Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
File: hnkOzbhqxvqivMfusg0nTPpGULA.mft (raw, json)
Hash identifier: tYf79STAhVgreX6Lam4CytI5cCzQxF41/GnpW+QM7FE=
Subject key identifier: 40:4F:AA:3D:DD:5F:F9:A8:74:6A:E2:72:B5:2C:7A:F7:2C:7C:26:5F
Authority key identifier: 86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
Certificate issuer: /CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Certificate serial: 019A71809D60907D7A264583BEA7DC6A6F96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
Manifest number: F8
Signing time: Tue 11 Nov 2025 06:00:45 +0000
Manifest this update: Tue 11 Nov 2025 06:00:45 +0000
Manifest next update: Wed 12 Nov 2025 06:00:45 +0000
Files and hashes: 1: hnkOzbhqxvqivMfusg0nTPpGULA.crl (hash: 2fm0c8IdPNFyhzl/DGrutj9guvK1crMduahi+sCTIHU=)
2: tR9T-2FvtEGouyPVT6CL-0oJmZs.roa (hash: oiTzhXBQqy2Mz5Nqrcv/ZCMdCONRk6F6wZpQ15vc3o0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:9d:60:90:7d:7a:26:45:83:be:a7:dc:6a:6f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Validity
Not Before: Nov 11 06:00:45 2025 GMT
Not After : Nov 12 06:00:45 2025 GMT
Subject: CN=404faa3ddd5ff9a8746ae272b52c7af72c7c265f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:23:93:ed:82:bd:cf:d5:61:a7:e9:ef:b0:ab:
35:9b:19:ca:b4:7b:bc:32:96:11:32:3d:4c:bb:2e:
8a:de:6c:fb:ff:26:a8:bc:63:20:58:bc:0d:4e:7d:
65:af:7e:dc:4f:0d:25:ea:5d:31:4e:49:58:08:18:
38:33:e1:7b:70:d0:85:ba:43:3f:66:2a:4e:63:0f:
23:c9:7a:1c:a6:89:0d:21:72:84:07:05:c5:12:f7:
3f:3e:8b:9c:eb:71:5e:c7:ea:56:22:97:03:ce:7f:
75:08:58:80:b1:5d:04:72:d7:22:4d:75:65:c6:14:
d6:d6:c7:7c:52:12:b4:c7:96:c3:10:57:a1:9c:e1:
db:2b:1b:c3:b5:dc:a4:ac:f4:11:31:8e:26:71:68:
a0:c0:5e:4f:5a:42:cd:70:9a:16:76:a9:b8:f3:af:
3e:bd:8b:0f:f3:56:8d:58:3d:67:89:3e:50:26:b0:
39:08:74:a1:9e:97:01:67:40:0c:e2:ab:7e:67:aa:
39:15:c8:83:d8:93:69:1d:f0:3b:f8:63:9c:86:43:
b1:a0:f9:89:f8:46:a6:ab:6f:d1:e0:9a:92:e4:ee:
c1:5e:cf:cd:41:33:43:71:c8:49:f2:87:45:ab:57:
19:56:9e:01:8b:75:03:11:39:85:7e:12:28:31:26:
1e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4F:AA:3D:DD:5F:F9:A8:74:6A:E2:72:B5:2C:7A:F7:2C:7C:26:5F
X509v3 Authority Key Identifier:
keyid:86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:2f:03:32:1a:e5:6e:65:9d:2d:53:99:10:ea:f2:05:30:f5:
41:11:cd:5b:a1:3d:da:0b:32:a5:90:91:5a:e6:2e:71:06:cf:
c3:95:94:c1:ae:01:ad:f8:b7:7c:9b:47:2c:27:2c:93:16:7f:
de:3c:6b:15:8b:1e:34:a5:47:a8:f3:f2:ff:59:af:38:76:fe:
2a:7e:dc:f1:34:1c:fc:b2:f7:2f:11:ce:81:c8:fe:ec:7c:2f:
93:41:67:50:e4:de:71:f0:14:77:b8:ee:91:51:1c:73:6f:86:
e9:7d:86:da:1b:ea:3f:e2:a0:20:03:6e:74:3d:51:fb:1b:18:
ec:e1:8d:b7:ac:ef:25:c1:2f:7e:ed:4d:79:1f:94:81:28:22:
d8:c1:1e:8b:08:fd:ee:6b:a5:0e:1f:81:89:5f:2f:34:5d:a0:
2e:91:40:f7:d3:df:f2:12:3f:e0:46:8c:29:ff:54:fe:26:7d:
a2:d9:9e:fa:96:a3:03:47:7b:84:3a:0e:76:07:c2:20:ca:41:
ad:da:d3:ac:64:38:ae:9c:3a:93:15:af:ab:96:57:ec:b6:32:
da:6a:6a:d3:bf:c1:0e:2d:a9:b7:d2:0e:93:01:83:82:60:48:
1d:82:d3:1d:29:a5:1d:8a:7f:cb:ee:1b:41:4c:ac:98:2e:7f:
11:09:dd:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJ1gkH16JkWDvqfcam+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NzkwZWNkYjg2YWM2ZmFhMmJjYzdlZWIyMGQyNzRjZmE0
NjUwYjAwHhcNMjUxMTExMDYwMDQ1WhcNMjUxMTEyMDYwMDQ1WjAzMTEwLwYDVQQD
Eyg0MDRmYWEzZGRkNWZmOWE4NzQ2YWUyNzJiNTJjN2FmNzJjN2MyNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCOT7YK9z9Vhp+nvsKs1mxnKtHu8
MpYRMj1Muy6K3mz7/yaovGMgWLwNTn1lr37cTw0l6l0xTklYCBg4M+F7cNCFukM/
ZipOYw8jyXocpokNIXKEBwXFEvc/Pouc63Fex+pWIpcDzn91CFiAsV0EctciTXVl
xhTW1sd8UhK0x5bDEFehnOHbKxvDtdykrPQRMY4mcWigwF5PWkLNcJoWdqm4868+
vYsP81aNWD1niT5QJrA5CHShnpcBZ0AM4qt+Z6o5FciD2JNpHfA7+GOchkOxoPmJ
+Eamq2/R4JqS5O7BXs/NQTNDcchJ8odFq1cZVp4Bi3UDETmFfhIoMSYegwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBPqj3dX/modGricrUsevcsfCZfMB8GA1UdIwQY
MBaAFIZ5Ds24asb6orzH7rINJ0z6RlCwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAt
ZTBmNmUzMTVmNWI4LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAtZTBmNmUzMTVmNWI4
LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANS8DMhrl
bmWdLVOZEOryBTD1QRHNW6E92gsypZCRWuYucQbPw5WUwa4Brfi3fJtHLCcskxZ/
3jxrFYseNKVHqPPy/1mvOHb+Kn7c8TQc/LL3LxHOgcj+7Hwvk0FnUOTecfAUd7ju
kVEcc2+G6X2G2hvqP+KgIANudD1R+xsY7OGNt6zvJcEvfu1NeR+UgSgi2MEeiwj9
7mulDh+BiV8vNF2gLpFA99Pf8hI/4EaMKf9U/iZ9otme+pajA0d7hDoOdgfCIMpB
rdrTrGQ4rpw6kxWvq5ZX7LYy2mpq07/BDi2pt9IOkwGDgmBIHYLTHSmlHYp/y+4b
QUysmC5/EQndDg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:59:55 2025 by rpki-client