Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: J13JXgZHDi/O04j789a8DpDMibKPBbWcSyAQVu4UWHQ=
Subject key identifier: C9:A6:D9:92:F3:80:38:93:33:10:C4:41:EF:16:6F:3A:E0:4F:A2:66
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 019A2A438AC341F7EA1A73EE42FA1BAA3469
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 11F9
Signing time: Tue 28 Oct 2025 10:01:00 +0000
Manifest this update: Tue 28 Oct 2025 10:01:00 +0000
Manifest next update: Wed 29 Oct 2025 10:01:00 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: g7ZCtZoiUKNkAtxMqJpItlLjTDrRwhO7FrAdWSl4zn8=)
2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:43:8a:c3:41:f7:ea:1a:73:ee:42:fa:1b:aa:34:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Oct 28 10:01:00 2025 GMT
Not After : Oct 29 10:01:00 2025 GMT
Subject: CN=c9a6d992f38038933310c441ef166f3ae04fa266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:0c:c8:44:81:21:26:96:7f:e2:5c:86:c6:
46:e7:28:72:0c:8d:52:c2:9f:ad:c8:89:df:7c:d5:
56:53:ce:11:e5:7a:e3:d3:48:95:90:54:6a:cc:6b:
db:5e:c1:1e:9b:69:61:a0:7b:9e:01:7c:e9:54:a2:
53:4c:5b:7c:ce:c7:17:8f:f2:3c:83:c3:2e:11:16:
af:1b:2a:87:c9:1b:1a:0a:a5:1b:5d:73:ee:87:c5:
af:3e:26:aa:4b:02:ea:d7:83:47:29:29:0b:98:9d:
c7:97:12:6d:f2:35:03:4a:0c:a0:78:54:8a:fb:16:
5e:67:6d:9f:17:8f:4a:ea:3c:8b:e1:f8:2d:d5:38:
42:e7:ed:6c:53:32:10:60:77:ef:8d:06:42:ad:e9:
57:92:68:5a:47:7b:dd:b7:f4:e9:6a:df:04:0b:11:
fe:eb:f2:43:55:47:6a:f7:a1:21:35:ea:a3:30:c2:
f3:58:95:20:0a:76:b4:75:f6:18:70:30:59:50:ba:
63:d6:2c:2a:c2:3e:6a:a9:c9:0a:03:5f:cb:d9:55:
a0:99:fc:05:e8:57:45:33:71:24:a8:d9:4b:23:e2:
1a:b5:25:d6:b9:10:fd:b2:a3:38:94:97:ae:f6:8e:
3a:34:e8:ec:ab:9a:47:22:40:53:7d:58:fb:0d:92:
31:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A6:D9:92:F3:80:38:93:33:10:C4:41:EF:16:6F:3A:E0:4F:A2:66
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:f8:08:0a:a0:ad:56:94:71:c7:ee:db:0f:35:5e:a6:29:0a:
21:80:e6:fa:0b:8b:dd:08:dd:9a:4f:a7:5d:4c:1d:31:63:21:
bd:41:11:f6:86:d6:81:91:54:99:98:4b:a9:76:26:2b:5c:63:
69:fa:f3:35:02:23:87:36:c5:e7:18:ef:f0:da:58:b2:79:f4:
07:0b:94:3d:a0:5b:84:84:94:e2:0d:06:76:7d:b0:bb:21:49:
69:09:00:ef:d5:16:8b:b9:37:f7:e9:4a:c1:d6:b9:d6:c4:50:
38:27:27:ed:91:14:29:b0:34:a8:42:aa:0a:d2:c9:a4:d3:ed:
4c:68:09:8e:47:24:0f:50:5f:05:69:9f:02:76:25:08:44:36:
2a:ce:aa:17:ca:71:4e:c5:0f:0b:58:f4:a6:8b:8a:89:e3:84:
b2:56:22:1e:a8:41:6c:0c:c5:06:c6:3d:cc:75:90:e5:8d:6a:
68:64:6c:f9:ce:88:eb:3b:2a:61:06:1f:ec:c4:7b:a5:3f:58:
cb:89:4f:00:56:b3:5c:28:7c:c2:87:34:1c:67:05:bc:06:ed:
ef:95:52:c1:54:ea:83:4c:dc:94:bd:19:b6:26:27:68:05:d1:
c5:34:36:67:51:84:bf:1f:e9:d3:4f:25:a4:e0:e2:e2:94:4f:
04:0b:05:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqQ4rDQffqGnPuQvobqjRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUxMDI4MTAwMTAwWhcNMjUxMDI5MTAwMTAwWjAzMTEwLwYDVQQD
EyhjOWE2ZDk5MmYzODAzODkzMzMxMGM0NDFlZjE2NmYzYWUwNGZhMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKAMyESBISaWf+JchsZG5yhyDI1S
wp+tyInffNVWU84R5Xrj00iVkFRqzGvbXsEem2lhoHueAXzpVKJTTFt8zscXj/I8
g8MuERavGyqHyRsaCqUbXXPuh8WvPiaqSwLq14NHKSkLmJ3HlxJt8jUDSgygeFSK
+xZeZ22fF49K6jyL4fgt1ThC5+1sUzIQYHfvjQZCrelXkmhaR3vdt/Tpat8ECxH+
6/JDVUdq96EhNeqjMMLzWJUgCna0dfYYcDBZULpj1iwqwj5qqckKA1/L2VWgmfwF
6FdFM3EkqNlLI+IatSXWuRD9sqM4lJeu9o46NOjsq5pHIkBTfVj7DZIxIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmm2ZLzgDiTMxDEQe8WbzrgT6JmMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvgICqCt
VpRxx+7bDzVepikKIYDm+guL3Qjdmk+nXUwdMWMhvUER9obWgZFUmZhLqXYmK1xj
afrzNQIjhzbF5xjv8NpYsnn0BwuUPaBbhISU4g0Gdn2wuyFJaQkA79UWi7k39+lK
wda51sRQOCcn7ZEUKbA0qEKqCtLJpNPtTGgJjkckD1BfBWmfAnYlCEQ2Ks6qF8px
TsUPC1j0pouKieOEslYiHqhBbAzFBsY9zHWQ5Y1qaGRs+c6I6zsqYQYf7MR7pT9Y
y4lPAFazXCh8woc0HGcFvAbt75VSwVTqg0zclL0ZtiYnaAXRxTQ2Z1GEvx/p008l
pODi4pRPBAsF8Q==
-----END CERTIFICATE-----
Generated at Tue Oct 28 16:43:19 2025 by rpki-client