Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: YWFutApJrWWQWvRUOKFBFqaZVDUjPczNoQzdpW43aRo=
Subject key identifier: F3:17:8D:55:3E:8A:62:72:B4:1B:5D:CC:A5:78:B2:76:16:2B:29:AA
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 019A725CC72AD259DC95CA9BB6C36A9CE626
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 12EC
Signing time: Tue 11 Nov 2025 10:01:14 +0000
Manifest this update: Tue 11 Nov 2025 10:01:14 +0000
Manifest next update: Wed 12 Nov 2025 10:01:14 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: m+RSVxrHGwyNsNo/B31cbbIuy/9rmU/DFkra/RdBnt4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:c7:2a:d2:59:dc:95:ca:9b:b6:c3:6a:9c:e6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Nov 11 10:01:14 2025 GMT
Not After : Nov 12 10:01:14 2025 GMT
Subject: CN=f3178d553e8a6272b41b5dcca578b276162b29aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8f:11:5e:ea:65:7b:bd:fa:3b:d1:ae:84:ac:
d6:36:98:0f:49:0c:7b:c9:7a:f9:6f:3b:5e:23:53:
6a:2e:b1:ab:ad:e5:51:2b:56:7b:31:d2:bb:05:2a:
dd:e7:25:c6:b9:21:51:a6:e0:e9:cd:7e:2d:fc:c6:
18:8b:97:8b:2a:02:7b:13:2e:ec:0d:b4:88:9a:d0:
e7:23:c7:10:7c:bd:6e:5e:e4:b0:1b:f2:3d:22:84:
c2:1b:d9:9f:35:57:34:c1:9e:e2:dc:27:5d:b1:12:
48:41:e3:9c:64:a5:12:9f:6d:cd:78:c4:81:f6:a2:
68:82:91:87:47:74:c5:82:e0:22:a8:97:48:6c:96:
3b:49:ee:0e:47:ce:0b:09:a7:85:a7:ef:b4:1b:b2:
06:77:50:45:01:4a:5f:34:15:b4:57:c9:a7:22:91:
40:5e:8f:7a:15:7e:b6:5e:c1:91:b3:0e:42:7b:ef:
37:b8:aa:e2:3c:d3:57:fa:c0:5d:74:d2:f0:f9:54:
6d:1e:ab:06:99:28:2e:34:37:b9:e9:d1:b6:85:b4:
e5:01:de:37:43:67:77:d2:1f:cf:09:3c:ce:03:85:
17:b4:f3:00:c1:b8:75:0c:8a:09:ce:60:3e:9c:1b:
1f:70:2b:52:0c:aa:b8:b6:12:95:54:64:fa:da:fb:
18:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:17:8D:55:3E:8A:62:72:B4:1B:5D:CC:A5:78:B2:76:16:2B:29:AA
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:40:49:00:5c:90:29:45:11:73:af:d1:04:1e:61:e4:ba:bc:
df:fb:57:dc:83:20:e9:98:e0:fb:e2:df:6f:14:ea:17:06:68:
42:94:57:f0:c2:f1:f1:af:5a:7c:d6:b8:d6:2a:2c:55:df:13:
dd:2d:5e:54:64:b7:5f:8b:09:7c:44:57:69:8d:a5:55:6c:5d:
84:84:d9:66:c1:e6:32:ab:77:12:7c:61:78:9c:40:eb:03:9f:
4d:69:b2:2f:7b:9b:aa:59:0f:33:be:50:84:25:44:a0:34:1b:
bb:48:9e:60:bb:c7:a2:e1:d2:b1:c3:c9:46:07:68:45:12:0b:
72:4f:c6:18:d3:0a:50:af:ef:85:14:68:17:29:d6:9a:1f:51:
3e:84:a9:19:59:34:5f:82:ca:0a:64:08:78:bc:73:10:2d:55:
30:b1:51:6d:ee:bb:8f:e7:fe:18:52:1e:e7:67:42:ce:3d:8b:
4d:8a:a9:2c:e3:ed:58:5b:d2:00:13:47:2d:78:b8:70:67:3c:
b6:48:6a:57:d0:49:32:4b:d5:99:c1:c3:90:67:f2:b9:f0:80:
dc:d7:1e:91:61:c1:10:d1:4c:3d:15:19:91:42:c5:3b:57:d3:
33:50:4d:cd:7e:10:dd:fd:e9:3b:3e:14:77:da:9c:35:65:cc:
25:59:9d:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXMcq0lnclcqbtsNqnOYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUxMTExMTAwMTE0WhcNMjUxMTEyMTAwMTE0WjAzMTEwLwYDVQQD
EyhmMzE3OGQ1NTNlOGE2MjcyYjQxYjVkY2NhNTc4YjI3NjE2MmIyOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI8RXuple736O9GuhKzWNpgPSQx7
yXr5bzteI1NqLrGrreVRK1Z7MdK7BSrd5yXGuSFRpuDpzX4t/MYYi5eLKgJ7Ey7s
DbSImtDnI8cQfL1uXuSwG/I9IoTCG9mfNVc0wZ7i3CddsRJIQeOcZKUSn23NeMSB
9qJogpGHR3TFguAiqJdIbJY7Se4OR84LCaeFp++0G7IGd1BFAUpfNBW0V8mnIpFA
Xo96FX62XsGRsw5Ce+83uKriPNNX+sBddNLw+VRtHqsGmSguNDe56dG2hbTlAd43
Q2d30h/PCTzOA4UXtPMAwbh1DIoJzmA+nBsfcCtSDKq4thKVVGT62vsY3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMXjVU+imJytBtdzKV4snYWKymqMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0BJAFyQ
KUURc6/RBB5h5Lq83/tX3IMg6Zjg++LfbxTqFwZoQpRX8MLx8a9afNa41iosVd8T
3S1eVGS3X4sJfERXaY2lVWxdhITZZsHmMqt3EnxheJxA6wOfTWmyL3ubqlkPM75Q
hCVEoDQbu0ieYLvHouHSscPJRgdoRRILck/GGNMKUK/vhRRoFynWmh9RPoSpGVk0
X4LKCmQIeLxzEC1VMLFRbe67j+f+GFIe52dCzj2LTYqpLOPtWFvSABNHLXi4cGc8
tkhqV9BJMkvVmcHDkGfyufCA3NcekWHBENFMPRUZkULFO1fTM1BNzX4Q3f3pOz4U
d9qcNWXMJVmdQA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:45 2025 by rpki-client