Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft
File: HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft (raw, json)
Hash identifier: GY6+F5Tb2HqzfKxUhQRbsCb/56vYJLCjbp9Lb9USdK8=
Subject key identifier: 9F:09:67:28:04:E2:9D:08:C8:E8:A2:3D:28:33:FD:F5:5C:F0:80:DD
Authority key identifier: 1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
Certificate issuer: /CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Certificate serial: 019A71EE9159364893012EEBDCC4AD6C7B5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 08:00:51 +0000
Manifest this update: Tue 11 Nov 2025 08:00:51 +0000
Manifest next update: Wed 12 Nov 2025 08:00:51 +0000
Files and hashes: 1: HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl (hash: qLnI3VBfnK+S6OqHt8uzqXF+fxWbI4fnDiRPf+9TcmM=)
2: S8E-qbm1BXEqIdetmmA1nZNgj7U.roa (hash: 3uwA4cyu+agvPaXd967UOebPOsNVk53AsWpnmfz8XsE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:91:59:36:48:93:01:2e:eb:dc:c4:ad:6c:7b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Validity
Not Before: Nov 11 08:00:51 2025 GMT
Not After : Nov 12 08:00:51 2025 GMT
Subject: CN=9f09672804e29d08c8e8a23d2833fdf55cf080dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f9:52:68:d9:da:92:88:62:b8:13:46:dc:13:
63:87:3a:dd:6d:97:95:6e:c2:79:f3:0b:f2:07:62:
a9:b3:8b:4e:ea:db:77:62:e5:d7:73:41:98:97:ed:
6b:14:ea:0f:75:59:31:e8:20:67:77:62:43:da:60:
a7:a0:c4:0e:7d:d0:ee:90:43:fb:31:74:ab:d6:ef:
cc:7e:25:1a:bc:53:48:2a:8e:f5:dc:0e:a1:d1:3b:
14:5c:4f:eb:c7:2c:c4:95:2f:5b:5b:f9:e0:77:b9:
05:00:03:00:f6:7b:f5:a3:1a:d1:92:e3:ba:bc:30:
e0:84:88:d2:25:7b:4f:92:45:38:ce:5c:0a:d8:63:
a5:79:4a:17:36:0b:ef:d6:5e:42:98:b3:0e:0f:e4:
1d:61:96:60:a6:e5:be:ed:22:b5:7c:c1:02:97:9d:
fe:fe:12:c3:29:f4:ed:6c:13:b2:65:a6:2e:7e:21:
a2:e6:67:37:de:0a:28:a0:59:36:a0:98:f2:2a:dc:
fb:65:36:aa:bf:87:4f:68:3e:16:c5:9f:c8:5a:51:
e8:2b:db:18:57:5b:7e:ce:8e:e7:06:4f:7a:48:5d:
4c:19:5b:59:4d:51:15:34:5a:1b:d3:6d:2a:05:fd:
e8:95:c5:0e:a3:b9:35:23:b6:d5:63:26:e4:95:12:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:09:67:28:04:E2:9D:08:C8:E8:A2:3D:28:33:FD:F5:5C:F0:80:DD
X509v3 Authority Key Identifier:
keyid:1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:37:a1:6c:11:f8:31:df:4c:19:87:c0:2d:45:3d:c2:97:73:
2d:93:80:86:8b:1d:c4:c8:7c:72:84:89:03:43:4f:99:1e:7f:
84:ea:b1:e1:0d:d8:dd:7b:ba:79:bb:5e:4c:d6:a1:a7:ff:25:
da:b4:b8:6d:5c:b6:97:e5:b1:f5:36:bc:0f:d1:f8:96:fc:bf:
5a:3f:85:f9:24:1e:63:e4:27:3a:e1:4f:64:fd:92:d3:7a:f3:
9c:01:8c:b4:d4:1c:30:ff:99:85:34:29:66:0d:e1:9b:96:2c:
8c:3c:37:0a:58:6f:cd:33:94:53:b4:ee:6f:43:35:e8:79:3f:
19:c5:ee:9a:5a:1c:69:fa:71:28:16:e9:32:5e:3c:2e:4a:5f:
f1:35:8f:35:df:d5:79:57:be:62:53:d5:46:9b:27:77:82:8b:
a6:e8:d8:e0:7e:28:f3:e3:94:8a:89:85:00:70:6d:b0:5c:f2:
bf:77:01:6e:de:d9:c0:54:3a:f9:e7:a5:ce:f4:23:16:34:09:
4c:f0:3d:7f:e2:3b:18:76:4f:52:a4:38:ac:9c:65:4c:3f:8a:
d6:4c:12:48:5b:8b:0c:ec:c6:7f:92:e8:75:1b:d4:10:49:b7:
34:38:f9:98:a6:14:c9:4e:82:b0:ea:10:56:fa:18:d5:3b:18:
f2:0c:2f:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pFZNkiTAS7r3MStbHtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzlkNTc5MzZkZDJkMTUyMTQ0M2U2OGRhZGQ5ZDA5NDlj
ZGUzM2YwHhcNMjUxMTExMDgwMDUxWhcNMjUxMTEyMDgwMDUxWjAzMTEwLwYDVQQD
Eyg5ZjA5NjcyODA0ZTI5ZDA4YzhlOGEyM2QyODMzZmRmNTVjZjA4MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vlSaNnakohiuBNG3BNjhzrdbZeV
bsJ58wvyB2Kps4tO6tt3YuXXc0GYl+1rFOoPdVkx6CBnd2JD2mCnoMQOfdDukEP7
MXSr1u/MfiUavFNIKo713A6h0TsUXE/rxyzElS9bW/ngd7kFAAMA9nv1oxrRkuO6
vDDghIjSJXtPkkU4zlwK2GOleUoXNgvv1l5CmLMOD+QdYZZgpuW+7SK1fMECl53+
/hLDKfTtbBOyZaYufiGi5mc33goooFk2oJjyKtz7ZTaqv4dPaD4WxZ/IWlHoK9sY
V1t+zo7nBk96SF1MGVtZTVEVNFob020qBf3olcUOo7k1I7bVYybklRJxrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8JZygE4p0IyOiiPSgz/fVc8IDdMB8GA1UdIwQY
MBaAFBw51Xk23S0VIUQ+aNrdnQlJzeM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2Qt
ZDdjNWRhN2MxNjc2LzEvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2QtZDdjNWRhN2MxNjc2
LzEvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQDehbBH4
Md9MGYfALUU9wpdzLZOAhosdxMh8coSJA0NPmR5/hOqx4Q3Y3Xu6ebteTNahp/8l
2rS4bVy2l+Wx9Ta8D9H4lvy/Wj+F+SQeY+QnOuFPZP2S03rznAGMtNQcMP+ZhTQp
Zg3hm5YsjDw3ClhvzTOUU7Tub0M16Hk/GcXumlocafpxKBbpMl48Lkpf8TWPNd/V
eVe+YlPVRpsnd4KLpujY4H4o8+OUiomFAHBtsFzyv3cBbt7ZwFQ6+eelzvQjFjQJ
TPA9f+I7GHZPUqQ4rJxlTD+K1kwSSFuLDOzGf5LodRvUEEm3NDj5mKYUyU6CsOoQ
VvoY1TsY8gwv5g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:01 2025 by rpki-client