Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json)
Hash identifier: EFd3vkMn6Iu1nynHVjW3ph6VPjirQRZlBIDewtJY85s=
Subject key identifier: 20:0B:FD:57:9E:68:C5:D1:B3:37:90:32:CB:24:42:39:12:E5:A1:F0
Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Certificate serial: 019A70A51476AC2A8A8F232E4A397A9FC567
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
Manifest number: 1344
Signing time: Tue 11 Nov 2025 02:00:58 +0000
Manifest this update: Tue 11 Nov 2025 02:00:58 +0000
Manifest next update: Wed 12 Nov 2025 02:00:58 +0000
Files and hashes: 1: CSj4rvQmRyDsyaDEw0jstidXLzo.roa (hash: 3pSnEcRnf/ULKrT/Poc1HoH7UgR2xUCZ7SNrN3hfNmI=)
2: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: rBxmhcPvyNXhvB4VqLzXmBIPv4fEPsQtVFFgkQjMeOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:14:76:ac:2a:8a:8f:23:2e:4a:39:7a:9f:c5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Validity
Not Before: Nov 11 02:00:58 2025 GMT
Not After : Nov 12 02:00:58 2025 GMT
Subject: CN=200bfd579e68c5d1b3379032cb24423912e5a1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:26:2b:b1:19:ca:2a:5d:b4:0e:4d:e6:ac:
f5:71:75:9e:02:1c:25:1f:69:fb:1e:7d:b5:f7:36:
11:ba:0d:f2:f0:9d:ee:fe:ff:53:3d:b1:2b:1e:8a:
44:fe:2a:94:a7:46:71:56:37:f8:5f:4e:61:18:bc:
ca:8e:4c:a9:d9:12:e1:1d:79:56:7c:98:34:3b:38:
b5:1c:76:32:c8:4e:e2:3c:77:43:25:2c:fb:78:78:
e4:8a:11:51:c9:e8:12:a0:c6:71:94:fe:3c:7b:65:
94:8f:85:38:02:7d:78:d4:e6:5e:da:0c:69:d4:1f:
d4:c4:e0:06:fd:bf:7e:47:32:c5:43:47:44:58:f1:
55:b9:32:e6:a3:7f:b8:7b:18:3f:9b:d7:72:e6:d8:
e8:c3:b1:de:ae:94:7b:ca:20:96:ce:12:c8:2b:c9:
52:21:53:98:f5:57:ce:df:2b:09:ec:c3:a3:0d:5f:
57:72:c8:57:f7:9e:d8:83:f5:5d:7c:f4:d6:7d:04:
de:35:35:fd:05:5c:37:9f:29:10:cb:c5:4e:ca:6e:
03:c2:ab:bd:76:26:51:c1:c2:83:67:52:8a:65:4c:
53:46:b8:83:67:47:fe:77:c9:e8:ce:4a:07:03:0a:
8f:6c:79:5a:08:e1:6a:c5:65:50:6c:44:b9:c8:02:
12:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0B:FD:57:9E:68:C5:D1:B3:37:90:32:CB:24:42:39:12:E5:A1:F0
X509v3 Authority Key Identifier:
keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:62:a7:88:9c:8f:81:3f:8f:b5:40:11:a6:66:23:85:33:0d:
76:55:6e:fe:9f:a9:54:3c:cc:d8:96:d0:15:d7:51:e1:95:06:
97:e6:5f:aa:8e:88:b4:92:02:0d:da:bb:80:b7:e8:73:ef:66:
8c:e1:c9:c4:c3:95:37:8c:e3:35:4a:a1:2a:e8:1e:83:a5:ca:
4f:d5:c8:4a:1b:c5:87:96:fc:38:ad:6e:fe:7c:bc:c0:41:6e:
1d:6a:35:72:ba:97:37:b9:66:a5:52:59:dd:36:a7:5c:4c:9b:
ca:ad:35:cb:3c:97:b0:f3:57:85:41:3b:04:7e:ef:86:9b:83:
f6:f9:14:8d:d3:1d:6f:ae:79:c1:e6:0b:11:a7:eb:a6:58:c0:
70:f9:1e:d9:c2:77:ab:02:fb:b1:db:b5:fc:22:a3:d9:b1:59:
77:02:4d:30:30:64:63:f9:2f:2e:3b:26:68:57:64:71:9b:64:
be:cb:3d:6d:f0:c1:d2:3d:32:81:2e:57:13:97:77:5f:44:00:
c9:d2:f4:bf:8e:51:8a:5a:bb:09:2b:44:02:4b:8b:1e:84:89:
cf:8f:96:f1:ec:19:13:d7:3e:a2:ac:ff:9b:ea:a9:e0:3b:08:
81:69:8d:ff:c0:b9:09:4b:26:52:79:ff:2a:e5:a6:d8:30:66:
da:da:2e:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRR2rCqKjyMuSjl6n8VnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy
OTcwYjEwHhcNMjUxMTExMDIwMDU4WhcNMjUxMTEyMDIwMDU4WjAzMTEwLwYDVQQD
EygyMDBiZmQ1NzllNjhjNWQxYjMzNzkwMzJjYjI0NDIzOTEyZTVhMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0esmK7EZyipdtA5N5qz1cXWeAhwl
H2n7Hn219zYRug3y8J3u/v9TPbErHopE/iqUp0ZxVjf4X05hGLzKjkyp2RLhHXlW
fJg0Ozi1HHYyyE7iPHdDJSz7eHjkihFRyegSoMZxlP48e2WUj4U4An141OZe2gxp
1B/UxOAG/b9+RzLFQ0dEWPFVuTLmo3+4exg/m9dy5tjow7HerpR7yiCWzhLIK8lS
IVOY9VfO3ysJ7MOjDV9XcshX957Yg/VdfPTWfQTeNTX9BVw3nykQy8VOym4Dwqu9
diZRwcKDZ1KKZUxTRriDZ0f+d8nozkoHAwqPbHlaCOFqxWVQbES5yAIS7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAL/VeeaMXRszeQMsskQjkS5aHwMB8GA1UdIwQY
MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt
NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk
LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASGKniJyP
gT+PtUARpmYjhTMNdlVu/p+pVDzM2JbQFddR4ZUGl+Zfqo6ItJICDdq7gLfoc+9m
jOHJxMOVN4zjNUqhKugeg6XKT9XIShvFh5b8OK1u/ny8wEFuHWo1crqXN7lmpVJZ
3TanXEybyq01yzyXsPNXhUE7BH7vhpuD9vkUjdMdb655weYLEafrpljAcPke2cJ3
qwL7sdu1/CKj2bFZdwJNMDBkY/kvLjsmaFdkcZtkvss9bfDB0j0ygS5XE5d3X0QA
ydL0v45Rilq7CStEAkuLHoSJz4+W8ewZE9c+oqz/m+qp4DsIgWmN/8C5CUsmUnn/
KuWm2DBm2touaQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:47 2025 by rpki-client