Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
File: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft (raw, json)
Hash identifier: 7lYGOoBbkHtAoLD/PBGg2uVRMgS1Lj4NttLRU+tv4A4=
Subject key identifier: 8C:20:EA:4E:74:AC:E9:27:F9:43:CF:E6:36:A1:BA:85:F5:63:21:F7
Authority key identifier: 1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
Certificate issuer: /CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Certificate serial: 019A7149D525B8172184376E20567171A036
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
Manifest number: 0C40
Signing time: Tue 11 Nov 2025 05:00:55 +0000
Manifest this update: Tue 11 Nov 2025 05:00:55 +0000
Manifest next update: Wed 12 Nov 2025 05:00:55 +0000
Files and hashes: 1: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl (hash: 2XV9EWjvkW83mWXhqMoKR8JoK4ZxZmBYg9vsPuSDEHM=)
2: cnFeqHBw9aaza2RenBeNwJKndxs.roa (hash: kjgI4uTxYMi7MCfdj3M5XWKqSFRmZG0IxbqIvN1jC7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d5:25:b8:17:21:84:37:6e:20:56:71:71:a0:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Validity
Not Before: Nov 11 05:00:55 2025 GMT
Not After : Nov 12 05:00:55 2025 GMT
Subject: CN=8c20ea4e74ace927f943cfe636a1ba85f56321f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:04:37:0d:46:2b:54:54:52:9b:a0:c7:35:
10:fb:14:ed:43:bd:0e:21:4b:84:ae:88:52:50:f8:
94:7a:09:91:65:f1:b2:3e:e3:06:f7:5b:4c:2c:10:
f8:f0:b5:85:44:5b:a2:0a:55:d7:23:93:86:95:a4:
31:5c:d0:54:58:a1:7f:19:34:a8:3d:74:00:60:9a:
1c:41:bc:d7:47:a8:60:7f:2c:97:e7:2d:37:f3:b8:
5d:f1:53:8d:c4:81:43:ff:da:89:74:03:c7:1f:99:
91:2e:e0:5d:3c:55:f2:f5:a6:d0:01:19:93:da:63:
3b:db:57:5c:df:40:b6:e8:06:e5:e1:c1:f5:13:a0:
a7:46:03:d0:56:2a:94:c6:cc:0e:27:ec:b5:ae:d1:
f8:4e:03:29:e8:30:aa:7c:c7:63:77:03:18:fd:05:
16:bf:df:ab:3e:d6:bf:95:3e:97:e6:4c:76:67:15:
ed:dd:e4:b3:d6:eb:cc:a4:4c:cd:4c:7d:34:58:41:
90:ca:95:ef:d5:0f:3e:1d:19:d6:64:75:85:36:2d:
70:b9:77:48:f3:f4:bd:1a:24:72:da:0f:50:c4:89:
01:d0:de:90:f5:be:3a:f5:a9:a2:3f:93:8e:fc:82:
a3:9b:11:71:d2:4e:c4:81:2e:d4:10:41:83:52:39:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:20:EA:4E:74:AC:E9:27:F9:43:CF:E6:36:A1:BA:85:F5:63:21:F7
X509v3 Authority Key Identifier:
keyid:1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:a1:27:24:eb:c2:76:65:54:de:a7:b6:80:b1:3b:b0:c6:07:
e9:39:77:6c:df:8d:2e:8f:99:1b:55:f4:52:ce:e8:cb:50:2e:
d4:7f:ba:df:9e:a6:b3:84:ea:bd:fc:f7:04:54:00:2f:1d:b7:
7c:5d:58:46:be:89:e5:57:f1:19:12:a1:bb:e2:c0:91:2c:bd:
3c:a7:0f:93:dc:db:7e:ee:3d:3e:bf:7b:2a:ee:64:91:e5:fc:
33:f1:26:f8:52:92:11:08:6a:04:e6:53:42:38:3f:46:62:27:
cd:b6:9e:2b:45:fd:38:20:c8:c1:6c:7c:d6:82:c1:f1:2a:9d:
d9:71:33:83:ed:f5:cc:5c:96:11:44:4e:db:43:0f:2e:87:78:
d6:df:1c:db:82:11:99:a1:a4:17:a2:45:9b:9f:67:db:83:41:
20:c5:7f:71:47:d2:79:cd:ee:6c:67:a7:1d:22:10:42:82:1f:
fc:f6:6d:90:0b:d4:a9:78:e2:25:62:5a:f1:bd:25:50:4a:b8:
dd:86:d7:67:9f:ce:cd:49:95:6c:ec:fd:63:65:73:df:ae:4b:
45:ed:5f:12:ce:30:59:78:09:4d:7b:ac:56:58:d6:04:f5:63:
5e:40:62:f4:6b:d6:80:34:14:42:f1:99:8b:36:97:9b:10:0b:
82:54:ad:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdUluBchhDduIFZxcaA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDI2MDQwNmU4MzdhZTM4MzgwZmNjOGQ5OTJiOTNkMGRl
MWE4M2IwHhcNMjUxMTExMDUwMDU1WhcNMjUxMTEyMDUwMDU1WjAzMTEwLwYDVQQD
Eyg4YzIwZWE0ZTc0YWNlOTI3Zjk0M2NmZTYzNmExYmE4NWY1NjMyMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+4ENw1GK1RUUpugxzUQ+xTtQ70O
IUuErohSUPiUegmRZfGyPuMG91tMLBD48LWFRFuiClXXI5OGlaQxXNBUWKF/GTSo
PXQAYJocQbzXR6hgfyyX5y0387hd8VONxIFD/9qJdAPHH5mRLuBdPFXy9abQARmT
2mM721dc30C26Abl4cH1E6CnRgPQViqUxswOJ+y1rtH4TgMp6DCqfMdjdwMY/QUW
v9+rPta/lT6X5kx2ZxXt3eSz1uvMpEzNTH00WEGQypXv1Q8+HRnWZHWFNi1wuXdI
8/S9GiRy2g9QxIkB0N6Q9b469amiP5OO/IKjmxFx0k7EgS7UEEGDUjmqkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwg6k50rOkn+UPP5jahuoX1YyH3MB8GA1UdIwQY
MBaAFB0CYEBug3rjg4D8yNmSuT0N4ag7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzIt
OGMwZmFjYTNjYmQ4LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzItOGMwZmFjYTNjYmQ4
LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbaEnJOvC
dmVU3qe2gLE7sMYH6Tl3bN+NLo+ZG1X0Us7oy1Au1H+6356ms4Tqvfz3BFQALx23
fF1YRr6J5VfxGRKhu+LAkSy9PKcPk9zbfu49Pr97Ku5kkeX8M/Em+FKSEQhqBOZT
Qjg/RmInzbaeK0X9OCDIwWx81oLB8Sqd2XEzg+31zFyWEURO20MPLod41t8c24IR
maGkF6JFm59n24NBIMV/cUfSec3ubGenHSIQQoIf/PZtkAvUqXjiJWJa8b0lUEq4
3YbXZ5/OzUmVbOz9Y2Vz365LRe1fEs4wWXgJTXusVljWBPVjXkBi9GvWgDQUQvGZ
izaXmxALglSt5A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:41 2025 by rpki-client