Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.mft
File: hbfVzNrwMwl0l0V2QgCnJydkcwo.mft (raw, json)
Hash identifier: ptZsEjUNmqVJPjwFNFeTQTFlk7YJzfI76k6BAEebEcY=
Subject key identifier: 2B:F3:1A:FE:A2:51:41:16:50:A9:6B:AB:BA:E7:B8:9F:18:4B:87:C2
Authority key identifier: 85:B7:D5:CC:DA:F0:33:09:74:97:45:76:42:00:A7:27:27:64:73:0A
Certificate issuer: /CN=85b7d5ccdaf03309749745764200a7272764730a
Certificate serial: 019A7226660FB68A371542CB97809B916342
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbfVzNrwMwl0l0V2QgCnJydkcwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 09:01:50 +0000
Manifest this update: Tue 11 Nov 2025 09:01:50 +0000
Manifest next update: Wed 12 Nov 2025 09:01:50 +0000
Files and hashes: 1: bo9Zt5WveGJLmto-uiWetgZCX7Q.roa (hash: zzs00ivzGHR02cC1o3Qz5YlQGqmECC+fSU4iyTugi54=)
2: hbfVzNrwMwl0l0V2QgCnJydkcwo.crl (hash: ZhlrHP5hAA6jGWOxls4KoIn+vvAIDfZdQnrD++K/0qY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbfVzNrwMwl0l0V2QgCnJydkcwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:66:0f:b6:8a:37:15:42:cb:97:80:9b:91:63:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b7d5ccdaf03309749745764200a7272764730a
Validity
Not Before: Nov 11 09:01:50 2025 GMT
Not After : Nov 12 09:01:50 2025 GMT
Subject: CN=2bf31afea251411650a96babbae7b89f184b87c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:de:71:97:4a:39:5a:0d:6a:83:65:4d:24:61:
a8:34:a7:a2:dc:0a:57:1f:ff:33:c6:85:82:07:2d:
aa:09:8c:66:73:c8:f8:38:76:05:28:f3:e3:92:46:
d3:51:4e:01:1f:95:21:0f:be:64:4b:f2:bc:d0:07:
02:ae:8f:1d:a8:60:0f:0e:47:0f:61:4d:65:51:d2:
f4:df:be:89:86:89:0d:7b:4e:f1:4e:15:33:0f:0f:
d3:f3:50:31:3b:33:78:26:18:9e:64:66:cb:dd:f4:
4d:2a:17:12:d7:d0:ea:54:47:5a:b8:23:c4:f0:4d:
52:a7:16:08:c8:c0:04:2c:1f:1c:8d:aa:0d:52:0b:
e1:22:9a:3e:de:a8:b7:64:18:85:0c:52:3a:a5:ae:
56:7b:81:34:bd:8c:a7:0f:47:93:8c:34:bc:d3:56:
00:57:70:28:0e:05:33:ae:1d:85:f4:96:46:bb:93:
23:fe:b7:7c:e1:72:01:ab:24:79:59:da:28:36:43:
09:43:87:c4:12:da:4f:78:fd:74:67:57:3a:26:c5:
51:2c:23:c5:fc:73:7b:57:3e:8c:9b:54:bc:d3:ee:
05:38:98:3a:70:87:82:81:f7:74:33:8b:85:11:3b:
c5:9a:39:1a:20:16:f3:66:af:0c:d3:db:e7:31:13:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F3:1A:FE:A2:51:41:16:50:A9:6B:AB:BA:E7:B8:9F:18:4B:87:C2
X509v3 Authority Key Identifier:
keyid:85:B7:D5:CC:DA:F0:33:09:74:97:45:76:42:00:A7:27:27:64:73:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbfVzNrwMwl0l0V2QgCnJydkcwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1137d8-1d36-41bb-b7fa-409493694a52/1/hbfVzNrwMwl0l0V2QgCnJydkcwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:32:e9:a7:db:c9:d7:92:5b:36:53:c3:ee:16:fd:d1:92:ac:
f6:b9:8c:f7:a7:6f:57:ee:95:ee:11:8d:4d:8d:4d:2c:f9:cf:
a4:da:14:51:89:40:f3:3b:65:32:d6:be:15:fa:f1:24:0f:30:
b4:55:82:87:5e:10:94:dd:45:20:0c:99:cd:7e:f0:36:02:f0:
ae:44:30:94:5d:08:2f:45:06:94:ae:88:6f:e1:af:90:f7:5c:
59:0a:47:7c:41:dd:7e:74:f7:2c:5b:97:79:a0:b1:2a:8f:9d:
c8:8f:a3:64:c3:ce:26:93:1f:3c:cc:fd:41:89:d4:e8:4b:7c:
bd:06:e8:fb:28:f9:9a:52:ad:7a:08:4a:fe:00:24:44:69:c8:
40:d5:8d:0c:ef:50:64:2b:5e:79:e0:82:4b:17:b2:24:a3:7a:
d0:ce:26:f2:5a:af:8b:7b:4e:cc:b4:e9:bc:bc:ef:24:14:8b:
93:5f:79:09:3e:1b:80:a4:d5:e8:24:29:c4:aa:d6:a3:ae:8a:
9c:86:a3:6e:7b:14:89:80:86:1d:5e:47:12:2e:6e:17:c8:35:
bc:47:d1:0a:04:1c:10:b1:b5:94:68:52:f6:0c:8d:28:13:7d:
de:42:63:ac:f9:e0:9b:dd:c0:25:29:b0:4e:d9:91:4e:b9:55:
0f:b1:05:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmYPtoo3FULLl4CbkWNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjdkNWNjZGFmMDMzMDk3NDk3NDU3NjQyMDBhNzI3Mjc2
NDczMGEwHhcNMjUxMTExMDkwMTUwWhcNMjUxMTEyMDkwMTUwWjAzMTEwLwYDVQQD
EygyYmYzMWFmZWEyNTE0MTE2NTBhOTZiYWJiYWU3Yjg5ZjE4NGI4N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN5xl0o5Wg1qg2VNJGGoNKei3ApX
H/8zxoWCBy2qCYxmc8j4OHYFKPPjkkbTUU4BH5UhD75kS/K80AcCro8dqGAPDkcP
YU1lUdL0376JhokNe07xThUzDw/T81AxOzN4JhieZGbL3fRNKhcS19DqVEdauCPE
8E1SpxYIyMAELB8cjaoNUgvhIpo+3qi3ZBiFDFI6pa5We4E0vYynD0eTjDS801YA
V3AoDgUzrh2F9JZGu5Mj/rd84XIBqyR5WdooNkMJQ4fEEtpPeP10Z1c6JsVRLCPF
/HN7Vz6Mm1S80+4FOJg6cIeCgfd0M4uFETvFmjkaIBbzZq8M09vnMRM1vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvzGv6iUUEWUKlrq7rnuJ8YS4fCMB8GA1UdIwQY
MBaAFIW31cza8DMJdJdFdkIApycnZHMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJmVnpOcndNd2wwbDBWMlFnQ25KeWRrY3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTM3ZDgtMWQzNi00MWJiLWI3ZmEt
NDA5NDkzNjk0YTUyLzEvaGJmVnpOcndNd2wwbDBWMlFnQ25KeWRrY3dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTM3ZDgtMWQzNi00MWJiLWI3ZmEtNDA5NDkzNjk0YTUy
LzEvaGJmVnpOcndNd2wwbDBWMlFnQ25KeWRrY3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARTLpp9vJ
15JbNlPD7hb90ZKs9rmM96dvV+6V7hGNTY1NLPnPpNoUUYlA8ztlMta+FfrxJA8w
tFWCh14QlN1FIAyZzX7wNgLwrkQwlF0IL0UGlK6Ib+GvkPdcWQpHfEHdfnT3LFuX
eaCxKo+dyI+jZMPOJpMfPMz9QYnU6Et8vQbo+yj5mlKteghK/gAkRGnIQNWNDO9Q
ZCteeeCCSxeyJKN60M4m8lqvi3tOzLTpvLzvJBSLk195CT4bgKTV6CQpxKrWo66K
nIajbnsUiYCGHV5HEi5uF8g1vEfRCgQcELG1lGhS9gyNKBN93kJjrPngm93AJSmw
TtmRTrlVD7EFRw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:01 2025 by rpki-client