Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: vFP5rD3qG8ugdPwkAoEfHih5saARslKVRIG/jEx3YLw=
Subject key identifier: 25:C6:47:38:78:CA:28:8B:78:28:99:95:94:8A:10:F3:17:D6:5D:54
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 01992255783BF77C7D8423AB24C3CE3E534D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 123E
Signing time: Sun 07 Sep 2025 04:00:50 +0000
Manifest this update: Sun 07 Sep 2025 04:00:50 +0000
Manifest next update: Mon 08 Sep 2025 04:00:50 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: n5a3E6fjt768a6abtN3QseIlfiJmOWchTOJOB0UzgK0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:78:3b:f7:7c:7d:84:23:ab:24:c3:ce:3e:53:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Sep 7 04:00:50 2025 GMT
Not After : Sep 8 04:00:50 2025 GMT
Subject: CN=25c6473878ca288b78289995948a10f317d65d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:c7:48:8c:79:46:b6:31:ef:4e:c4:25:29:
73:77:a3:8b:a1:df:2c:62:22:12:a4:3c:3a:c1:18:
17:40:0a:8b:88:af:40:75:e3:9c:7b:46:25:86:25:
47:9d:ed:7b:99:e1:4e:fe:38:14:05:64:65:ab:ae:
50:18:85:e1:ab:9c:c0:25:89:6c:ad:3c:8d:9b:40:
3e:ef:77:35:48:2b:61:3f:e8:3f:cb:ea:72:98:51:
dd:e6:7d:1e:b1:b7:ec:8b:e5:93:08:f9:4e:07:72:
1e:56:2c:0c:62:83:91:2f:f0:f8:0a:fa:cf:61:25:
48:9a:ca:7a:90:23:98:0b:94:ae:9a:97:62:0d:ef:
b3:0b:69:52:62:14:57:57:c8:93:dc:6a:b9:ba:1e:
f2:a4:81:f1:77:dd:5e:d7:c1:2b:a7:16:32:d5:dc:
df:77:35:46:39:c1:8b:ac:f6:79:55:05:1c:d7:60:
93:2b:c0:37:f0:00:22:f6:b5:15:cb:0d:59:22:da:
25:4b:3f:a9:fa:dd:51:be:77:ed:be:6c:91:2e:a6:
4e:61:84:4f:63:c5:b2:ab:5b:69:df:d2:bb:6a:54:
1e:8f:bf:6f:e9:c1:94:03:d9:b4:c4:9f:e0:17:64:
48:15:d8:e6:85:5b:00:20:3d:33:df:10:91:f2:d8:
d3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C6:47:38:78:CA:28:8B:78:28:99:95:94:8A:10:F3:17:D6:5D:54
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:de:ef:6d:4a:2f:b8:8a:5e:e2:41:f7:87:85:6c:03:63:fe:
31:06:5e:7f:b6:dd:31:63:8a:75:65:75:2f:7d:be:71:f5:97:
95:3b:9f:48:a7:7e:2c:2b:38:69:0f:39:d6:20:6b:58:d7:f6:
ad:51:95:c8:14:e9:5c:a6:2e:f1:8f:1a:76:62:25:92:e9:11:
e6:b6:14:83:9e:47:bb:6c:48:f6:e6:f8:0d:e9:55:f2:20:29:
3e:41:dd:9c:d2:a5:23:97:f5:5a:64:0e:97:9d:6a:98:3c:02:
9d:7c:e6:4f:0b:68:60:f9:de:46:87:cf:a0:2d:ea:9a:44:d8:
44:9a:8c:16:63:9a:ad:33:c7:6e:56:a0:e4:4d:d1:bb:30:da:
82:55:54:64:d4:87:2f:5c:b5:58:4b:8d:6d:10:de:35:75:2b:
2c:c4:c3:89:4e:e9:b2:2f:8e:ee:05:c7:69:77:4e:c6:7e:1c:
d2:f2:ee:3c:ab:80:3d:54:b2:76:7d:1e:a9:cd:52:19:1b:d6:
0c:12:b7:b8:7c:81:b8:f0:f3:b3:38:ea:a0:c7:1b:a9:14:00:
8d:34:2d:c2:4f:6b:b7:fa:b4:a9:fa:69:e8:d7:53:2d:eb:0b:
22:47:5d:c8:63:f3:d5:9d:15:ea:5d:fc:e7:07:42:d6:19:0e:
89:5c:14:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVXg793x9hCOrJMPOPlNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUwOTA3MDQwMDUwWhcNMjUwOTA4MDQwMDUwWjAzMTEwLwYDVQQD
EygyNWM2NDczODc4Y2EyODhiNzgyODk5OTU5NDhhMTBmMzE3ZDY1ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTbHSIx5RrYx707EJSlzd6OLod8s
YiISpDw6wRgXQAqLiK9AdeOce0YlhiVHne17meFO/jgUBWRlq65QGIXhq5zAJYls
rTyNm0A+73c1SCthP+g/y+pymFHd5n0esbfsi+WTCPlOB3IeViwMYoORL/D4CvrP
YSVImsp6kCOYC5SumpdiDe+zC2lSYhRXV8iT3Gq5uh7ypIHxd91e18ErpxYy1dzf
dzVGOcGLrPZ5VQUc12CTK8A38AAi9rUVyw1ZItolSz+p+t1RvnftvmyRLqZOYYRP
Y8Wyq1tp39K7alQej79v6cGUA9m0xJ/gF2RIFdjmhVsAID0z3xCR8tjTXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXGRzh4yiiLeCiZlZSKEPMX1l1UMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYN7vbUov
uIpe4kH3h4VsA2P+MQZef7bdMWOKdWV1L32+cfWXlTufSKd+LCs4aQ851iBrWNf2
rVGVyBTpXKYu8Y8admIlkukR5rYUg55Hu2xI9ub4DelV8iApPkHdnNKlI5f1WmQO
l51qmDwCnXzmTwtoYPneRofPoC3qmkTYRJqMFmOarTPHblag5E3RuzDaglVUZNSH
L1y1WEuNbRDeNXUrLMTDiU7psi+O7gXHaXdOxn4c0vLuPKuAPVSydn0eqc1SGRvW
DBK3uHyBuPDzszjqoMcbqRQAjTQtwk9rt/q0qfpp6NdTLesLIkddyGPz1Z0V6l38
5wdC1hkOiVwUyg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 09:57:03 2025 by rpki-client