Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
File: HKy3fiC3gUfUf4OUKU8Re1yE714.mft (raw, json)
Hash identifier: Qzcqq/boD1nxxNCG9SIkcWPn9KR1FCqDpR/kgPavKT4=
Subject key identifier: 1E:56:B3:7D:22:C7:DC:00:71:C6:41:AB:5F:39:8F:70:FB:00:65:52
Authority key identifier: 1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
Certificate issuer: /CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Certificate serial: 019A71B8DD6BF9D1981FCDC3A8255A66A3FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
Manifest number: 11D1
Signing time: Tue 11 Nov 2025 07:02:11 +0000
Manifest this update: Tue 11 Nov 2025 07:02:11 +0000
Manifest next update: Wed 12 Nov 2025 07:02:11 +0000
Files and hashes: 1: HKy3fiC3gUfUf4OUKU8Re1yE714.crl (hash: 5twRxCl28BTZ/Zomkt9hh2fbbaYZFrop5DwKBWKRtoQ=)
2: OoGFPfomo3cQZiCz4qsidreDjCc.roa (hash: nmvopa2kUZd9MIXgbeUNiD86irOgkmmL30is65pmYug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:dd:6b:f9:d1:98:1f:cd:c3:a8:25:5a:66:a3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Validity
Not Before: Nov 11 07:02:11 2025 GMT
Not After : Nov 12 07:02:11 2025 GMT
Subject: CN=1e56b37d22c7dc0071c641ab5f398f70fb006552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:a8:54:11:94:b2:b6:bd:64:53:2b:53:de:
84:b7:c2:dd:57:1e:71:3d:b4:fa:e2:34:55:f6:97:
88:be:92:aa:e5:22:23:cb:b4:ce:f5:21:0d:75:10:
29:e2:b1:ad:00:50:2c:1e:34:be:2f:19:9e:59:00:
78:e0:04:2a:88:9d:0c:eb:81:85:7d:70:ca:d6:04:
5d:03:ec:93:6b:bf:e4:14:60:fa:bb:18:69:c8:73:
5a:32:3b:39:75:36:54:5d:b4:f9:57:09:f9:29:8b:
3f:bf:3d:7c:2a:49:6a:bf:24:b5:c8:5b:2e:74:f9:
82:da:7d:c8:17:16:f6:2a:a7:70:4f:61:b3:de:18:
89:aa:58:be:a5:c7:d8:54:fb:21:fc:e6:92:d1:5f:
d3:98:d4:d6:9f:1e:74:93:94:7b:3e:c5:b2:37:db:
cf:44:57:2f:1c:46:34:5d:81:2e:6b:03:dd:c6:e5:
e2:2f:ed:03:7a:bc:e3:26:b4:08:44:dd:db:8d:42:
8e:5e:0e:6a:c7:d6:e3:72:01:8f:64:0c:ae:33:fe:
b3:0f:1a:22:6f:7f:82:57:dc:31:64:fb:97:d3:bd:
c8:9c:ab:10:27:43:ae:33:be:10:c9:0d:5b:dc:92:
6e:ba:eb:ac:7d:bc:2a:d6:7c:9d:9b:d8:ea:d4:1c:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:56:B3:7D:22:C7:DC:00:71:C6:41:AB:5F:39:8F:70:FB:00:65:52
X509v3 Authority Key Identifier:
keyid:1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:08:f6:22:36:0c:f2:96:47:e0:27:fd:6f:3f:f0:64:ac:ed:
d5:ce:12:f0:2c:99:99:3f:88:81:5f:d0:df:82:8c:cd:ab:8d:
ed:00:b0:77:79:c1:f4:92:18:48:3d:cc:28:13:27:f8:75:b0:
f8:74:bf:b0:d4:b4:88:14:d9:92:ea:e4:d2:e4:58:46:e7:5d:
31:08:76:fc:c0:96:4b:e3:6a:a4:e0:9b:c4:ca:d1:47:a5:27:
6b:9a:0b:98:ab:b4:c7:c0:92:a7:e6:43:12:ec:5f:6b:b6:70:
db:8f:52:08:a7:e1:1d:3d:4d:f1:a5:0c:5a:33:a4:e4:00:56:
11:3f:23:6b:22:91:5d:f0:63:77:0b:38:2e:60:0e:18:5e:c5:
3a:cd:50:ac:d4:ba:79:03:55:d2:c9:49:37:9e:6c:18:3a:6f:
f6:92:6f:72:63:73:cb:08:f0:9a:78:28:8c:c0:04:f4:86:d4:
11:47:ed:5c:c9:07:38:63:cb:16:6e:1c:ff:02:32:ca:13:93:
f0:2c:25:7a:2c:b3:63:02:2d:47:b9:05:02:20:54:78:4d:9f:
65:1e:3f:86:39:c0:d6:d5:9a:e5:8b:ec:a7:e5:40:a2:64:07:
8c:ba:bd:2b:81:88:87:a4:ad:8a:14:82:c5:60:8e:4e:e5:c0:
1f:9b:21:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuN1r+dGYH83DqCVaZqP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWNiNzdlMjBiNzgxNDdkNDdmODM5NDI5NGYxMTdiNWM4
NGVmNWUwHhcNMjUxMTExMDcwMjExWhcNMjUxMTEyMDcwMjExWjAzMTEwLwYDVQQD
EygxZTU2YjM3ZDIyYzdkYzAwNzFjNjQxYWI1ZjM5OGY3MGZiMDA2NTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRyoVBGUsra9ZFMrU96Et8LdVx5x
PbT64jRV9peIvpKq5SIjy7TO9SENdRAp4rGtAFAsHjS+LxmeWQB44AQqiJ0M64GF
fXDK1gRdA+yTa7/kFGD6uxhpyHNaMjs5dTZUXbT5Vwn5KYs/vz18KklqvyS1yFsu
dPmC2n3IFxb2KqdwT2Gz3hiJqli+pcfYVPsh/OaS0V/TmNTWnx50k5R7PsWyN9vP
RFcvHEY0XYEuawPdxuXiL+0DerzjJrQIRN3bjUKOXg5qx9bjcgGPZAyuM/6zDxoi
b3+CV9wxZPuX073InKsQJ0OuM74QyQ1b3JJuuuusfbwq1nydm9jq1BziCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5Ws30ix9wAccZBq185j3D7AGVSMB8GA1UdIwQY
MBaAFByst34gt4FH1H+DlClPEXtchO9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgt
NTMyNWE1MjAwYmE5LzEvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgtNTMyNWE1MjAwYmE5
LzEvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAj2IjYM
8pZH4Cf9bz/wZKzt1c4S8CyZmT+IgV/Q34KMzauN7QCwd3nB9JIYSD3MKBMn+HWw
+HS/sNS0iBTZkurk0uRYRuddMQh2/MCWS+NqpOCbxMrRR6Una5oLmKu0x8CSp+ZD
Euxfa7Zw249SCKfhHT1N8aUMWjOk5ABWET8jayKRXfBjdws4LmAOGF7FOs1QrNS6
eQNV0slJN55sGDpv9pJvcmNzywjwmngojMAE9IbUEUftXMkHOGPLFm4c/wIyyhOT
8CwleiyzYwItR7kFAiBUeE2fZR4/hjnA1tWa5Yvsp+VAomQHjLq9K4GIh6StihSC
xWCOTuXAH5sh7g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:57:08 2025 by rpki-client