Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.mft
File: hqj_TJxWZn2ZAl1_AVkcv3etLwk.mft (raw, json)
Hash identifier: P/FpYfdFtFfdenLyMXx299oTIO6ZsaiQmnnFjsBddl8=
Subject key identifier: FC:C3:76:99:C6:5D:7D:C2:B1:21:CA:44:B1:99:E1:86:F7:6F:A1:AE
Authority key identifier: 86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09
Certificate issuer: /CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
Certificate serial: 019A7149F7A7F3AE1604C7D68FCE494C67C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 05:01:04 +0000
Manifest this update: Tue 11 Nov 2025 05:01:04 +0000
Manifest next update: Wed 12 Nov 2025 05:01:04 +0000
Files and hashes: 1: 1WUnRPC7TQDCpNLBGqvpavEUfIY.roa (hash: 9QvvOYrRTeWxJPVmSD6bFU7GJTKQU/1G/slvGit4Jc8=)
2: RNRuwUDah5HvDqZL8fLpyHsOiSQ.roa (hash: IBeeTINphPH0VAeRRmwtztVgI3ETdvS9ro285LvOBzI=)
3: hqj_TJxWZn2ZAl1_AVkcv3etLwk.crl (hash: VZIBiF82tNmGGEFdM7jITIftPlyEO7XEh3oL7qW+B4E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:f7:a7:f3:ae:16:04:c7:d6:8f:ce:49:4c:67:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
Validity
Not Before: Nov 11 05:01:04 2025 GMT
Not After : Nov 12 05:01:04 2025 GMT
Subject: CN=fcc37699c65d7dc2b121ca44b199e186f76fa1ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e6:d7:97:4b:ae:ec:af:10:c4:bd:0c:af:08:
0b:8d:13:d3:09:a3:9e:69:01:aa:74:f9:bd:c6:bf:
7a:04:27:4c:d8:2d:57:ef:0f:c2:16:6d:4c:a7:a8:
b0:8b:19:09:6f:32:6a:2b:fa:67:14:19:e2:65:19:
67:af:8f:32:35:e5:bd:17:38:38:01:07:d9:75:cc:
51:38:a1:3c:7c:dc:d5:56:3a:37:10:25:c7:fd:6a:
ad:9b:05:67:cd:1c:f0:18:05:72:79:24:a6:90:ee:
98:05:d3:97:24:12:40:9e:5b:c9:3d:d1:c7:6a:c2:
b5:44:62:ba:94:04:15:27:96:c8:e9:de:08:98:7a:
e8:c3:d5:67:3d:78:bd:ab:0e:ce:30:d0:8b:4f:08:
a8:8e:99:2f:de:26:fc:26:43:7d:a1:c0:a3:3b:75:
61:ff:4c:9f:97:ae:b4:9d:ed:8e:a8:53:5a:bc:00:
df:6d:86:83:f7:c0:65:c7:9f:25:06:26:1e:fc:37:
68:f3:04:5d:74:f6:c4:af:09:c9:9e:87:1b:57:8c:
6e:d8:1d:b7:10:d0:90:e3:9d:0d:dd:e5:d3:ba:a8:
75:7c:3f:b8:2f:f8:c1:69:d3:bf:69:5e:df:bf:50:
42:c3:fd:2f:7e:77:30:8d:fd:bc:1a:ab:2f:5a:85:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C3:76:99:C6:5D:7D:C2:B1:21:CA:44:B1:99:E1:86:F7:6F:A1:AE
X509v3 Authority Key Identifier:
keyid:86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:b7:52:60:e8:46:1f:b4:e1:cc:6c:7c:f5:89:e7:d0:cb:8f:
c8:08:81:3c:98:8a:de:60:a3:d3:e0:ea:55:d4:a8:4e:ce:25:
96:13:20:72:f7:82:91:b4:c8:91:2b:72:6f:24:15:b6:a0:e7:
1b:ea:4c:74:4f:6e:d6:6d:d5:7a:3d:97:c5:83:b6:b2:d3:5c:
75:58:c2:b8:f9:4e:cf:61:d1:f9:40:0b:96:e8:91:17:b6:e2:
3e:72:ef:97:90:e4:09:7b:d9:a2:6d:a4:13:8d:62:04:9c:44:
ca:6d:8f:2d:4f:e3:e5:d8:9e:50:82:e1:71:1f:ba:da:0d:b4:
59:ef:55:49:9c:30:9b:3c:eb:76:20:b7:ab:7d:cb:7e:dd:ba:
6d:26:3c:7b:39:72:3e:8d:b2:3f:b6:2b:5f:4d:65:5b:cd:7e:
26:46:a4:66:8a:65:ca:5e:05:d4:40:a4:9c:04:5c:af:b4:f2:
39:e6:6b:92:88:01:ff:14:9f:4a:cc:6c:b0:e3:bd:3a:f4:1d:
54:14:5b:d6:1a:07:1f:a6:85:2e:75:1a:ae:35:bc:8d:7a:77:
da:46:5a:d6:94:03:b8:08:71:16:ae:8f:b7:d3:3a:1a:57:c7:
c4:01:6f:e1:8a:b7:43:f4:6e:2c:bc:a7:fc:25:07:f0:01:4d:
4a:b5:5c:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfen864WBMfWj85JTGfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YThmZjRjOWM1NjY2N2Q5OTAyNWQ3ZjAxNTkxY2JmNzdh
ZDJmMDkwHhcNMjUxMTExMDUwMTA0WhcNMjUxMTEyMDUwMTA0WjAzMTEwLwYDVQQD
EyhmY2MzNzY5OWM2NWQ3ZGMyYjEyMWNhNDRiMTk5ZTE4NmY3NmZhMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsObXl0uu7K8QxL0MrwgLjRPTCaOe
aQGqdPm9xr96BCdM2C1X7w/CFm1Mp6iwixkJbzJqK/pnFBniZRlnr48yNeW9Fzg4
AQfZdcxROKE8fNzVVjo3ECXH/WqtmwVnzRzwGAVyeSSmkO6YBdOXJBJAnlvJPdHH
asK1RGK6lAQVJ5bI6d4ImHrow9VnPXi9qw7OMNCLTwiojpkv3ib8JkN9ocCjO3Vh
/0yfl660ne2OqFNavADfbYaD98Blx58lBiYe/Ddo8wRddPbErwnJnocbV4xu2B23
ENCQ450N3eXTuqh1fD+4L/jBadO/aV7fv1BCw/0vfncwjf28GqsvWoWi5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzDdpnGXX3CsSHKRLGZ4Yb3b6GuMB8GA1UdIwQY
MBaAFIao/0ycVmZ9mQJdfwFZHL93rS8JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFqX1RKeFdabjJaQWwxX0FWa2N2M2V0THdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jOTIxZTgtNmM5NC00Y2MyLWI5ZmQt
MDZhNDk5NjhjMmQzLzEvaHFqX1RKeFdabjJaQWwxX0FWa2N2M2V0THdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jOTIxZTgtNmM5NC00Y2MyLWI5ZmQtMDZhNDk5NjhjMmQz
LzEvaHFqX1RKeFdabjJaQWwxX0FWa2N2M2V0THdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLdSYOhG
H7ThzGx89Ynn0MuPyAiBPJiK3mCj0+DqVdSoTs4llhMgcveCkbTIkStybyQVtqDn
G+pMdE9u1m3Vej2XxYO2stNcdVjCuPlOz2HR+UALluiRF7biPnLvl5DkCXvZom2k
E41iBJxEym2PLU/j5dieUILhcR+62g20We9VSZwwmzzrdiC3q33Lft26bSY8ezly
Po2yP7YrX01lW81+JkakZoplyl4F1ECknARcr7TyOeZrkogB/xSfSsxssOO9OvQd
VBRb1hoHH6aFLnUarjW8jXp32kZa1pQDuAhxFq6Pt9M6GlfHxAFv4Yq3Q/RuLLyn
/CUH8AFNSrVcZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:06 2025 by rpki-client