Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
File: hnkOzbhqxvqivMfusg0nTPpGULA.mft (raw, json)
Hash identifier: WpANlUMwPJvx0ewSSDkDuL0Wvkck2XaBIYbZqix5rBc=
Subject key identifier: 38:5C:7C:03:56:0A:9F:EF:EF:FD:11:96:18:DC:8D:48:B9:5C:EC:B0
Authority key identifier: 86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
Certificate issuer: /CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Certificate serial: 01992367D2AC6CBBF85501803F1FF3337FBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
Manifest number: 4B
Signing time: Sun 07 Sep 2025 09:00:30 +0000
Manifest this update: Sun 07 Sep 2025 09:00:30 +0000
Manifest next update: Mon 08 Sep 2025 09:00:30 +0000
Files and hashes: 1: hnkOzbhqxvqivMfusg0nTPpGULA.crl (hash: F4zhTl+3zLy0WnZJWBjodtCey6de2DFZ3ghvxypmFeY=)
2: tR9T-2FvtEGouyPVT6CL-0oJmZs.roa (hash: oiTzhXBQqy2Mz5Nqrcv/ZCMdCONRk6F6wZpQ15vc3o0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:67:d2:ac:6c:bb:f8:55:01:80:3f:1f:f3:33:7f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Validity
Not Before: Sep 7 09:00:30 2025 GMT
Not After : Sep 8 09:00:30 2025 GMT
Subject: CN=385c7c03560a9fefeffd119618dc8d48b95cecb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ab:eb:3b:16:3d:55:0c:c8:82:af:d0:a2:be:
d0:8c:f0:e7:03:43:53:95:9e:8e:38:24:86:c1:29:
53:20:43:2d:93:ef:5b:cc:cc:bc:6f:2f:dc:b1:e2:
a1:f7:6f:45:8b:f3:ee:ef:1d:00:0f:3e:b1:1d:79:
48:95:fa:e9:1c:83:f1:fb:2d:53:ad:a3:91:a4:a9:
67:61:07:f7:85:70:22:b3:09:d2:75:c9:13:26:af:
67:2a:0f:ff:77:54:0d:3e:29:7d:41:83:8a:9d:9b:
4a:99:92:26:dc:1d:e4:de:1e:cb:fa:a7:20:de:1b:
75:e5:6f:b4:bb:28:0e:9b:00:44:b7:7a:a0:39:97:
50:f3:b8:e6:92:01:72:6c:15:10:d1:29:4c:d7:5c:
1e:11:d9:cf:0c:ca:c8:b2:f6:f4:88:22:29:c1:59:
c7:ad:9a:a7:72:0a:89:bd:ee:25:2f:07:bb:c1:6c:
fa:0f:91:03:b6:8a:d5:e0:77:be:7c:16:07:bf:4b:
e7:d9:a6:b2:40:25:cf:b1:6b:8a:f5:ad:08:32:2a:
b8:fb:87:bb:25:96:8d:c8:de:a3:8a:aa:e0:bf:b2:
62:af:cf:7c:53:c6:e6:40:7e:50:22:a9:05:cc:72:
d5:47:82:c7:f3:ed:cc:9c:83:a5:ae:ef:c7:30:e0:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5C:7C:03:56:0A:9F:EF:EF:FD:11:96:18:DC:8D:48:B9:5C:EC:B0
X509v3 Authority Key Identifier:
keyid:86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:4e:69:a0:69:a0:be:d2:7f:7e:c3:5f:48:fd:86:83:9d:46:
85:ef:96:2f:5e:ae:54:ce:cf:c6:0b:53:99:24:5e:20:e3:d3:
7c:f3:06:5a:2a:1b:59:c0:6d:a9:28:be:1a:9d:90:7b:d6:60:
16:ab:7f:ac:65:00:99:eb:90:d3:bf:bf:79:d6:63:91:60:c7:
6b:8e:7f:c7:cf:c6:64:da:cd:60:42:c9:49:7e:a6:d9:6d:15:
aa:09:e5:56:7e:66:0a:43:6c:01:4c:68:d7:ee:29:aa:c7:0c:
05:84:27:a7:35:24:90:90:9d:38:6f:21:3d:8f:c7:36:ce:f8:
59:c3:9e:34:26:c5:aa:76:68:13:2f:1c:36:ef:e4:f4:a8:27:
03:23:b4:c7:6a:df:f4:59:59:61:c4:ee:f3:a9:7c:d0:67:b0:
1e:07:64:64:86:ec:2f:3a:10:a1:22:ce:fd:a5:15:b0:e3:d9:
a3:ef:87:1f:be:c0:1e:3a:02:9d:52:97:6e:82:9c:df:5b:17:
a6:f2:d5:54:84:13:f0:83:52:5d:fb:0d:98:3c:c3:a3:01:e7:
f5:9e:29:40:7f:24:9a:1c:61:1f:2c:78:59:18:ee:69:56:dc:
7e:ea:98:ac:88:ac:6b:ec:4a:bc:6b:02:76:24:58:88:b7:09:
c4:9a:24:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjZ9KsbLv4VQGAPx/zM3+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NzkwZWNkYjg2YWM2ZmFhMmJjYzdlZWIyMGQyNzRjZmE0
NjUwYjAwHhcNMjUwOTA3MDkwMDMwWhcNMjUwOTA4MDkwMDMwWjAzMTEwLwYDVQQD
EygzODVjN2MwMzU2MGE5ZmVmZWZmZDExOTYxOGRjOGQ0OGI5NWNlY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqvrOxY9VQzIgq/Qor7QjPDnA0NT
lZ6OOCSGwSlTIEMtk+9bzMy8by/cseKh929Fi/Pu7x0ADz6xHXlIlfrpHIPx+y1T
raORpKlnYQf3hXAiswnSdckTJq9nKg//d1QNPil9QYOKnZtKmZIm3B3k3h7L+qcg
3ht15W+0uygOmwBEt3qgOZdQ87jmkgFybBUQ0SlM11weEdnPDMrIsvb0iCIpwVnH
rZqncgqJve4lLwe7wWz6D5EDtorV4He+fBYHv0vn2aayQCXPsWuK9a0IMiq4+4e7
JZaNyN6jiqrgv7Jir898U8bmQH5QIqkFzHLVR4LH8+3MnIOlru/HMOBDYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhcfANWCp/v7/0RlhjcjUi5XOywMB8GA1UdIwQY
MBaAFIZ5Ds24asb6orzH7rINJ0z6RlCwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAt
ZTBmNmUzMTVmNWI4LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAtZTBmNmUzMTVmNWI4
LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAk5poGmg
vtJ/fsNfSP2Gg51Ghe+WL16uVM7PxgtTmSReIOPTfPMGWiobWcBtqSi+Gp2Qe9Zg
Fqt/rGUAmeuQ07+/edZjkWDHa45/x8/GZNrNYELJSX6m2W0VqgnlVn5mCkNsAUxo
1+4pqscMBYQnpzUkkJCdOG8hPY/HNs74WcOeNCbFqnZoEy8cNu/k9KgnAyO0x2rf
9FlZYcTu86l80GewHgdkZIbsLzoQoSLO/aUVsOPZo++HH77AHjoCnVKXboKc31sX
pvLVVIQT8INSXfsNmDzDowHn9Z4pQH8kmhxhHyx4WRjuaVbcfuqYrIisa+xKvGsC
diRYiLcJxJok1Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:35:25 2025 by rpki-client