Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
File: hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json)
Hash identifier: U/cQvmxh5M3Ez6dK3q1XumryQVjyKNzlGWd4/bUb9nU=
Subject key identifier: 47:95:27:54:0E:F5:00:13:C6:52:75:A4:2D:B1:B8:21:65:F2:98:F9
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Certificate issuer: /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial: 0199221E8A38D159016DE7659C104E08F6AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
Manifest number: 1670
Signing time: Sun 07 Sep 2025 03:00:50 +0000
Manifest this update: Sun 07 Sep 2025 03:00:50 +0000
Manifest next update: Mon 08 Sep 2025 03:00:50 +0000
Files and hashes: 1: 6b_z1nYhros0lFsJJ-v5kZEUQbE.roa (hash: lcqP5Znx2EuUXx9SjdDPzhxT49PtsEmnOX0/yWwCL10=)
2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: mpMnrzt+4xDMDOGplVjCU5LclYagrKUah0aaSxLavO0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:8a:38:d1:59:01:6d:e7:65:9c:10:4e:08:f6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Validity
Not Before: Sep 7 03:00:50 2025 GMT
Not After : Sep 8 03:00:50 2025 GMT
Subject: CN=479527540ef50013c65275a42db1b82165f298f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:a4:42:bc:d9:dd:1b:c3:93:0c:2f:cc:78:
53:8c:87:52:38:f8:99:6b:d5:ee:3e:4c:bb:06:9e:
9e:d5:88:18:46:cf:b9:a4:ae:dc:e7:6f:0c:50:a2:
7f:41:35:92:d9:db:a9:36:07:56:0f:95:84:ab:83:
82:81:9d:6a:8e:56:59:3f:49:a0:8f:97:1a:8c:54:
b4:7a:76:71:30:e7:13:0c:3e:e0:84:e1:da:37:ff:
03:7a:f5:30:47:95:ca:01:d9:3a:17:49:85:f5:d9:
52:4d:4a:02:b0:bf:fa:62:c8:40:76:57:fc:4f:e8:
a4:37:73:b4:d9:96:79:22:bf:e2:fb:1c:f3:15:30:
f5:54:bc:cd:d7:e5:26:a9:f7:46:ab:4d:d7:9f:5a:
9b:6d:74:b6:b0:56:2b:22:80:98:79:d0:f0:70:33:
b2:89:07:53:7e:0f:e2:62:43:e8:b7:ad:4e:d8:dc:
78:f4:93:ba:c4:ce:e0:74:c6:9e:42:13:ba:07:63:
ac:76:00:18:60:c0:fe:af:ed:e3:24:87:3b:ab:ab:
98:86:8d:a1:f5:5b:de:65:42:1c:74:fe:0c:da:6e:
71:c7:54:ac:19:d3:37:6d:f9:c4:fe:38:45:a8:8d:
c3:bc:df:fd:42:96:85:cd:41:a1:f0:ea:b7:79:d9:
c7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:95:27:54:0E:F5:00:13:C6:52:75:A4:2D:B1:B8:21:65:F2:98:F9
X509v3 Authority Key Identifier:
keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:cd:39:8a:27:15:3f:7c:c2:17:b9:48:25:47:9e:4d:3d:b7:
eb:a7:ce:dc:7b:01:5c:91:88:43:88:f8:41:16:bd:48:4d:0a:
ac:bb:ba:b8:ad:7a:62:65:13:2d:b0:a3:5d:17:68:8c:b8:30:
90:16:b3:55:6a:a9:89:9e:09:e6:e6:81:3a:ac:9a:86:49:18:
0c:d3:e3:b8:58:fe:4c:ac:53:17:c8:c2:3b:10:8d:79:75:e8:
8e:da:48:4a:d5:c9:23:3c:6f:15:a7:7d:51:ce:74:72:02:d8:
28:30:f2:24:2a:58:0b:fa:70:29:da:ed:d0:c5:6a:d4:72:29:
4c:70:25:24:22:b4:f6:ac:28:da:7a:15:5d:dc:6c:57:d3:6f:
3c:d4:76:d3:a2:03:af:51:28:26:e9:7c:ab:e5:b2:37:1f:f9:
bf:3a:de:ca:f2:91:7a:45:8c:41:2b:3c:5a:4b:77:e8:47:ba:
ca:5a:f3:ec:99:7f:fb:e6:67:34:50:8f:e1:da:b0:cb:6d:48:
4f:53:94:70:4b:d6:7d:a5:5a:c7:eb:2d:47:f1:86:68:c5:45:
0f:7a:65:c5:b6:c1:14:e5:71:b8:c6:7c:71:9b:1a:5b:62:13:
50:4f:f1:bf:e4:fa:11:9f:22:5e:3b:91:89:b4:db:a0:3c:f8:
ad:fe:fa:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHoo40VkBbedlnBBOCPavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjUwOTA3MDMwMDUwWhcNMjUwOTA4MDMwMDUwWjAzMTEwLwYDVQQD
Eyg0Nzk1Mjc1NDBlZjUwMDEzYzY1Mjc1YTQyZGIxYjgyMTY1ZjI5OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIOkQrzZ3RvDkwwvzHhTjIdSOPiZ
a9XuPky7Bp6e1YgYRs+5pK7c528MUKJ/QTWS2dupNgdWD5WEq4OCgZ1qjlZZP0mg
j5cajFS0enZxMOcTDD7ghOHaN/8DevUwR5XKAdk6F0mF9dlSTUoCsL/6YshAdlf8
T+ikN3O02ZZ5Ir/i+xzzFTD1VLzN1+UmqfdGq03Xn1qbbXS2sFYrIoCYedDwcDOy
iQdTfg/iYkPot61O2Nx49JO6xM7gdMaeQhO6B2OsdgAYYMD+r+3jJIc7q6uYho2h
9VveZUIcdP4M2m5xx1SsGdM3bfnE/jhFqI3DvN/9QpaFzUGh8Oq3ednH+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeVJ1QO9QATxlJ1pC2xuCFl8pj5MB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN805iicV
P3zCF7lIJUeeTT2366fO3HsBXJGIQ4j4QRa9SE0KrLu6uK16YmUTLbCjXRdojLgw
kBazVWqpiZ4J5uaBOqyahkkYDNPjuFj+TKxTF8jCOxCNeXXojtpIStXJIzxvFad9
Uc50cgLYKDDyJCpYC/pwKdrt0MVq1HIpTHAlJCK09qwo2noVXdxsV9NvPNR206ID
r1EoJul8q+WyNx/5vzreyvKRekWMQSs8Wkt36Ee6ylrz7Jl/++ZnNFCP4dqwy21I
T1OUcEvWfaVax+stR/GGaMVFD3plxbbBFOVxuMZ8cZsaW2ITUE/xv+T6EZ8iXjuR
ibTboDz4rf76Tg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:21:20 2025 by rpki-client