Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: YeXRjjyBLEriz8kvdElQmm+/GFtjEZKN2Nz63EAHmlk=
Subject key identifier: 36:5C:5D:C6:95:08:BE:51:12:63:7B:1F:B1:34:AE:BF:83:5D:67:63
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 01974AB164CB62A9E4E3BC3CD891C8975DDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 157F
Signing time: Sat 07 Jun 2025 14:00:28 +0000
Manifest this update: Sat 07 Jun 2025 14:00:28 +0000
Manifest next update: Sun 08 Jun 2025 14:00:28 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: Sq+28fzlg6sKAmmuB87npE9lCRj5DFidLGd8yIgsP6Q=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 14:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:b1:64:cb:62:a9:e4:e3:bc:3c:d8:91:c8:97:5d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Jun 7 14:00:28 2025 GMT
Not After : Jun 8 14:00:28 2025 GMT
Subject: CN=365c5dc69508be5112637b1fb134aebf835d6763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b0:61:69:78:5e:39:a6:4d:01:84:6c:c8:45:
5d:b1:22:71:c1:b7:ab:cf:70:d6:d4:11:34:5e:e2:
64:5b:30:c7:16:a3:a5:5d:80:7e:1b:10:20:c5:0e:
7e:29:ae:29:87:27:18:36:06:38:90:f8:2e:62:2a:
ec:be:5d:35:ec:42:e3:eb:b7:d7:31:3d:58:a1:52:
ce:fa:c6:99:ab:a6:01:c4:c2:b7:64:e9:83:96:95:
10:47:97:65:35:04:52:31:3c:fe:c6:39:c3:a6:e7:
c4:c7:78:fd:e1:54:3c:91:99:b7:b7:58:61:ca:ab:
ca:18:f3:ef:a8:cc:93:cd:68:15:f0:fc:c8:b7:34:
90:49:23:c8:cb:8f:40:59:b5:8b:23:7b:d7:a0:b4:
36:f2:e4:16:ef:b3:21:49:0c:78:cc:47:7c:d0:c5:
0f:43:2e:e0:1c:03:c8:c6:e2:61:94:b8:2b:94:07:
18:89:05:17:a8:82:93:d1:65:af:b2:8f:e8:17:5a:
57:b0:20:7b:eb:bf:c5:c3:3f:c4:0f:97:f8:2b:7f:
ed:4b:d6:42:52:0a:d1:15:d1:3e:3d:63:59:d1:09:
9d:e8:b3:a7:b2:03:d6:dd:9d:17:a4:83:fb:6c:70:
fd:f8:8c:76:c2:e7:29:b6:a8:04:03:a1:d0:1a:85:
7f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5C:5D:C6:95:08:BE:51:12:63:7B:1F:B1:34:AE:BF:83:5D:67:63
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:40:27:17:43:3a:b3:b3:bc:e8:f4:5e:31:8a:29:8f:58:75:
12:4c:d6:b4:23:df:d3:99:84:95:29:45:92:29:11:5a:15:b5:
2d:d3:07:1a:7a:7d:98:e2:11:0f:28:de:bf:3b:e4:ee:f2:2d:
0d:f9:fd:34:18:21:85:a8:b1:10:e5:90:82:83:78:e8:d0:e5:
6a:01:15:46:cd:f2:af:a4:45:02:1d:07:6c:8c:6e:3e:88:bd:
95:ed:c9:32:5d:ae:6c:e5:47:14:6f:64:e1:4e:0a:08:89:8b:
e4:1d:d7:de:c3:7a:69:68:4a:48:7f:55:82:dc:ce:23:20:76:
78:a4:5c:67:3c:45:4b:49:61:81:57:0b:58:f2:b2:c5:59:ec:
51:7f:c4:cb:45:5e:d8:d7:e0:63:56:1d:ee:79:77:41:ff:a4:
4a:84:59:0a:76:5d:09:8b:6d:5e:8a:26:90:af:d5:9b:90:c7:
0d:73:3a:cc:f8:74:fb:1a:58:b4:d4:da:23:69:7b:a3:23:c7:
43:bc:f5:6c:33:fe:ad:8f:cd:09:3d:3c:b9:04:8d:99:13:8a:
0d:8e:40:d0:c7:a5:7d:a7:36:c6:17:4c:12:b1:4c:a5:22:e3:
91:3e:ff:81:07:b2:3b:73:6e:47:c5:ba:27:fd:88:c6:49:71:
b6:e2:85:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsWTLYqnk47w82JHIl13dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwNjA3MTQwMDI4WhcNMjUwNjA4MTQwMDI4WjAzMTEwLwYDVQQD
EygzNjVjNWRjNjk1MDhiZTUxMTI2MzdiMWZiMTM0YWViZjgzNWQ2NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27BhaXheOaZNAYRsyEVdsSJxwber
z3DW1BE0XuJkWzDHFqOlXYB+GxAgxQ5+Ka4phycYNgY4kPguYirsvl017ELj67fX
MT1YoVLO+saZq6YBxMK3ZOmDlpUQR5dlNQRSMTz+xjnDpufEx3j94VQ8kZm3t1hh
yqvKGPPvqMyTzWgV8PzItzSQSSPIy49AWbWLI3vXoLQ28uQW77MhSQx4zEd80MUP
Qy7gHAPIxuJhlLgrlAcYiQUXqIKT0WWvso/oF1pXsCB767/Fwz/ED5f4K3/tS9ZC
UgrRFdE+PWNZ0Qmd6LOnsgPW3Z0XpIP7bHD9+Ix2wucptqgEA6HQGoV/OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZcXcaVCL5REmN7H7E0rr+DXWdjMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkAnF0M6
s7O86PReMYopj1h1EkzWtCPf05mElSlFkikRWhW1LdMHGnp9mOIRDyjevzvk7vIt
Dfn9NBghhaixEOWQgoN46NDlagEVRs3yr6RFAh0HbIxuPoi9le3JMl2ubOVHFG9k
4U4KCImL5B3X3sN6aWhKSH9VgtzOIyB2eKRcZzxFS0lhgVcLWPKyxVnsUX/Ey0Ve
2NfgY1Yd7nl3Qf+kSoRZCnZdCYttXoomkK/Vm5DHDXM6zPh0+xpYtNTaI2l7oyPH
Q7z1bDP+rY/NCT08uQSNmROKDY5A0Melfac2xhdMErFMpSLjkT7/gQeyO3NuR8W6
J/2IxklxtuKFSQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:15:56 2025 by rpki-client