Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
File: HnsuJD-KqVRZeTK83NmvZWDc5RY.mft (raw, json)
Hash identifier: pTo+tS226T4MuR9vfKRgCMvrxktsjI8z7kXAdjgpGbw=
Subject key identifier: 43:D4:72:A9:31:FA:A4:A1:F0:C9:E0:3E:58:A5:E2:98:1B:E2:BC:C7
Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
Certificate issuer: /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Certificate serial: 019A1E3EF6F962CEB17C323904160C4C0B52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
Manifest number: 0BB7
Signing time: Sun 26 Oct 2025 02:00:34 +0000
Manifest this update: Sun 26 Oct 2025 02:00:34 +0000
Manifest next update: Mon 27 Oct 2025 02:00:34 +0000
Files and hashes: 1: HnsuJD-KqVRZeTK83NmvZWDc5RY.crl (hash: Mgly/G7ulNlrwRLWre/Iti2LZ3uaXPhCL1dTGbxfCTA=)
2: IGa7QfhbXaDsGCT9xJOI5gdu6yw.roa (hash: X0y8/lBS1BHPwzQ2lfqfjmgEWEXvXO2MftnVLJbE6FY=)
3: VwEoUNw-ez0MhDo9hKLki2sD7x8.roa (hash: hJNorU0BhP7KaHlsAZlKF465rhSAsAGROKIAje3NnsE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 19:59:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:3e:f6:f9:62:ce:b1:7c:32:39:04:16:0c:4c:0b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Validity
Not Before: Oct 26 02:00:34 2025 GMT
Not After : Oct 27 02:00:34 2025 GMT
Subject: CN=43d472a931faa4a1f0c9e03e58a5e2981be2bcc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:53:9a:76:ff:cf:c4:82:c4:9e:83:57:0b:
e1:bd:d4:bc:66:0c:31:49:89:34:09:b7:86:72:0d:
0e:72:e3:3d:b6:c2:f2:ef:38:02:ba:81:27:7d:63:
2a:4e:43:a6:54:8a:ae:e7:1d:45:e5:11:00:f5:e3:
1d:31:b3:c7:59:0e:f5:35:be:1d:9f:2d:5b:87:71:
8c:ff:25:35:65:66:5b:05:27:df:3e:6c:a8:e7:14:
ac:0b:23:d2:e4:b5:25:b1:e6:cd:d6:c4:5f:a5:92:
16:17:30:00:71:d9:39:f8:49:e5:09:11:5c:85:86:
ce:0f:cf:2c:40:6e:78:01:74:1f:32:6e:db:5f:b9:
30:40:1f:ec:c4:ff:3d:81:31:5e:5c:e7:2d:e2:eb:
59:0f:35:62:7c:32:1e:32:92:63:52:cb:b1:90:c5:
0e:7a:71:f4:46:1f:d1:ef:72:d9:a2:4e:19:18:0c:
07:6b:06:36:b5:d8:aa:6d:d1:a5:66:db:d7:aa:0f:
7a:ac:a4:11:cc:cb:1d:94:23:d9:01:de:b6:88:67:
10:a3:cd:6a:a7:12:63:63:41:f2:f0:6b:e0:89:55:
cb:3b:27:58:8d:76:09:fe:0a:84:27:6b:e4:f9:7b:
9c:3a:12:af:d7:09:72:f8:76:34:99:d7:ab:fc:19:
36:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D4:72:A9:31:FA:A4:A1:F0:C9:E0:3E:58:A5:E2:98:1B:E2:BC:C7
X509v3 Authority Key Identifier:
keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:3c:14:d1:0f:59:6a:0e:82:a1:9c:69:cc:47:d5:89:23:3c:
d8:c5:33:c2:28:49:f5:a8:4c:83:ba:e6:6a:ab:57:53:89:6f:
bc:e1:9d:9c:a1:96:c6:ce:29:26:a5:1c:9c:78:30:af:be:22:
fd:63:cd:da:ab:a6:62:70:e3:a4:f4:d1:27:ba:ef:68:cc:fa:
33:75:f5:61:cc:4d:d1:ca:94:5b:1c:ee:af:cd:bb:7f:58:16:
68:86:b7:85:ee:41:5e:42:ef:56:de:46:30:67:e8:99:44:87:
0f:9a:3a:e7:1e:da:b1:33:80:34:1f:45:96:49:05:aa:a1:6d:
85:f1:ad:eb:70:a8:f1:fd:cd:35:d5:6c:79:f5:5f:8e:e0:b2:
e8:9e:8d:15:87:61:1a:4d:b6:ea:57:4e:29:9d:91:95:42:53:
8b:ca:97:e7:20:0f:01:92:cf:ef:7a:41:33:dc:fd:a1:6f:02:
46:15:41:bf:f0:d7:19:d6:d7:3f:5e:cc:40:4d:fb:3e:4f:2e:
8b:bc:d7:e2:a2:bb:34:71:a8:a8:72:3a:03:87:32:21:a1:2c:
fb:17:37:27:48:ac:bb:2f:06:93:bd:40:bc:80:85:ff:76:06:
b2:d5:47:be:cc:d8:68:d2:67:50:f0:d0:cf:e6:7d:e7:bf:cc:
fe:4e:da:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoePvb5Ys6xfDI5BBYMTAtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk
Y2U1MTYwHhcNMjUxMDI2MDIwMDM0WhcNMjUxMDI3MDIwMDM0WjAzMTEwLwYDVQQD
Eyg0M2Q0NzJhOTMxZmFhNGExZjBjOWUwM2U1OGE1ZTI5ODFiZTJiY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8dTmnb/z8SCxJ6DVwvhvdS8Zgwx
SYk0CbeGcg0OcuM9tsLy7zgCuoEnfWMqTkOmVIqu5x1F5REA9eMdMbPHWQ71Nb4d
ny1bh3GM/yU1ZWZbBSffPmyo5xSsCyPS5LUlsebN1sRfpZIWFzAAcdk5+EnlCRFc
hYbOD88sQG54AXQfMm7bX7kwQB/sxP89gTFeXOct4utZDzVifDIeMpJjUsuxkMUO
enH0Rh/R73LZok4ZGAwHawY2tdiqbdGlZtvXqg96rKQRzMsdlCPZAd62iGcQo81q
pxJjY0Hy8GvgiVXLOydYjXYJ/gqEJ2vk+XucOhKv1wly+HY0mder/Bk26QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPUcqkx+qSh8MngPlil4pgb4rzHMB8GA1UdIwQY
MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt
ZDU0OTU1NjQzY2Q5LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5
LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTwU0Q9Z
ag6CoZxpzEfViSM82MUzwihJ9ahMg7rmaqtXU4lvvOGdnKGWxs4pJqUcnHgwr74i
/WPN2qumYnDjpPTRJ7rvaMz6M3X1YcxN0cqUWxzur827f1gWaIa3he5BXkLvVt5G
MGfomUSHD5o65x7asTOANB9FlkkFqqFthfGt63Co8f3NNdVsefVfjuCy6J6NFYdh
Gk226ldOKZ2RlUJTi8qX5yAPAZLP73pBM9z9oW8CRhVBv/DXGdbXP17MQE37Pk8u
i7zX4qK7NHGoqHI6A4cyIaEs+xc3J0isuy8Gk71AvICF/3YGstVHvszYaNJnUPDQ
z+Z957/M/k7aUQ==
-----END CERTIFICATE-----
Generated at Sun Oct 26 03:58:50 2025 by rpki-client