MzU3N2EyNWMyNzM0ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh0b3YYqIT+/7BTwvcBt7b2o4ap4
dZ3Btr7fIbgwhD4ggCDtjcqViSlg03Tdvw4yYo/9kNXO10yITUmE3MCb0Umyed1K
REsUuMwAi7oYBDM5gEOOLA+ghF0N3jqyexYa3Qsj1ZGil+f05DtsjeqvbYap4V0Z
yyXIeG5HBpgzfYpWi5WbNUwhzbR32Yj8nEFNIXg9/i+OuXEhdc5fbUx/hkX8pKCG
Vgjgm2GQafDwYgxasgRYTuI358oKQkuBxVc1ueXfb3Apch6mcqVIt/B2K83D8OAA
s5crC7vT4razBaSQkU+VvPc0Wy7vpzZi6Vp7lm8v4n3TKVL5JacC33T5VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+3yg37mAXsi4kW81NXeiXCc07aMB8GA1UdIwQY
MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt
NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk
LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmieKts3H
NXyh3amesCsaUSgNZipV0G+knItRXU0Fme/NWntxTKJNGqLu1CJDJAcwiIoXQFKD
hVGoswb6YEjhOs0fYF5praoqqtfQsEgfF0MFEknNPOeAx+g4K/IabLuiebV/7Use
DVLtzXspHLATXOqjBF9ufexEGX5I0dStKL7HbRWmtKuGimOmWIOpWnbRDaC4msX8
Tg2AMxmUjPQbLFvf/y3Wdsd7I2Z6P6hsBZnNLeUgOXM8Z+ZgRwYcz4rhs4sQVJWy
VzHmJZzgnfwBPh9nutESOrW/xI3TjwgYvDo+Z+rNJFXR21lokd6nrA1Ha7UEqkT0
HU3/CoZp+Tsy7A==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:00:38 2025 by rpki-client