Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.mft
File: HgUGRdac54HkkMDzxJle5tTmB4s.mft (raw, json)
Hash identifier: yIlD9Hzr2x1ijBCHzpTa+9uQZuVmpqpfpBNyqaObdrs=
Subject key identifier: 32:0F:69:0A:DD:6F:02:BF:C7:75:C6:25:40:77:09:3C:57:B3:CE:CD
Authority key identifier: 1E:05:06:45:D6:9C:E7:81:E4:90:C0:F3:C4:99:5E:E6:D4:E6:07:8B
Certificate issuer: /CN=1e050645d69ce781e490c0f3c4995ee6d4e6078b
Certificate serial: 019A72267024B7F30FB06EA27A18B883EEED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgUGRdac54HkkMDzxJle5tTmB4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.mft
Manifest number: 08F9
Signing time: Tue 11 Nov 2025 09:01:52 +0000
Manifest this update: Tue 11 Nov 2025 09:01:52 +0000
Manifest next update: Wed 12 Nov 2025 09:01:52 +0000
Files and hashes: 1: Cng8TcnIXSMG5gaf3EVbnwwbQjk.roa (hash: SlPAu0/v+q9AU8NTLPmY4PB0nlmzfGz86P4I7oW5+Ns=)
2: HgUGRdac54HkkMDzxJle5tTmB4s.crl (hash: TsXFxn0SzO2ynw491huydCcbyax8LwppFJCwGElP+p0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/HgUGRdac54HkkMDzxJle5tTmB4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:70:24:b7:f3:0f:b0:6e:a2:7a:18:b8:83:ee:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e050645d69ce781e490c0f3c4995ee6d4e6078b
Validity
Not Before: Nov 11 09:01:52 2025 GMT
Not After : Nov 12 09:01:52 2025 GMT
Subject: CN=320f690add6f02bfc775c6254077093c57b3cecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:ce:71:4a:93:76:0d:78:18:fb:ae:08:46:
e1:f6:59:89:e9:76:0c:7c:5b:c2:bd:62:23:da:fb:
13:af:96:d3:90:4f:3f:c6:6b:d8:db:6e:d3:f5:25:
68:39:db:d5:76:5b:6f:e9:1a:95:d4:9f:0a:83:39:
83:bf:99:d6:81:ed:78:bc:98:8c:fe:75:9c:c0:ea:
b7:ea:c1:0e:a8:c0:db:1f:c2:42:80:07:87:05:7e:
31:1a:75:62:7e:77:1a:c6:89:c3:89:26:04:5d:9a:
22:82:16:87:11:c2:52:b5:df:d1:aa:a1:cd:cc:6f:
25:0e:ea:a0:cd:07:92:3b:5d:75:8f:cf:d5:8b:e8:
5a:f7:32:d1:59:e7:72:ec:be:57:f7:0a:cd:90:b1:
a7:ae:1f:35:dc:c9:c0:3c:d6:60:66:bf:c4:a6:77:
88:d5:d5:a2:b6:34:03:9b:a3:20:74:a3:19:cb:12:
96:4a:5c:70:76:35:72:a5:fd:11:55:28:e2:07:b4:
a7:2b:ed:da:60:24:90:c0:cd:86:8c:56:5a:6a:70:
da:e2:dd:d3:ad:73:b0:bf:e5:19:ef:0b:0e:92:db:
d4:48:f1:a2:46:6d:be:3b:7a:01:ba:07:fb:55:2c:
48:e4:79:4e:c1:8e:38:9f:29:6d:00:4b:82:fc:2d:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0F:69:0A:DD:6F:02:BF:C7:75:C6:25:40:77:09:3C:57:B3:CE:CD
X509v3 Authority Key Identifier:
keyid:1E:05:06:45:D6:9C:E7:81:E4:90:C0:F3:C4:99:5E:E6:D4:E6:07:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgUGRdac54HkkMDzxJle5tTmB4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/cb3af0-056d-4277-a6da-227a86c472ce/1/HgUGRdac54HkkMDzxJle5tTmB4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:13:c9:64:3b:34:1e:ed:a5:7d:39:73:07:94:eb:a6:1c:75:
cd:25:51:52:b7:51:eb:d4:cb:54:f8:55:38:5a:a5:00:a5:99:
8c:df:ae:be:19:9a:84:1f:d0:db:bc:f4:3b:e4:44:4c:bc:ec:
06:02:71:38:28:e9:7a:45:7d:cd:02:14:6b:88:b8:af:52:dd:
91:51:28:ee:10:4f:f3:d7:2e:8c:03:46:7e:53:51:1b:55:e8:
2c:d1:56:97:5f:de:c7:8c:6f:d6:b5:4b:a3:eb:9c:50:24:95:
86:ac:1a:eb:01:dc:6c:09:94:ce:43:3f:00:c4:c5:4b:aa:35:
07:34:f0:f4:a8:61:00:d3:e4:b4:81:24:c5:e4:bd:61:97:6d:
01:34:25:7f:3f:ea:58:6b:78:8d:c4:90:0e:3a:cd:59:e0:a5:
f1:a1:cb:92:f2:00:43:b9:73:39:bf:26:a0:1b:0b:87:24:93:
01:87:2b:e0:e2:9b:66:6c:f3:a1:4b:1a:88:af:1a:6c:37:26:
ce:f4:a0:65:13:bd:c9:de:2d:41:76:38:9c:01:02:5a:dc:e6:
db:d7:22:21:c5:fe:2a:17:a0:3b:6c:f6:50:0f:b8:d8:df:a6:
93:26:48:e5:56:9b:a8:08:68:3a:f7:d2:73:a5:7a:d4:a4:4b:
b6:f2:90:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJnAkt/MPsG6iehi4g+7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDUwNjQ1ZDY5Y2U3ODFlNDkwYzBmM2M0OTk1ZWU2ZDRl
NjA3OGIwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EygzMjBmNjkwYWRkNmYwMmJmYzc3NWM2MjU0MDc3MDkzYzU3YjNjZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FHOcUqTdg14GPuuCEbh9lmJ6XYM
fFvCvWIj2vsTr5bTkE8/xmvY227T9SVoOdvVdltv6RqV1J8KgzmDv5nWge14vJiM
/nWcwOq36sEOqMDbH8JCgAeHBX4xGnVifncaxonDiSYEXZoighaHEcJStd/RqqHN
zG8lDuqgzQeSO111j8/Vi+ha9zLRWedy7L5X9wrNkLGnrh813MnAPNZgZr/EpneI
1dWitjQDm6MgdKMZyxKWSlxwdjVypf0RVSjiB7SnK+3aYCSQwM2GjFZaanDa4t3T
rXOwv+UZ7wsOktvUSPGiRm2+O3oBugf7VSxI5HlOwY44nyltAEuC/C3hlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIPaQrdbwK/x3XGJUB3CTxXs87NMB8GA1UdIwQY
MBaAFB4FBkXWnOeB5JDA88SZXubU5geLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdVR1JkYWM1NEhra01EenhKbGU1dFRtQjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9jYjNhZjAtMDU2ZC00Mjc3LWE2ZGEt
MjI3YTg2YzQ3MmNlLzEvSGdVR1JkYWM1NEhra01EenhKbGU1dFRtQjRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9jYjNhZjAtMDU2ZC00Mjc3LWE2ZGEtMjI3YTg2YzQ3MmNl
LzEvSGdVR1JkYWM1NEhra01EenhKbGU1dFRtQjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBPJZDs0
Hu2lfTlzB5Trphx1zSVRUrdR69TLVPhVOFqlAKWZjN+uvhmahB/Q27z0O+RETLzs
BgJxOCjpekV9zQIUa4i4r1LdkVEo7hBP89cujANGflNRG1XoLNFWl1/ex4xv1rVL
o+ucUCSVhqwa6wHcbAmUzkM/AMTFS6o1BzTw9KhhANPktIEkxeS9YZdtATQlfz/q
WGt4jcSQDjrNWeCl8aHLkvIAQ7lzOb8moBsLhySTAYcr4OKbZmzzoUsaiK8abDcm
zvSgZRO9yd4tQXY4nAECWtzm29ciIcX+KhegO2z2UA+42N+mkyZI5VabqAhoOvfS
c6V61KRLtvKQrA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:05 2025 by rpki-client