Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: pEl5Oof+tT1Y0rbJIBGcQr9IqPeDlrvJdBjLJ+yeouw=
Subject key identifier: ED:BA:B1:7D:D0:DD:71:12:3C:0F:FD:53:CA:C1:71:99:24:77:36:E5
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 0198499C87E67F5B8BC6129EFB21B99CD5F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1603
Signing time: Sun 27 Jul 2025 02:00:51 +0000
Manifest this update: Sun 27 Jul 2025 02:00:51 +0000
Manifest next update: Mon 28 Jul 2025 02:00:51 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: g9ZOffyw/RwNYF48hraUti6FjPos7BfuOe/mLv5WVFY=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:9c:87:e6:7f:5b:8b:c6:12:9e:fb:21:b9:9c:d5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Jul 27 02:00:51 2025 GMT
Not After : Jul 28 02:00:51 2025 GMT
Subject: CN=edbab17dd0dd71123c0ffd53cac17199247736e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7d:db:80:4c:a4:8d:92:65:07:54:c1:d5:94:
07:37:cf:36:f9:57:bf:69:b5:a5:e8:f5:af:6d:87:
b6:71:4f:52:f2:39:4e:e7:ed:69:d9:0c:e9:bb:79:
0b:f2:5c:8c:5c:b1:00:5c:e3:db:60:e7:bd:32:21:
81:4c:1b:60:50:84:01:21:8c:7b:7f:b8:15:db:a8:
76:19:f7:c4:59:06:35:dc:fa:77:cf:d5:13:78:5b:
a9:56:29:eb:58:59:f4:b3:58:9a:e6:a5:d0:57:77:
15:6d:9b:36:dc:be:5c:29:dc:dc:51:b3:a9:21:9d:
77:fa:49:6c:7e:28:6b:28:3e:f7:c0:e5:67:19:76:
ab:c9:16:64:0b:f1:84:12:bd:bd:90:9f:44:08:09:
e2:4e:68:c7:f8:7e:74:79:d7:ea:1d:60:99:be:3b:
42:8b:b0:07:ad:0e:51:dc:0b:b7:76:2b:96:fc:7b:
60:c8:c6:ad:de:eb:b6:0e:45:c3:10:e5:d4:ff:71:
17:78:9d:ce:0b:10:f8:b0:f2:b5:2a:ee:35:2b:e8:
5d:91:0e:4a:77:55:ea:8d:83:65:1a:02:b5:b7:26:
f2:7c:0e:9d:f0:1c:72:75:d9:fa:89:66:d6:c4:e2:
8e:85:fc:7e:72:fc:64:3c:38:4f:14:9e:9f:02:ba:
d5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BA:B1:7D:D0:DD:71:12:3C:0F:FD:53:CA:C1:71:99:24:77:36:E5
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:eb:c9:1e:e7:fc:2a:d6:05:e7:80:f6:6b:be:0f:2d:8d:ef:
bb:13:96:54:f3:03:c4:00:41:ec:c6:df:cb:cd:7d:6e:b9:99:
9b:9e:6d:38:f4:d4:7e:86:51:ab:91:d2:7f:b6:f4:22:79:76:
c3:c2:37:6d:91:33:12:d9:57:10:c9:1c:b2:c6:15:0e:88:47:
be:31:ed:b1:ef:79:41:fc:77:e9:9a:39:bb:97:2e:88:84:23:
64:d2:e2:48:4d:41:c7:28:6b:1f:e9:39:3a:c7:fd:c8:08:a9:
4e:e8:43:b6:76:14:48:f4:9f:99:85:d5:75:ff:2e:09:e9:59:
a4:d4:b6:b6:dd:26:eb:43:77:93:c6:fb:7b:c5:0d:23:16:9e:
65:4b:f0:6c:f3:12:bb:6c:6d:d8:f8:7c:88:2b:7b:e3:a9:06:
8b:1b:9a:7c:a5:dc:9c:f9:2d:27:03:8f:90:65:97:04:de:a8:
15:c0:c1:70:77:95:d9:8d:55:e7:ad:cd:38:b5:db:df:cf:e2:
0b:25:01:21:fb:79:79:75:ba:1b:78:63:75:c6:6c:08:98:15:
c7:25:99:5a:db:03:7d:ac:eb:9a:1b:90:1a:0c:00:5d:ed:65:
f2:75:4d:00:26:ea:97:b2:17:c4:1f:87:c0:75:2e:51:92:16:
7e:75:c5:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJnIfmf1uLxhKe+yG5nNXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwNzI3MDIwMDUxWhcNMjUwNzI4MDIwMDUxWjAzMTEwLwYDVQQD
EyhlZGJhYjE3ZGQwZGQ3MTEyM2MwZmZkNTNjYWMxNzE5OTI0NzczNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H3bgEykjZJlB1TB1ZQHN882+Ve/
abWl6PWvbYe2cU9S8jlO5+1p2Qzpu3kL8lyMXLEAXOPbYOe9MiGBTBtgUIQBIYx7
f7gV26h2GffEWQY13Pp3z9UTeFupVinrWFn0s1ia5qXQV3cVbZs23L5cKdzcUbOp
IZ13+klsfihrKD73wOVnGXaryRZkC/GEEr29kJ9ECAniTmjH+H50edfqHWCZvjtC
i7AHrQ5R3Au3diuW/HtgyMat3uu2DkXDEOXU/3EXeJ3OCxD4sPK1Ku41K+hdkQ5K
d1XqjYNlGgK1tybyfA6d8Bxyddn6iWbWxOKOhfx+cvxkPDhPFJ6fArrVcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO26sX3Q3XESPA/9U8rBcZkkdzblMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoOvJHuf8
KtYF54D2a74PLY3vuxOWVPMDxABB7Mbfy819brmZm55tOPTUfoZRq5HSf7b0Inl2
w8I3bZEzEtlXEMkcssYVDohHvjHtse95Qfx36Zo5u5cuiIQjZNLiSE1BxyhrH+k5
Osf9yAipTuhDtnYUSPSfmYXVdf8uCelZpNS2tt0m60N3k8b7e8UNIxaeZUvwbPMS
u2xt2Ph8iCt746kGixuafKXcnPktJwOPkGWXBN6oFcDBcHeV2Y1V563NOLXb38/i
CyUBIft5eXW6G3hjdcZsCJgVxyWZWtsDfazrmhuQGgwAXe1l8nVNACbql7IXxB+H
wHUuUZIWfnXFaw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:44:59 2025 by rpki-client