Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.mft
File: Hd51apttFAAMPhUNW31glbdhP-Q.mft (raw, json)
Hash identifier: NpE7rKGCCSGk6pgyACqF9N4TPe4TMYcv3BGIAszJ66A=
Subject key identifier: D9:0A:81:6E:C9:07:CA:C7:0C:50:81:F0:F9:80:66:21:37:60:06:A0
Authority key identifier: 1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
Certificate issuer: /CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Certificate serial: 019A28C2B1DE0063148849AA1242577AEC30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.mft
Manifest number: 16F9
Signing time: Tue 28 Oct 2025 03:00:39 +0000
Manifest this update: Tue 28 Oct 2025 03:00:39 +0000
Manifest next update: Wed 29 Oct 2025 03:00:39 +0000
Files and hashes: 1: Hd51apttFAAMPhUNW31glbdhP-Q.crl (hash: 5oWlo8/29+H0QnyKlmHv/fkXsisG8KKvYoyuLk2pF4A=)
2: dcbMwMMoAbrSDYORYR-a2Au1hPA.roa (hash: GaJP4UO0sS8NGTP1pZn3Q8XkpBsgZUPrCjP5yXsfKKw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 03:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:28:c2:b1:de:00:63:14:88:49:aa:12:42:57:7a:ec:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Validity
Not Before: Oct 28 03:00:39 2025 GMT
Not After : Oct 29 03:00:39 2025 GMT
Subject: CN=d90a816ec907cac70c5081f0f9806621376006a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2c:dd:cf:6d:3d:70:cf:a1:ac:98:2a:48:ba:
53:c2:3f:2b:af:cc:82:f9:17:2b:fc:dc:0c:62:f6:
29:a0:0d:3d:96:78:f7:1a:06:bf:9f:2e:e3:d5:a2:
a9:ea:af:63:17:5e:e8:9b:f5:67:44:49:8f:eb:31:
d0:f6:fe:b7:26:1c:9e:e9:5a:dc:e1:26:91:a5:f1:
18:b2:38:82:68:77:17:cf:7b:fe:ab:9e:51:2f:03:
f6:52:d3:73:f1:05:c3:eb:b9:5b:7e:67:92:53:55:
d8:a2:33:5c:47:39:29:7b:1a:f7:92:27:29:51:02:
a5:03:be:f8:f1:e8:b1:c7:7f:fb:ea:96:5c:6f:65:
9a:5a:2c:2f:be:f7:72:f9:fc:9b:63:48:41:f4:80:
16:e8:eb:00:db:78:65:50:74:6f:4e:60:68:47:4a:
02:06:ff:96:f4:9a:69:59:e3:1c:f2:48:e1:10:00:
6e:85:ee:52:83:03:75:08:fd:08:76:a0:b2:24:56:
45:9b:0e:fe:b7:08:67:d6:fd:08:eb:71:e6:7a:05:
49:3e:90:1a:b9:47:d0:a0:72:bf:65:14:09:fc:9f:
6f:b5:18:4d:19:87:db:30:5a:2f:3e:a5:13:b3:df:
31:cd:28:43:5d:93:9b:5d:cf:e8:e3:d5:f8:d5:81:
06:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0A:81:6E:C9:07:CA:C7:0C:50:81:F0:F9:80:66:21:37:60:06:A0
X509v3 Authority Key Identifier:
keyid:1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:fd:67:e7:32:b7:07:59:dc:18:f8:28:a8:53:a0:bf:4a:63:
78:f4:a7:cc:e4:f1:5f:2e:8b:6f:77:c4:8e:09:67:e9:6d:43:
21:e8:25:77:d5:0a:7b:2d:84:37:e0:44:d4:d1:00:16:6a:78:
e5:9d:06:46:e6:bf:4c:a0:13:23:36:b2:ba:2c:fe:52:0d:83:
1b:91:3f:f3:99:e6:28:1c:d5:ba:2b:cb:e2:0d:5e:56:09:d7:
35:23:bf:00:ab:c9:4e:e3:dd:80:a1:f8:a0:c4:49:54:4c:4c:
20:51:33:47:0f:e0:ff:ab:f8:37:fe:0b:2a:4f:2b:cc:76:78:
90:ac:f3:24:9e:2b:a6:38:17:ae:d6:13:35:07:0d:99:4a:48:
be:8c:f7:64:70:79:c6:f3:c3:0a:61:a0:28:06:28:a7:41:53:
ad:4c:09:d7:ec:a4:87:5a:8b:10:76:f0:e2:69:d2:01:81:12:
66:54:0f:b3:e1:c4:d9:e8:be:e5:6f:24:7d:5e:b6:59:e1:ba:
ab:4d:94:bc:6d:d1:4d:ec:f6:2f:69:4f:75:0b:bd:6a:c6:20:
79:88:be:51:dc:56:b2:42:d7:0c:33:a2:9e:a6:32:f0:20:b1:
e6:f5:58:ba:dc:32:a9:94:ba:02:c7:d6:14:96:65:f1:4b:c9:
05:ef:46:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoowrHeAGMUiEmqEkJXeuwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGU3NTZhOWI2ZDE0MDAwYzNlMTUwZDViN2Q2MDk1Yjc2
MTNmZTQwHhcNMjUxMDI4MDMwMDM5WhcNMjUxMDI5MDMwMDM5WjAzMTEwLwYDVQQD
EyhkOTBhODE2ZWM5MDdjYWM3MGM1MDgxZjBmOTgwNjYyMTM3NjAwNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSzdz209cM+hrJgqSLpTwj8rr8yC
+Rcr/NwMYvYpoA09lnj3Gga/ny7j1aKp6q9jF17om/VnREmP6zHQ9v63Jhye6Vrc
4SaRpfEYsjiCaHcXz3v+q55RLwP2UtNz8QXD67lbfmeSU1XYojNcRzkpexr3kicp
UQKlA7748eixx3/76pZcb2WaWiwvvvdy+fybY0hB9IAW6OsA23hlUHRvTmBoR0oC
Bv+W9JppWeMc8kjhEABuhe5SgwN1CP0IdqCyJFZFmw7+twhn1v0I63HmegVJPpAa
uUfQoHK/ZRQJ/J9vtRhNGYfbMFovPqUTs98xzShDXZObXc/o49X41YEGIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkKgW7JB8rHDFCB8PmAZiE3YAagMB8GA1UdIwQY
MBaAFB3edWqbbRQADD4VDVt9YJW3YT/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMt
NzM1YTBjYzFlNzg5LzEvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMtNzM1YTBjYzFlNzg5
LzEvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr/1n5zK3
B1ncGPgoqFOgv0pjePSnzOTxXy6Lb3fEjgln6W1DIegld9UKey2EN+BE1NEAFmp4
5Z0GRua/TKATIzayuiz+Ug2DG5E/85nmKBzVuivL4g1eVgnXNSO/AKvJTuPdgKH4
oMRJVExMIFEzRw/g/6v4N/4LKk8rzHZ4kKzzJJ4rpjgXrtYTNQcNmUpIvoz3ZHB5
xvPDCmGgKAYop0FTrUwJ1+ykh1qLEHbw4mnSAYESZlQPs+HE2ei+5W8kfV62WeG6
q02UvG3RTez2L2lPdQu9asYgeYi+UdxWskLXDDOinqYy8CCx5vVYutwyqZS6AsfW
FJZl8UvJBe9GCw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 11:11:50 2025 by rpki-client