Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
File: HxKTy74vaSVA08xaboI2YElMQGM.mft (raw, json)
Hash identifier: JM4zvZL3RgVT8iRgJwmbugng/SxaKz7R2fV2f9eGvXA=
Subject key identifier: 54:34:96:31:E9:0E:07:39:D6:66:F5:EF:A6:88:90:18:5F:23:94:C8
Authority key identifier: 1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
Certificate issuer: /CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Certificate serial: 019A706DE77A9282EC6AD7FEF6639C987B48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
Manifest number: 0EA1
Signing time: Tue 11 Nov 2025 01:00:42 +0000
Manifest this update: Tue 11 Nov 2025 01:00:42 +0000
Manifest next update: Wed 12 Nov 2025 01:00:42 +0000
Files and hashes: 1: HxKTy74vaSVA08xaboI2YElMQGM.crl (hash: WK4jJIkcuFrM3W1S6hNO1Z2oGlBRf1WurJIccd4ABmE=)
2: qBbXPlomssD9zrP_xFljqdR0LbI.roa (hash: Gow+NF8w68xqHQfvdIHVUtAvsOi+ZzLSZN8/SeU/9ok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6d:e7:7a:92:82:ec:6a:d7:fe:f6:63:9c:98:7b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Validity
Not Before: Nov 11 01:00:42 2025 GMT
Not After : Nov 12 01:00:42 2025 GMT
Subject: CN=54349631e90e0739d666f5efa68890185f2394c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:b8:48:11:cd:a0:a2:be:2b:8a:35:63:f5:
c3:a8:c2:eb:ed:35:0e:cc:49:bb:91:02:83:4b:1c:
77:16:1e:a0:4a:9d:df:3d:bf:63:19:2f:48:16:2a:
a0:63:04:4d:22:0b:6d:43:b2:d1:0e:5e:e6:70:bc:
22:f8:ee:28:48:58:94:c3:70:49:21:b2:9b:50:c2:
53:a1:b9:ca:c4:d3:6b:99:32:76:da:ba:2a:6c:b5:
c9:66:85:67:0d:3b:d5:d6:61:8a:9f:c2:ec:ed:dd:
ce:2f:9f:11:df:68:91:41:a6:dd:3a:d2:21:e2:ef:
77:3f:a4:5b:5f:3b:69:e4:86:47:09:da:36:4a:71:
05:6b:b0:3e:0a:a7:04:b4:3f:71:d8:71:17:ce:9f:
13:13:3a:59:2a:73:24:4d:47:06:9d:a4:6a:e0:89:
07:3d:32:18:44:64:0c:41:b3:26:7a:8a:4b:05:6a:
e3:61:cc:1f:9b:2f:c7:32:20:06:52:73:9e:83:3c:
7e:93:b3:46:4a:2a:d3:51:9f:78:0c:58:ef:3d:af:
de:0d:e1:0a:b2:de:6f:1b:b9:cb:f4:e6:49:5a:fd:
99:d7:65:cf:42:dd:c0:35:91:89:2d:fc:9b:69:21:
17:73:18:5b:59:a5:7d:cc:84:8d:e9:a9:ce:87:c1:
74:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:34:96:31:E9:0E:07:39:D6:66:F5:EF:A6:88:90:18:5F:23:94:C8
X509v3 Authority Key Identifier:
keyid:1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:67:bf:02:95:e4:61:22:b1:7f:b0:08:ac:4c:e7:44:6d:a4:
65:2c:92:7e:cf:05:bf:bb:eb:32:5a:2c:6b:df:8e:21:5e:a5:
69:1a:04:58:f6:c8:d2:7d:2a:49:6b:4a:64:fc:05:8f:20:b4:
59:a9:05:ac:40:f6:3b:8f:c7:1e:15:fe:6f:74:99:31:00:6f:
65:c3:bc:05:11:ca:23:ca:8e:a5:72:56:00:6e:a4:e9:12:3d:
02:c9:63:ad:a6:1b:ba:12:fc:27:fb:7f:19:dd:d2:76:6b:ba:
44:de:a8:b9:9b:8c:0a:28:8d:3b:1e:5c:30:53:8f:0e:b1:67:
ab:77:13:91:55:a0:40:cc:17:98:08:6e:d5:c0:11:14:a5:89:
2b:10:ea:c4:84:ac:f1:b3:ff:5e:ce:54:6a:da:42:3f:b7:a7:
80:cf:cc:14:4e:69:de:bc:de:ea:c2:20:02:38:17:5b:a4:49:
43:f2:62:51:cf:11:46:3f:3d:62:02:11:ce:c3:ab:7a:9b:26:
69:95:a4:7f:28:c9:ea:22:0b:50:3d:c1:7a:af:80:22:0a:84:
2f:cd:d4:60:03:ed:86:6a:bc:9b:7d:b1:82:64:6d:e3:7a:db:
16:d2:21:d3:31:c8:6d:52:5a:af:ba:28:21:26:00:0e:7b:af:
7d:a6:77:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbed6koLsatf+9mOcmHtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTI5M2NiYmUyZjY5MjU0MGQzY2M1YTZlODIzNjYwNDk0
YzQwNjMwHhcNMjUxMTExMDEwMDQyWhcNMjUxMTEyMDEwMDQyWjAzMTEwLwYDVQQD
Eyg1NDM0OTYzMWU5MGUwNzM5ZDY2NmY1ZWZhNjg4OTAxODVmMjM5NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlO4SBHNoKK+K4o1Y/XDqMLr7TUO
zEm7kQKDSxx3Fh6gSp3fPb9jGS9IFiqgYwRNIgttQ7LRDl7mcLwi+O4oSFiUw3BJ
IbKbUMJTobnKxNNrmTJ22roqbLXJZoVnDTvV1mGKn8Ls7d3OL58R32iRQabdOtIh
4u93P6RbXztp5IZHCdo2SnEFa7A+CqcEtD9x2HEXzp8TEzpZKnMkTUcGnaRq4IkH
PTIYRGQMQbMmeopLBWrjYcwfmy/HMiAGUnOegzx+k7NGSirTUZ94DFjvPa/eDeEK
st5vG7nL9OZJWv2Z12XPQt3ANZGJLfybaSEXcxhbWaV9zISN6anOh8F0FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQ0ljHpDgc51mb176aIkBhfI5TIMB8GA1UdIwQY
MBaAFB8Sk8u+L2klQNPMWm6CNmBJTEBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQt
MjY5NzE1OTlhNTU0LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQtMjY5NzE1OTlhNTU0
LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWe/ApXk
YSKxf7AIrEznRG2kZSySfs8Fv7vrMlosa9+OIV6laRoEWPbI0n0qSWtKZPwFjyC0
WakFrED2O4/HHhX+b3SZMQBvZcO8BRHKI8qOpXJWAG6k6RI9AsljraYbuhL8J/t/
Gd3Sdmu6RN6ouZuMCiiNOx5cMFOPDrFnq3cTkVWgQMwXmAhu1cARFKWJKxDqxISs
8bP/Xs5UatpCP7engM/MFE5p3rze6sIgAjgXW6RJQ/JiUc8RRj89YgIRzsOrepsm
aZWkfyjJ6iILUD3Beq+AIgqEL83UYAPthmq8m32xgmRt43rbFtIh0zHIbVJar7oo
ISYADnuvfaZ3/g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:20 2025 by rpki-client