Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.mft
File: hsYsaWLqMwKbSAJgmJ4YUcMlIXE.mft (raw, json)
Hash identifier: kaIRxfk0/aHFPt4OFKvSJEx+QZCogwo6TTvvv7CMA0s=
Subject key identifier: DF:EF:55:BC:A9:AE:2E:DB:14:42:AD:CB:07:CA:DE:A6:8C:B0:83:9C
Authority key identifier: 86:C6:2C:69:62:EA:33:02:9B:48:02:60:98:9E:18:51:C3:25:21:71
Certificate issuer: /CN=86c62c6962ea33029b480260989e1851c3252171
Certificate serial: 019A71EEAF304FC56318C30C53350681B09B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.mft
Manifest number: 02AF
Signing time: Tue 11 Nov 2025 08:00:59 +0000
Manifest this update: Tue 11 Nov 2025 08:00:59 +0000
Manifest next update: Wed 12 Nov 2025 08:00:59 +0000
Files and hashes: 1: hsYsaWLqMwKbSAJgmJ4YUcMlIXE.crl (hash: fXd/dlTF11D1+pt/VbMgCpzdx8v+FEyH1K/rTdY0QwE=)
2: is7DkK81PMh7JZG7-MMXvu0KAJc.roa (hash: 5AryV0mRq30AxQOgSKEEzO83i7o3Dx9gPE05wVnrsnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:af:30:4f:c5:63:18:c3:0c:53:35:06:81:b0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86c62c6962ea33029b480260989e1851c3252171
Validity
Not Before: Nov 11 08:00:59 2025 GMT
Not After : Nov 12 08:00:59 2025 GMT
Subject: CN=dfef55bca9ae2edb1442adcb07cadea68cb0839c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:87:af:d1:b2:42:9d:70:b8:c9:8b:d9:50:
4c:7a:2e:85:cb:75:82:09:63:3f:93:bd:2d:61:78:
ac:1c:04:a9:1f:cd:e1:3d:da:9b:b3:22:1e:ce:85:
39:3e:e1:7d:21:86:b9:4c:bf:fb:1b:75:d8:86:11:
20:84:6a:42:af:69:8b:b8:e3:34:cd:e3:e2:02:67:
7b:97:71:ee:26:51:36:21:23:37:2e:4c:14:96:8b:
3d:45:35:2f:3d:1e:51:3f:09:52:4e:bf:e6:2f:99:
01:aa:63:2d:2f:b6:45:f5:13:58:ed:95:d1:ee:79:
3a:7d:2c:26:6b:71:38:2a:4e:88:df:3c:a5:74:11:
e4:79:cc:d9:6e:8e:be:27:ee:36:6e:47:69:59:4d:
91:8c:93:fd:47:f2:f1:5e:d9:4d:a5:23:56:e8:0a:
44:9f:e8:31:06:78:4f:16:69:1a:5b:55:67:a2:3a:
eb:f3:51:20:8b:f0:b5:0e:69:c9:cd:69:6d:23:0e:
23:75:c1:1b:82:8b:95:ef:52:aa:af:01:25:f4:4a:
f8:14:b1:44:ca:fe:2f:7e:ae:3e:98:de:48:45:f5:
83:8c:6f:0b:44:0b:d9:a9:99:38:74:e2:74:ed:2f:
37:64:5c:e7:f0:ef:dc:74:c5:8f:02:71:ff:5e:df:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EF:55:BC:A9:AE:2E:DB:14:42:AD:CB:07:CA:DE:A6:8C:B0:83:9C
X509v3 Authority Key Identifier:
keyid:86:C6:2C:69:62:EA:33:02:9B:48:02:60:98:9E:18:51:C3:25:21:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/375f04-3eb2-4d9b-90fd-249bb461ba5b/1/hsYsaWLqMwKbSAJgmJ4YUcMlIXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:69:43:ea:bd:de:03:2c:89:ea:fb:d0:bb:3e:cb:5a:66:a7:
21:77:67:17:2b:d5:f8:83:3f:b0:c7:3d:70:dc:79:36:8b:76:
21:28:ed:eb:1a:51:78:a2:70:6c:9d:9f:c7:71:e8:e9:b0:5d:
b9:85:8c:72:48:4a:90:cb:c6:93:c5:fb:ae:03:4c:2b:5f:05:
4d:e0:a5:9b:07:9f:08:ad:aa:44:30:90:d7:a6:fe:6f:c3:f6:
ec:2a:1b:4f:18:76:13:a5:71:73:f9:c1:e6:18:cd:48:9c:0e:
3e:66:28:97:f8:1f:92:d5:f4:35:c9:2d:86:c4:d7:ba:94:01:
3c:9f:94:39:5e:25:8d:52:dd:09:f4:77:2f:fb:24:33:87:ba:
46:3c:1c:5e:9d:db:81:c9:a8:c8:6a:2b:2a:74:59:4b:0e:92:
9b:e8:a1:7e:da:fc:26:cf:d0:f9:75:25:69:13:9b:38:eb:73:
14:f8:ba:08:f2:a5:74:f4:f2:f3:ab:47:4a:9e:db:cc:cf:84:
a0:7f:72:d9:b3:e9:5f:f1:e9:34:72:7a:58:bc:e6:60:57:62:
76:30:90:1c:16:e3:d5:53:e4:79:a8:d2:0b:83:1e:de:f9:1f:
9a:d6:ea:f6:59:61:60:21:e4:ab:96:3d:aa:7c:7a:f2:c4:35:
72:95:53:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q8wT8VjGMMMUzUGgbCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YzYyYzY5NjJlYTMzMDI5YjQ4MDI2MDk4OWUxODUxYzMy
NTIxNzEwHhcNMjUxMTExMDgwMDU5WhcNMjUxMTEyMDgwMDU5WjAzMTEwLwYDVQQD
EyhkZmVmNTViY2E5YWUyZWRiMTQ0MmFkY2IwN2NhZGVhNjhjYjA4MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM+Hr9GyQp1wuMmL2VBMei6Fy3WC
CWM/k70tYXisHASpH83hPdqbsyIezoU5PuF9IYa5TL/7G3XYhhEghGpCr2mLuOM0
zePiAmd7l3HuJlE2ISM3LkwUlos9RTUvPR5RPwlSTr/mL5kBqmMtL7ZF9RNY7ZXR
7nk6fSwma3E4Kk6I3zyldBHkeczZbo6+J+42bkdpWU2RjJP9R/LxXtlNpSNW6ApE
n+gxBnhPFmkaW1Vnojrr81Egi/C1DmnJzWltIw4jdcEbgouV71KqrwEl9Er4FLFE
yv4vfq4+mN5IRfWDjG8LRAvZqZk4dOJ07S83ZFzn8O/cdMWPAnH/Xt/WnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/vVbypri7bFEKtywfK3qaMsIOcMB8GA1UdIwQY
MBaAFIbGLGli6jMCm0gCYJieGFHDJSFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHNZc2FXTHFNd0tiU0FKZ21KNFlVY01sSVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zNzVmMDQtM2ViMi00ZDliLTkwZmQt
MjQ5YmI0NjFiYTViLzEvaHNZc2FXTHFNd0tiU0FKZ21KNFlVY01sSVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zNzVmMDQtM2ViMi00ZDliLTkwZmQtMjQ5YmI0NjFiYTVi
LzEvaHNZc2FXTHFNd0tiU0FKZ21KNFlVY01sSVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGlD6r3e
AyyJ6vvQuz7LWmanIXdnFyvV+IM/sMc9cNx5Not2ISjt6xpReKJwbJ2fx3Ho6bBd
uYWMckhKkMvGk8X7rgNMK18FTeClmwefCK2qRDCQ16b+b8P27CobTxh2E6Vxc/nB
5hjNSJwOPmYol/gfktX0NckthsTXupQBPJ+UOV4ljVLdCfR3L/skM4e6RjwcXp3b
gcmoyGorKnRZSw6Sm+ihftr8Js/Q+XUlaRObOOtzFPi6CPKldPTy86tHSp7bzM+E
oH9y2bPpX/HpNHJ6WLzmYFdidjCQHBbj1VPkeajSC4Me3vkfmtbq9llhYCHkq5Y9
qnx68sQ1cpVT+w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:27 2025 by rpki-client