Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File: HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier: Xt33bIqKCaB8gM9ioxsZFfiKco13ULxMuHhjIGp3jf8=
Subject key identifier: 09:59:D9:C1:E9:E3:0C:53:31:B8:3A:1E:CA:C2:AD:E8:9E:48:F3:8C
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer: /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial: 019A7225AA25AB5E8DF38E5B6542056CCDCF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number: 1719
Signing time: Tue 11 Nov 2025 09:01:02 +0000
Manifest this update: Tue 11 Nov 2025 09:01:02 +0000
Manifest next update: Wed 12 Nov 2025 09:01:02 +0000
Files and hashes: 1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: nvXa9wBQCe5Xjs1qEP+KGP7evPIalburEDpa+PSXv68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:aa:25:ab:5e:8d:f3:8e:5b:65:42:05:6c:cd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Validity
Not Before: Nov 11 09:01:02 2025 GMT
Not After : Nov 12 09:01:02 2025 GMT
Subject: CN=0959d9c1e9e30c5331b83a1ecac2ade89e48f38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ad:6d:ae:9f:ed:12:66:04:f0:19:51:c7:6a:
12:ba:49:60:29:33:18:ad:70:65:35:e7:af:04:c2:
95:08:67:93:05:d8:26:0f:35:50:42:ea:28:c4:39:
11:b7:ca:7c:1f:23:55:eb:16:b8:04:32:31:a5:ea:
38:42:72:85:a6:ee:5d:03:3f:18:4a:61:fd:07:94:
8b:5d:81:5f:98:95:30:23:5b:ec:d0:fc:44:c0:9a:
1b:84:a4:16:54:c6:a4:02:cc:14:06:57:e5:40:2f:
48:ec:a5:ae:78:f7:7e:fd:67:ae:bd:72:4f:41:93:
3a:48:e9:f6:24:41:67:1c:00:bc:69:45:1b:f7:ad:
2a:84:29:b4:73:87:94:5d:f6:ac:64:4e:8f:59:9e:
0c:ae:dc:92:a4:e9:55:27:63:2f:20:d5:2f:d8:1e:
bb:31:ec:fa:e7:29:c5:77:e3:17:5d:ea:93:73:45:
47:fb:63:52:64:62:cf:cc:09:03:9a:01:b1:80:6e:
bb:8b:1a:7d:54:49:9b:e3:6c:d0:27:a6:81:f6:f3:
00:32:e1:d1:be:1d:ab:d3:68:d6:db:49:89:c8:41:
ff:80:a2:25:6d:7a:07:42:3f:eb:7a:5f:5c:0c:42:
20:62:6c:cb:a2:c6:0b:49:32:ae:41:8b:91:8d:34:
61:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:59:D9:C1:E9:E3:0C:53:31:B8:3A:1E:CA:C2:AD:E8:9E:48:F3:8C
X509v3 Authority Key Identifier:
keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:f7:d5:7d:aa:9b:6e:03:58:d2:48:3d:69:06:c3:c5:58:d9:
7b:d6:fd:3f:66:0e:ee:47:00:96:52:7d:5c:4a:1b:4b:cc:b6:
17:b3:9b:38:39:cf:a9:87:11:dc:88:9e:c9:d3:de:01:4c:cb:
eb:cf:12:e9:93:8f:07:6c:fe:b5:5e:13:6d:a7:b7:62:13:75:
a9:d3:2d:00:98:97:cc:df:12:c9:19:37:47:65:8b:34:d7:a6:
f8:03:4e:93:3f:16:53:80:2c:d3:3e:23:69:08:10:c2:c7:19:
cc:74:5d:81:a1:5a:11:ee:7b:03:6a:24:59:4f:74:70:dc:6d:
52:71:b6:77:f3:cb:38:df:b6:8f:7c:b0:51:0e:a0:02:36:64:
90:43:10:19:6b:12:61:ac:ce:6b:dd:0f:d4:0d:7c:74:15:07:
0a:06:78:45:3a:22:f9:a0:ee:17:34:63:08:db:86:89:73:33:
d7:74:33:62:8e:a4:e2:d7:22:78:21:31:6e:94:e9:ab:dc:76:
94:d4:29:f0:b7:7c:b4:12:20:f9:2f:f7:28:9b:8c:b0:5f:16:
79:24:0b:46:2d:e8:1e:4d:4b:2f:ee:aa:02:41:fe:0e:6f:73:
36:cd:3b:e1:c6:d0:1a:2a:4b:73:f9:89:1e:f5:3d:d8:92:e0:
f6:5c:17:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaolq16N845bZUIFbM3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUxMTExMDkwMTAyWhcNMjUxMTEyMDkwMTAyWjAzMTEwLwYDVQQD
EygwOTU5ZDljMWU5ZTMwYzUzMzFiODNhMWVjYWMyYWRlODllNDhmMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza1trp/tEmYE8BlRx2oSuklgKTMY
rXBlNeevBMKVCGeTBdgmDzVQQuooxDkRt8p8HyNV6xa4BDIxpeo4QnKFpu5dAz8Y
SmH9B5SLXYFfmJUwI1vs0PxEwJobhKQWVMakAswUBlflQC9I7KWuePd+/WeuvXJP
QZM6SOn2JEFnHAC8aUUb960qhCm0c4eUXfasZE6PWZ4MrtySpOlVJ2MvINUv2B67
Mez65ynFd+MXXeqTc0VH+2NSZGLPzAkDmgGxgG67ixp9VEmb42zQJ6aB9vMAMuHR
vh2r02jW20mJyEH/gKIlbXoHQj/rel9cDEIgYmzLosYLSTKuQYuRjTRh2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlZ2cHp4wxTMbg6HsrCreieSPOMMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ/fVfaqb
bgNY0kg9aQbDxVjZe9b9P2YO7kcAllJ9XEobS8y2F7ObODnPqYcR3IieydPeAUzL
688S6ZOPB2z+tV4Tbae3YhN1qdMtAJiXzN8SyRk3R2WLNNem+ANOkz8WU4As0z4j
aQgQwscZzHRdgaFaEe57A2okWU90cNxtUnG2d/PLON+2j3ywUQ6gAjZkkEMQGWsS
YazOa90P1A18dBUHCgZ4RToi+aDuFzRjCNuGiXMz13QzYo6k4tcieCExbpTpq9x2
lNQp8Ld8tBIg+S/3KJuMsF8WeSQLRi3oHk1LL+6qAkH+Dm9zNs074cbQGipLc/mJ
HvU92JLg9lwXNA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:42 2025 by rpki-client