Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.mft
File: hpNlUyawRyyGbFyZMC4rLXjL3fc.mft (raw, json)
Hash identifier: JgqK9+InpYxi2/ntwduDQ9B5ShPYu8fMIkUUmV/liAI=
Subject key identifier: 95:72:0D:3C:DA:87:4E:BE:D2:EF:53:F8:CC:11:8F:D9:E2:5C:AC:13
Authority key identifier: 86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
Certificate issuer: /CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Certificate serial: 019A7337FDFEC575827E1F8FBD58F55BB8D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.mft
Manifest number: 0FF7
Signing time: Tue 11 Nov 2025 14:00:40 +0000
Manifest this update: Tue 11 Nov 2025 14:00:40 +0000
Manifest next update: Wed 12 Nov 2025 14:00:40 +0000
Files and hashes: 1: hpNlUyawRyyGbFyZMC4rLXjL3fc.crl (hash: BI+kHeLQTctxP7QkZ9hBdio9SOSWBqvyppeIdxnYIRE=)
2: z8Qgne-FkfA3KYq3e01ob5TLZp0.roa (hash: 7fco4lzAt1GZtpXkjpIq4UVmOihkqjl0I1nfOSI77gY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:37:fd:fe:c5:75:82:7e:1f:8f:bd:58:f5:5b:b8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Validity
Not Before: Nov 11 14:00:40 2025 GMT
Not After : Nov 12 14:00:40 2025 GMT
Subject: CN=95720d3cda874ebed2ef53f8cc118fd9e25cac13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:dc:3d:fa:b0:1d:49:c4:6b:44:5f:54:cc:c5:
ac:c0:75:4a:b8:f8:15:45:b1:92:ac:69:97:3e:69:
11:41:1c:b1:56:f6:7a:b3:a0:37:f3:04:79:4b:f6:
a6:09:fb:ef:88:a9:11:c0:99:b7:5f:91:33:ea:85:
79:58:43:05:5e:ee:cc:d6:15:a8:bc:59:2b:84:8d:
83:c0:b9:51:57:db:a5:6f:ff:7d:5a:01:c1:07:7a:
bf:49:dd:9b:c5:07:d6:dd:b7:33:6c:02:99:07:06:
ce:8e:79:57:3b:ec:e8:ec:e0:0f:f6:40:13:0e:5e:
e0:ca:c6:dd:15:67:d0:65:34:ba:59:9a:7b:c2:27:
2b:b2:7a:5a:35:cc:c3:fa:1f:a0:44:c6:b6:74:9e:
0f:ac:57:bf:e1:22:b8:ee:b2:fa:5a:79:cf:2d:be:
83:40:19:a8:f1:22:90:23:6b:6d:36:d8:de:dc:b0:
6e:ec:d7:02:6d:96:9b:6f:9b:15:e0:74:3a:ea:c5:
fc:b8:4f:66:55:7b:c5:94:95:95:4b:a8:68:35:2b:
51:2f:ff:2d:59:28:9a:3a:e9:bf:ab:5d:2a:55:9c:
18:1c:1d:65:fe:1a:50:13:e9:a3:c1:05:57:ee:37:
8d:32:6e:e4:1c:60:54:4c:7d:8b:fe:ca:62:11:68:
ad:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:72:0D:3C:DA:87:4E:BE:D2:EF:53:F8:CC:11:8F:D9:E2:5C:AC:13
X509v3 Authority Key Identifier:
keyid:86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:12:f2:17:21:1a:b8:84:79:02:e4:0e:85:ef:57:1b:73:77:
90:75:9f:4a:f6:33:d4:cc:d9:f4:7b:0a:d1:d3:8f:82:3c:6b:
aa:66:66:7d:c2:06:ac:dc:99:a5:c8:fa:fc:2a:6c:74:b0:98:
0e:c9:eb:e8:41:54:2e:17:b0:3d:8f:af:7e:33:b5:23:1d:36:
3d:88:97:44:2e:7a:0a:7c:dc:d4:1e:2a:91:13:8a:51:78:86:
b9:bc:50:c9:cf:48:05:fa:8b:e4:30:d6:71:08:9b:e3:19:07:
fc:73:27:0a:dd:a3:52:50:12:27:61:11:c4:f2:5c:98:9c:ac:
d7:07:8e:53:fc:0a:00:e2:f7:bc:5a:65:48:bc:16:7b:6c:9b:
07:83:96:ff:12:c7:a3:d3:5c:ab:8b:4e:43:12:ce:94:fd:43:
b7:e5:7b:9f:ad:8c:70:1c:12:80:3a:c7:c5:ac:d0:53:e7:a2:
3a:0d:47:df:e8:1c:96:b6:f6:19:85:31:25:8f:dc:33:ac:08:
1d:7e:49:b1:64:31:0e:49:cc:47:86:32:69:ee:54:41:eb:50:
e1:e3:0b:05:e5:4f:33:94:7f:93:c7:56:b4:87:94:34:f2:4a:
6b:25:55:d5:c5:78:9e:63:2a:7f:f8:d8:1d:e3:3c:8a:43:e0:
49:db:4e:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzN/3+xXWCfh+PvVj1W7jVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTM2NTUzMjZiMDQ3MmM4NjZjNWM5OTMwMmUyYjJkNzhj
YmRkZjcwHhcNMjUxMTExMTQwMDQwWhcNMjUxMTEyMTQwMDQwWjAzMTEwLwYDVQQD
Eyg5NTcyMGQzY2RhODc0ZWJlZDJlZjUzZjhjYzExOGZkOWUyNWNhYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdw9+rAdScRrRF9UzMWswHVKuPgV
RbGSrGmXPmkRQRyxVvZ6s6A38wR5S/amCfvviKkRwJm3X5Ez6oV5WEMFXu7M1hWo
vFkrhI2DwLlRV9ulb/99WgHBB3q/Sd2bxQfW3bczbAKZBwbOjnlXO+zo7OAP9kAT
Dl7gysbdFWfQZTS6WZp7wicrsnpaNczD+h+gRMa2dJ4PrFe/4SK47rL6WnnPLb6D
QBmo8SKQI2ttNtje3LBu7NcCbZabb5sV4HQ66sX8uE9mVXvFlJWVS6hoNStRL/8t
WSiaOum/q10qVZwYHB1l/hpQE+mjwQVX7jeNMm7kHGBUTH2L/spiEWitHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVyDTzah06+0u9T+MwRj9niXKwTMB8GA1UdIwQY
MBaAFIaTZVMmsEcshmxcmTAuKy14y933MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEt
OWU2NzcyZWQzOWE2LzEvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEtOWU2NzcyZWQzOWE2
LzEvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqRLyFyEa
uIR5AuQOhe9XG3N3kHWfSvYz1MzZ9HsK0dOPgjxrqmZmfcIGrNyZpcj6/CpsdLCY
Dsnr6EFULhewPY+vfjO1Ix02PYiXRC56Cnzc1B4qkROKUXiGubxQyc9IBfqL5DDW
cQib4xkH/HMnCt2jUlASJ2ERxPJcmJys1weOU/wKAOL3vFplSLwWe2ybB4OW/xLH
o9Ncq4tOQxLOlP1Dt+V7n62McBwSgDrHxazQU+eiOg1H3+gclrb2GYUxJY/cM6wI
HX5JsWQxDknMR4Yyae5UQetQ4eMLBeVPM5R/k8dWtIeUNPJKayVV1cV4nmMqf/jY
HeM8ikPgSdtOmA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:36 2025 by rpki-client