Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File: HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier: t20G6hn3pT8psjNkqxyskCnV1cuZPTHTWvi9xyk1ovo=
Subject key identifier: 25:FB:1C:A2:E5:F6:1F:70:5B:0E:B0:19:00:2E:3A:28:9A:4C:4B:7A
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer: /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial: 019A711379A46603E860CD3A78ADFA603A9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number: 12D7
Signing time: Tue 11 Nov 2025 04:01:33 +0000
Manifest this update: Tue 11 Nov 2025 04:01:33 +0000
Manifest next update: Wed 12 Nov 2025 04:01:33 +0000
Files and hashes: 1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: plqu+zkqky5i09s3UsUgIe8sbk4WeBQtN5/g4w5yeLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:79:a4:66:03:e8:60:cd:3a:78:ad:fa:60:3a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Validity
Not Before: Nov 11 04:01:33 2025 GMT
Not After : Nov 12 04:01:33 2025 GMT
Subject: CN=25fb1ca2e5f61f705b0eb019002e3a289a4c4b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:92:72:5c:27:75:41:26:46:4a:ec:a7:e9:
84:62:ae:fb:65:25:62:74:d0:68:46:24:a8:09:9f:
20:e6:90:49:cc:3a:6b:b1:e2:da:eb:35:71:af:d3:
39:f5:f1:8c:52:63:29:93:1c:e4:15:0e:5d:92:fd:
2f:3d:6b:b2:95:55:f5:3d:bb:2b:b0:5b:fa:b9:7c:
9d:1b:81:e5:3c:a4:94:d9:f0:22:9b:52:0a:30:df:
b4:1a:22:41:74:93:d0:32:c8:22:65:20:57:b1:3d:
54:0c:85:18:47:cf:0c:27:c4:66:55:35:d0:37:4b:
f2:f8:c8:8b:15:69:d9:82:7b:ce:fe:be:75:98:2c:
7a:32:63:b4:21:ac:2e:96:ca:ff:40:fa:da:bf:ff:
04:03:c9:69:37:2c:06:63:cd:bd:16:8a:5e:da:a0:
11:60:29:13:a3:69:41:86:2d:32:1d:41:80:c7:49:
78:9e:36:5a:01:2e:f5:0b:db:1d:2b:2b:e4:ab:8c:
b9:4f:ac:d0:98:5e:54:7a:bb:7c:b5:03:59:88:ab:
90:cc:76:29:37:9f:f5:18:df:a0:a3:84:d4:1f:de:
a0:2f:25:05:20:1c:b5:c6:a7:bc:be:34:ec:8e:41:
ed:68:97:92:d8:81:1d:2e:02:4a:67:e9:d1:2d:c5:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FB:1C:A2:E5:F6:1F:70:5B:0E:B0:19:00:2E:3A:28:9A:4C:4B:7A
X509v3 Authority Key Identifier:
keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:32:2b:b4:d5:ca:cc:30:96:89:03:76:dc:6e:6f:cf:d4:ea:
4e:a4:40:a0:27:fb:0d:dc:59:36:16:52:e9:57:f5:2c:bf:e1:
2a:cd:61:5e:b9:93:4c:5a:dc:a5:02:64:13:36:ea:97:80:f1:
91:d7:0e:ad:2b:63:9c:db:8f:e8:82:bc:40:1c:60:ba:42:35:
cb:59:94:6d:2e:6e:15:8c:7e:61:f8:ba:52:20:f3:4d:2b:d1:
e4:d2:88:ac:38:16:3a:ba:f3:52:e1:9c:36:4e:96:10:7e:aa:
58:f9:a7:c5:56:1d:f3:04:1d:7f:f4:ca:25:aa:16:8b:a7:64:
ae:66:24:32:68:ae:02:32:00:d6:77:1a:5b:96:6c:9f:af:ee:
06:3d:b9:71:cb:d5:c2:68:9f:1e:0b:9f:65:74:03:e9:8c:b0:
ea:34:af:63:b5:bd:d7:2d:40:28:73:e6:9f:30:7a:d4:3f:1e:
4c:32:9a:0c:76:8d:f8:99:a6:52:f6:41:4d:22:95:3f:f1:b9:
0e:90:6c:20:92:2a:8b:c6:35:5b:98:fc:7d:2e:eb:0e:41:a5:
4f:d3:ac:eb:7d:ba:68:a3:8a:a9:60:1e:ef:a1:4e:24:35:c6:
96:8a:41:0c:b1:6d:5a:6f:29:c3:5a:8f:98:99:36:88:89:d8:
ca:cc:12:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE3mkZgPoYM06eK36YDqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjUxMTExMDQwMTMzWhcNMjUxMTEyMDQwMTMzWjAzMTEwLwYDVQQD
EygyNWZiMWNhMmU1ZjYxZjcwNWIwZWIwMTkwMDJlM2EyODlhNGM0YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn22SclwndUEmRkrsp+mEYq77ZSVi
dNBoRiSoCZ8g5pBJzDprseLa6zVxr9M59fGMUmMpkxzkFQ5dkv0vPWuylVX1Pbsr
sFv6uXydG4HlPKSU2fAim1IKMN+0GiJBdJPQMsgiZSBXsT1UDIUYR88MJ8RmVTXQ
N0vy+MiLFWnZgnvO/r51mCx6MmO0Iawulsr/QPrav/8EA8lpNywGY829Fope2qAR
YCkTo2lBhi0yHUGAx0l4njZaAS71C9sdKyvkq4y5T6zQmF5Uert8tQNZiKuQzHYp
N5/1GN+go4TUH96gLyUFIBy1xqe8vjTsjkHtaJeS2IEdLgJKZ+nRLcWeTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCX7HKLl9h9wWw6wGQAuOiiaTEt6MB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkjIrtNXK
zDCWiQN23G5vz9TqTqRAoCf7DdxZNhZS6Vf1LL/hKs1hXrmTTFrcpQJkEzbql4Dx
kdcOrStjnNuP6IK8QBxgukI1y1mUbS5uFYx+Yfi6UiDzTSvR5NKIrDgWOrrzUuGc
Nk6WEH6qWPmnxVYd8wQdf/TKJaoWi6dkrmYkMmiuAjIA1ncaW5Zsn6/uBj25ccvV
wmifHgufZXQD6Yyw6jSvY7W91y1AKHPmnzB61D8eTDKaDHaN+JmmUvZBTSKVP/G5
DpBsIJIqi8Y1W5j8fS7rDkGlT9Os6326aKOKqWAe76FOJDXGlopBDLFtWm8pw1qP
mJk2iInYyswS1A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:38 2025 by rpki-client