Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
File: HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json)
Hash identifier: TKVeetAPA5iv99w05X69AfxxLUcyjyTw9S/pwn0AEAg=
Subject key identifier: 75:CE:CC:24:9A:7F:B8:A5:90:79:16:51:46:8F:38:2A:F1:C3:CF:11
Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
Certificate issuer: /CN=1d8933c193f04e32441e37162dc4defa9744b84f
Certificate serial: 019A7301AA57A414A506E706381DFE9ED78A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
Manifest number: 14E4
Signing time: Tue 11 Nov 2025 13:01:20 +0000
Manifest this update: Tue 11 Nov 2025 13:01:20 +0000
Manifest next update: Wed 12 Nov 2025 13:01:20 +0000
Files and hashes: 1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: gF+COGEGftS/KD7C0epjQ+9Cw3QYoHE+20vSou8jBFQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:aa:57:a4:14:a5:06:e7:06:38:1d:fe:9e:d7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f
Validity
Not Before: Nov 11 13:01:20 2025 GMT
Not After : Nov 12 13:01:20 2025 GMT
Subject: CN=75cecc249a7fb8a590791651468f382af1c3cf11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:40:b1:40:af:16:dc:1d:c1:4c:96:98:a9:
55:f1:20:a4:1d:b8:57:5e:1e:bf:80:ac:95:d0:d6:
84:0c:bf:5e:4f:27:94:bc:2c:bf:5a:b0:7a:c6:d7:
50:e5:cc:fe:e6:60:ce:29:d5:ae:d4:16:9d:89:a7:
4b:8d:14:e4:d4:e5:dd:69:da:d8:ff:52:34:54:39:
67:25:ac:63:fd:22:50:5d:28:b2:66:ec:ab:24:b2:
ae:24:e9:14:4c:96:f2:f1:0f:9e:aa:90:35:94:14:
c7:41:c2:8e:52:72:ff:c8:c5:3b:f8:89:3f:83:b2:
43:f2:a8:f8:b4:81:fa:59:93:c2:0f:40:bd:9b:2c:
16:b4:19:69:e8:3a:2f:6a:af:dc:3a:f9:d5:00:db:
ac:09:f6:ad:9a:ae:85:c7:4e:80:af:a9:db:02:46:
0f:49:a0:fb:a6:4e:0b:7a:9a:43:9e:3a:cb:30:77:
95:7b:31:fb:d9:14:89:40:b4:f4:92:e3:1d:72:b4:
2e:da:93:12:e8:56:b8:be:43:2e:43:60:0c:46:e9:
1f:6c:0c:ae:da:e5:af:4f:31:f5:33:47:7e:c1:4e:
43:85:53:89:34:e7:31:be:40:b4:bb:93:d6:e5:9d:
6c:40:98:06:ee:1f:d5:9e:80:ce:61:4e:b3:0a:c8:
34:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CE:CC:24:9A:7F:B8:A5:90:79:16:51:46:8F:38:2A:F1:C3:CF:11
X509v3 Authority Key Identifier:
keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:69:ac:e3:35:33:4f:05:a4:3b:bc:2f:dd:3b:d4:1a:cf:d7:
49:0a:79:76:c6:7b:d9:b6:d7:7d:dd:95:bc:c5:54:5d:6f:97:
1d:cb:c6:98:2b:e6:b2:90:c5:a0:6a:39:90:e6:03:8d:a4:6b:
8a:51:06:0c:ec:62:cd:6c:70:75:fa:fb:ff:a2:f2:96:74:50:
43:59:99:18:15:ce:11:e8:3b:60:8c:8c:44:fd:a0:90:d8:68:
81:77:2c:af:7b:95:e3:58:fc:0b:54:11:f4:6b:cd:30:4f:2b:
04:aa:13:6c:63:4d:e8:9f:ba:38:e0:c9:23:3a:a4:29:bf:6d:
36:ba:99:43:b2:86:1c:25:19:9f:92:ae:7e:5f:ae:4b:73:96:
b6:f7:86:eb:f7:a3:53:f2:46:df:7f:f8:5f:38:58:4d:f5:96:
b2:52:a9:fb:a4:c9:1a:d0:4a:a0:14:38:00:64:7f:70:e8:87:
9b:ab:33:42:5a:ea:df:01:83:bb:03:32:2c:56:9b:28:9b:37:
ea:f8:71:ec:d9:a6:e4:53:64:b7:d1:d1:d6:0c:b4:a1:e3:76:
a1:28:32:5b:77:55:3a:fb:e5:b3:bc:fe:07:bc:36:62:1f:4f:
15:3b:56:d6:e7:10:29:0c:85:5d:1b:f0:9e:b4:4c:da:f2:c7:
c7:4c:49:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAapXpBSlBucGOB3+nteKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0
NGI4NGYwHhcNMjUxMTExMTMwMTIwWhcNMjUxMTEyMTMwMTIwWjAzMTEwLwYDVQQD
Eyg3NWNlY2MyNDlhN2ZiOGE1OTA3OTE2NTE0NjhmMzgyYWYxYzNjZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvBAsUCvFtwdwUyWmKlV8SCkHbhX
Xh6/gKyV0NaEDL9eTyeUvCy/WrB6xtdQ5cz+5mDOKdWu1BadiadLjRTk1OXdadrY
/1I0VDlnJaxj/SJQXSiyZuyrJLKuJOkUTJby8Q+eqpA1lBTHQcKOUnL/yMU7+Ik/
g7JD8qj4tIH6WZPCD0C9mywWtBlp6Dovaq/cOvnVANusCfatmq6Fx06Ar6nbAkYP
SaD7pk4LeppDnjrLMHeVezH72RSJQLT0kuMdcrQu2pMS6Fa4vkMuQ2AMRukfbAyu
2uWvTzH1M0d+wU5DhVOJNOcxvkC0u5PW5Z1sQJgG7h/VnoDOYU6zCsg0BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXOzCSaf7ilkHkWUUaPOCrxw88RMB8GA1UdIwQY
MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt
MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3
LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALWms4zUz
TwWkO7wv3TvUGs/XSQp5dsZ72bbXfd2VvMVUXW+XHcvGmCvmspDFoGo5kOYDjaRr
ilEGDOxizWxwdfr7/6LylnRQQ1mZGBXOEeg7YIyMRP2gkNhogXcsr3uV41j8C1QR
9GvNME8rBKoTbGNN6J+6OODJIzqkKb9tNrqZQ7KGHCUZn5Kufl+uS3OWtveG6/ej
U/JG33/4XzhYTfWWslKp+6TJGtBKoBQ4AGR/cOiHm6szQlrq3wGDuwMyLFabKJs3
6vhx7Nmm5FNkt9HR1gy0oeN2oSgyW3dVOvvls7z+B7w2Yh9PFTtW1ucQKQyFXRvw
nrRM2vLHx0xJBQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:16 2025 by rpki-client