Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft
File: Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft (raw, json)
Hash identifier: YMfeXP9Dz5Gv3Jdv9gr/VnpPx4CfAmwGwaLTzsYBehg=
Subject key identifier: 65:5B:45:FD:BB:0D:6A:B6:72:2F:C7:8B:EA:A6:DF:C2:A4:AA:BC:C2
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: 019A72259AA69E3DDB0CA9C47096B905CF2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft
Manifest number: 0D4D
Signing time: Tue 11 Nov 2025 09:00:58 +0000
Manifest this update: Tue 11 Nov 2025 09:00:58 +0000
Manifest next update: Wed 12 Nov 2025 09:00:58 +0000
Files and hashes: 1: Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl (hash: noAsJxeqbbvSLcXQ37LeweOflukRL7mK6FXc433UU68=)
2: oaQkn5zr2sFy17og-aVMkuLXdds.roa (hash: VtZ3pTO5W1yzA+ps5HMSQhypm611YNtn0vckyLuCUAI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:9a:a6:9e:3d:db:0c:a9:c4:70:96:b9:05:cf:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Nov 11 09:00:58 2025 GMT
Not After : Nov 12 09:00:58 2025 GMT
Subject: CN=655b45fdbb0d6ab6722fc78beaa6dfc2a4aabcc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:0a:45:82:f5:fc:c3:15:28:59:00:1b:86:
c5:a5:57:c3:2d:2d:6a:7a:4a:76:15:60:62:5a:87:
1e:18:54:1b:2b:9d:92:90:2c:1e:15:3b:8d:ea:cd:
d5:60:14:1e:ca:c6:6d:5c:ce:59:47:94:c0:d4:8e:
bb:5c:86:b4:3b:14:ab:6b:52:0c:33:2f:df:ec:2e:
bb:28:ce:cf:34:cf:3e:6f:14:56:64:75:bf:e9:1e:
fb:2a:24:07:1d:09:d3:78:80:26:49:ce:03:61:ec:
fa:c1:d3:08:88:09:ea:39:cd:2d:14:2e:8b:4a:bc:
04:54:e2:66:01:54:f7:47:1a:a3:ca:af:71:81:e7:
cf:c7:64:1e:cf:94:d5:73:69:ff:01:da:16:31:1e:
f4:eb:81:2d:92:5b:3b:63:9e:a5:75:6b:68:69:d2:
61:2b:96:a0:68:c2:96:11:49:a0:25:19:a9:9c:ac:
15:cd:07:da:8e:b2:f6:66:9c:92:a4:24:ff:9b:1a:
53:fc:d4:a6:ac:84:dd:57:35:93:0c:09:a9:ee:03:
bb:58:6f:d4:24:6e:fb:af:c6:a1:5d:07:1b:17:7c:
aa:9f:db:4e:3a:25:57:63:90:b5:9c:b6:c9:41:9c:
71:31:07:2e:91:79:5c:97:cf:e4:99:36:6c:21:c7:
d4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5B:45:FD:BB:0D:6A:B6:72:2F:C7:8B:EA:A6:DF:C2:A4:AA:BC:C2
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:5b:bd:a8:20:1c:99:50:fd:5e:5b:f5:01:43:03:48:8a:d9:
0e:af:60:b0:10:da:6f:d1:34:be:a5:5a:e4:41:eb:8c:85:3a:
e6:51:ef:a1:83:17:36:4d:64:3d:8d:87:be:92:92:7f:35:88:
47:13:8c:52:94:f7:b7:eb:2f:f6:81:7e:b1:4e:c8:a7:89:09:
33:c6:2e:eb:99:ec:1e:13:58:35:35:c7:2b:d3:d2:d5:fe:94:
b2:c9:6a:63:d2:a1:ee:50:e9:a9:3d:98:20:c7:b5:bf:2f:25:
94:f4:e4:da:c1:f2:02:18:b0:d8:7f:e8:f0:c0:f7:47:84:c6:
26:96:17:bf:33:92:59:99:59:63:22:8b:48:d3:37:d2:07:fa:
b0:63:57:9f:45:57:1a:db:19:fb:f0:28:11:b2:af:56:59:8e:
3b:94:9b:6f:eb:de:0b:b8:61:8f:d9:02:4d:cb:a5:f8:d4:0b:
9a:1b:d8:ac:b6:58:eb:74:e4:13:ec:06:10:76:26:7d:bb:46:
49:2a:5b:11:39:72:ee:01:66:6e:45:b9:b1:66:98:7f:77:0e:
3a:d0:8f:a4:ca:e2:f4:c8:7e:db:6e:5c:9e:c5:60:ad:1a:80:
c2:b9:72:7e:0b:3d:cc:c1:83:1e:95:8a:da:85:81:13:a5:09:
1d:1c:ce:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZqmnj3bDKnEcJa5Bc8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlk
NTA1ZjMwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
Eyg2NTViNDVmZGJiMGQ2YWI2NzIyZmM3OGJlYWE2ZGZjMmE0YWFiY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf4KRYL1/MMVKFkAG4bFpVfDLS1q
ekp2FWBiWoceGFQbK52SkCweFTuN6s3VYBQeysZtXM5ZR5TA1I67XIa0OxSra1IM
My/f7C67KM7PNM8+bxRWZHW/6R77KiQHHQnTeIAmSc4DYez6wdMIiAnqOc0tFC6L
SrwEVOJmAVT3Rxqjyq9xgefPx2Qez5TVc2n/AdoWMR7064Etkls7Y56ldWtoadJh
K5agaMKWEUmgJRmpnKwVzQfajrL2ZpySpCT/mxpT/NSmrITdVzWTDAmp7gO7WG/U
JG77r8ahXQcbF3yqn9tOOiVXY5C1nLbJQZxxMQcukXlcl8/kmTZsIcfUFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVbRf27DWq2ci/Hi+qm38KkqrzCMB8GA1UdIwQY
MBaAFB5H4r85dHIer7+4wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQt
ZTM2OWQ2NjAyZTZmLzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZm
LzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVu9qCAc
mVD9Xlv1AUMDSIrZDq9gsBDab9E0vqVa5EHrjIU65lHvoYMXNk1kPY2HvpKSfzWI
RxOMUpT3t+sv9oF+sU7Ip4kJM8Yu65nsHhNYNTXHK9PS1f6UsslqY9Kh7lDpqT2Y
IMe1vy8llPTk2sHyAhiw2H/o8MD3R4TGJpYXvzOSWZlZYyKLSNM30gf6sGNXn0VX
GtsZ+/AoEbKvVlmOO5Sbb+veC7hhj9kCTcul+NQLmhvYrLZY63TkE+wGEHYmfbtG
SSpbETly7gFmbkW5sWaYf3cOOtCPpMri9Mh+225cnsVgrRqAwrlyfgs9zMGDHpWK
2oWBE6UJHRzORg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:00 2025 by rpki-client