Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
File: HlcDhG16g2S-wwMDTbkay_9C2gw.mft (raw, json)
Hash identifier: HtHT6jnsj6+0ghpG44VvNZ6JCtQ3w9wa9By4aVlUFmM=
Subject key identifier: E3:B1:CF:AD:A5:CA:7E:57:34:FD:48:85:6D:67:A9:56:AA:17:FE:65
Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c
Certificate serial: 019A04B5DD80E9522B7C9F614EAB49E988F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
Manifest number: 0AA7
Signing time: Tue 21 Oct 2025 03:00:18 +0000
Manifest this update: Tue 21 Oct 2025 03:00:18 +0000
Manifest next update: Wed 22 Oct 2025 03:00:18 +0000
Files and hashes: 1: 4PNlkOPWAaPkvxKKyZ24ywHUUNs.roa (hash: eaQPOrhXnd6IgLBTpKSTCgVJBcG3spHBZu3BsMLZw3g=)
2: HlcDhG16g2S-wwMDTbkay_9C2gw.crl (hash: S2tM7GTvNHrnkra9vohOHT6duhDUDPPgSIcaBicxPYk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 03:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:b5:dd:80:e9:52:2b:7c:9f:61:4e:ab:49:e9:88:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c
Validity
Not Before: Oct 21 03:00:18 2025 GMT
Not After : Oct 22 03:00:18 2025 GMT
Subject: CN=e3b1cfada5ca7e5734fd48856d67a956aa17fe65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:25:02:cd:fa:f3:42:ee:e1:9b:48:2d:a3:
b5:3e:21:9b:2e:d9:67:b5:89:92:f0:49:e5:d6:04:
62:e3:55:b7:0a:69:a3:ef:a6:87:17:cd:88:a0:af:
cb:51:ff:90:85:bb:f3:82:56:76:39:df:77:20:6c:
e3:89:cc:1e:fa:38:09:92:68:17:27:18:ca:d6:9d:
fb:1b:87:4b:c2:b4:d7:6d:17:3b:66:51:f0:8a:ab:
09:3c:5b:80:a8:b2:89:a3:43:0f:0c:eb:fc:f4:fd:
50:57:b1:bf:ac:6a:0d:fb:8f:ff:bb:c1:a7:bb:40:
a1:27:88:34:31:02:32:f5:42:38:70:68:d4:09:d7:
02:e4:f3:b7:c6:c4:0a:12:49:9b:12:18:86:40:35:
93:60:8a:66:fc:36:2e:96:40:e4:66:fc:b1:9e:de:
9b:ed:e4:c8:b1:36:03:a0:2d:42:ff:f2:af:cd:54:
07:45:ef:02:8e:19:4d:22:70:26:a7:c6:f9:27:18:
16:be:c5:e9:63:b5:ec:12:7f:20:81:d7:b6:0b:a6:
56:a6:cf:92:0f:a0:eb:29:41:3e:3b:d4:4b:06:3a:
e3:9b:c6:fe:f3:b9:55:7a:3b:3a:1c:43:38:37:09:
d3:77:f1:d2:c4:35:f4:ed:78:1a:ae:87:28:54:7c:
26:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B1:CF:AD:A5:CA:7E:57:34:FD:48:85:6D:67:A9:56:AA:17:FE:65
X509v3 Authority Key Identifier:
keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:b7:4c:5a:0a:7b:53:c3:46:bd:26:d9:37:74:46:b2:aa:38:
5f:1c:d7:96:1c:db:73:1d:0a:fa:62:ef:c6:37:de:83:b8:73:
a4:3a:de:c8:eb:d5:94:f5:15:28:d1:1c:4e:c8:f0:08:55:25:
cd:d1:cd:db:f5:11:b0:33:6a:35:b1:b8:21:e2:b5:94:46:54:
c7:79:a0:03:68:19:0f:4f:d1:23:d3:6a:50:5f:dc:9a:b0:e3:
e1:84:20:b1:54:0f:2e:0d:97:7b:37:28:a7:b6:38:66:fe:56:
8d:5e:02:63:0c:58:e0:a5:7d:ec:46:4c:33:d8:c9:20:92:a8:
83:8a:ce:d9:14:e7:9a:ef:43:10:3b:9f:c6:21:e0:57:bc:63:
14:85:04:e8:cd:75:78:53:25:8f:4b:84:80:28:00:89:45:68:
34:02:ad:36:ce:a0:71:14:6c:28:d8:9b:95:7d:94:57:5c:cb:
1a:cc:ea:55:a7:2c:bf:64:93:0d:4c:89:22:5e:ae:58:39:52:
1c:7f:bb:92:c7:b9:2f:34:c7:ae:6f:9d:0e:78:e4:d7:c6:79:
92:dd:ce:92:39:9f:b0:36:8a:3c:2e:7e:dd:8c:4c:a6:80:56:
9e:89:89:7a:3f:6b:32:f2:c9:05:42:85:f3:c3:aa:d9:18:55:
6f:04:65:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEtd2A6VIrfJ9hTqtJ6Yj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0
MmRhMGMwHhcNMjUxMDIxMDMwMDE4WhcNMjUxMDIyMDMwMDE4WjAzMTEwLwYDVQQD
EyhlM2IxY2ZhZGE1Y2E3ZTU3MzRmZDQ4ODU2ZDY3YTk1NmFhMTdmZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1UlAs3680Lu4ZtILaO1PiGbLtln
tYmS8Enl1gRi41W3Cmmj76aHF82IoK/LUf+QhbvzglZ2Od93IGzjicwe+jgJkmgX
JxjK1p37G4dLwrTXbRc7ZlHwiqsJPFuAqLKJo0MPDOv89P1QV7G/rGoN+4//u8Gn
u0ChJ4g0MQIy9UI4cGjUCdcC5PO3xsQKEkmbEhiGQDWTYIpm/DYulkDkZvyxnt6b
7eTIsTYDoC1C//KvzVQHRe8CjhlNInAmp8b5JxgWvsXpY7XsEn8ggde2C6ZWps+S
D6DrKUE+O9RLBjrjm8b+87lVejs6HEM4NwnTd/HSxDX07XgarocoVHwmkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOOxz62lyn5XNP1IhW1nqVaqF/5lMB8GA1UdIwQY
MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt
MDdiMDllNDY1MTE5LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5
LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbdMWgp7
U8NGvSbZN3RGsqo4XxzXlhzbcx0K+mLvxjfeg7hzpDreyOvVlPUVKNEcTsjwCFUl
zdHN2/URsDNqNbG4IeK1lEZUx3mgA2gZD0/RI9NqUF/cmrDj4YQgsVQPLg2Xezco
p7Y4Zv5WjV4CYwxY4KV97EZMM9jJIJKog4rO2RTnmu9DEDufxiHgV7xjFIUE6M11
eFMlj0uEgCgAiUVoNAKtNs6gcRRsKNiblX2UV1zLGszqVacsv2STDUyJIl6uWDlS
HH+7kse5LzTHrm+dDnjk18Z5kt3OkjmfsDaKPC5+3YxMpoBWnomJej9rMvLJBUKF
88Oq2RhVbwRlag==
-----END CERTIFICATE-----
Generated at Tue Oct 21 11:33:55 2025 by rpki-client