Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: ZVWbJ86zQEOnfvVD84F06qLUbnrEttF3iLTlxS9ySww=
Subject key identifier: 93:33:C1:54:7C:B3:9E:01:B3:2F:76:6A:BB:A1:7E:F1:74:10:57:91
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 019A71EEB16A5A2641F252072737609612D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 08:00:59 +0000
Manifest this update: Tue 11 Nov 2025 08:00:59 +0000
Manifest next update: Wed 12 Nov 2025 08:00:59 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: ADePwGMta7v3ZiSo4u7O9IskuBULuOc/9UO8CvvJ/5w=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b1:6a:5a:26:41:f2:52:07:27:37:60:96:12:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Nov 11 08:00:59 2025 GMT
Not After : Nov 12 08:00:59 2025 GMT
Subject: CN=9333c1547cb39e01b32f766abba17ef174105791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:3a:69:12:93:4f:ae:9a:49:87:f9:67:71:
d5:9c:c5:bc:58:4f:8c:44:d4:64:02:4e:ee:0b:e7:
e9:02:b0:43:54:4f:32:c5:b7:87:9b:82:d6:88:8d:
0e:d2:8a:9b:f7:e8:b8:2e:f3:6a:a1:67:74:03:1f:
46:f3:a1:5d:67:f4:00:19:62:37:97:18:0a:5b:1a:
d8:5a:37:55:0c:46:1f:1a:c1:00:54:07:e3:03:da:
a3:cb:66:38:02:b9:4e:01:c2:a6:d9:18:32:4f:ef:
3d:6b:af:53:a0:1f:fa:94:8a:0a:d5:c9:8b:e5:a3:
1b:88:5c:00:4e:84:c6:21:1d:b0:d4:3a:cd:44:95:
d0:32:89:9a:44:f4:5a:0b:3e:e2:0c:25:a6:42:16:
7f:ce:b3:e1:15:74:0d:1c:fb:e3:ff:09:74:c8:2b:
4c:a9:00:6e:fb:34:2e:70:c3:30:85:8c:20:d7:0f:
2d:b9:ca:1b:58:1d:cb:01:cb:61:6e:6b:c6:37:1c:
53:bc:ec:e9:6f:ce:d4:f7:9b:02:c3:d5:56:8d:f8:
6a:d6:f6:9a:63:16:e8:35:5e:c3:11:85:7f:27:f1:
f6:12:0b:3e:c5:b6:f9:af:14:e5:4e:14:bf:ed:b2:
1c:ae:e8:aa:a4:a8:49:46:76:da:c0:51:8c:cd:1a:
d2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:33:C1:54:7C:B3:9E:01:B3:2F:76:6A:BB:A1:7E:F1:74:10:57:91
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:c4:80:50:af:1f:09:b2:c6:9c:40:9f:9a:68:d0:25:7d:a5:
45:00:20:ce:40:68:3c:bf:95:f7:29:fb:a5:9d:09:59:28:47:
ba:8c:e0:9f:dd:a2:d6:1c:23:74:2c:43:48:36:ea:54:cb:20:
0f:77:18:6e:d7:da:86:3f:46:8d:e9:7d:77:ad:74:85:ed:93:
dd:ef:e2:37:22:a8:4d:0a:ba:55:32:f5:e2:5c:2d:94:1b:de:
70:43:28:9c:48:be:e8:ea:b1:72:74:2d:16:f9:b7:10:a2:04:
e0:d9:97:c0:d0:d4:0e:e4:e4:e0:77:d9:be:19:31:83:cf:b8:
f8:6c:ec:9b:8b:d1:6e:02:75:50:7c:1c:43:29:64:73:6c:28:
8f:d1:fd:6c:61:c0:e4:3d:32:35:6a:cb:8c:9c:15:58:08:83:
bf:d4:2e:07:e5:22:34:0d:d9:2f:1a:68:97:e4:96:09:6f:f8:
18:7e:ed:b8:02:64:0e:9c:94:16:7c:6a:80:8f:58:35:ff:5b:
2b:3d:22:50:68:1b:9b:61:a6:bd:28:2c:df:25:84:c5:7b:4b:
b0:b7:2b:b1:82:6d:7d:6f:4b:cc:c5:27:c9:bd:48:09:b6:b7:
7c:5c:a3:20:a3:84:f6:a4:4a:dc:c9:93:a9:8e:d7:7a:07:dd:
89:bf:12:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rFqWiZB8lIHJzdglhLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUxMTExMDgwMDU5WhcNMjUxMTEyMDgwMDU5WjAzMTEwLwYDVQQD
Eyg5MzMzYzE1NDdjYjM5ZTAxYjMyZjc2NmFiYmExN2VmMTc0MTA1NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoo6aRKTT66aSYf5Z3HVnMW8WE+M
RNRkAk7uC+fpArBDVE8yxbeHm4LWiI0O0oqb9+i4LvNqoWd0Ax9G86FdZ/QAGWI3
lxgKWxrYWjdVDEYfGsEAVAfjA9qjy2Y4ArlOAcKm2RgyT+89a69ToB/6lIoK1cmL
5aMbiFwAToTGIR2w1DrNRJXQMomaRPRaCz7iDCWmQhZ/zrPhFXQNHPvj/wl0yCtM
qQBu+zQucMMwhYwg1w8tucobWB3LActhbmvGNxxTvOzpb87U95sCw9VWjfhq1vaa
YxboNV7DEYV/J/H2Egs+xbb5rxTlThS/7bIcruiqpKhJRnbawFGMzRrStQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMzwVR8s54Bsy92aruhfvF0EFeRMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMSAUK8f
CbLGnECfmmjQJX2lRQAgzkBoPL+V9yn7pZ0JWShHuozgn92i1hwjdCxDSDbqVMsg
D3cYbtfahj9Gjel9d610he2T3e/iNyKoTQq6VTL14lwtlBvecEMonEi+6OqxcnQt
Fvm3EKIE4NmXwNDUDuTk4HfZvhkxg8+4+Gzsm4vRbgJ1UHwcQylkc2woj9H9bGHA
5D0yNWrLjJwVWAiDv9QuB+UiNA3ZLxpol+SWCW/4GH7tuAJkDpyUFnxqgI9YNf9b
Kz0iUGgbm2GmvSgs3yWExXtLsLcrsYJtfW9LzMUnyb1ICba3fFyjIKOE9qRK3MmT
qY7Xegfdib8SJg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:44 2025 by rpki-client