Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File: HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier: uXShezdj9hEav9MA8vOfFK2+c/caALJ+sdl4xUDb+oQ=
Subject key identifier: 87:73:CA:7E:81:0D:35:79:31:B4:5B:0D:39:BA:12:E2:57:38:56:C5
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer: /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial: 019A71EECED235A3AE7648F43B53E5EB1952
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number: 0695
Signing time: Tue 11 Nov 2025 08:01:07 +0000
Manifest this update: Tue 11 Nov 2025 08:01:07 +0000
Manifest next update: Wed 12 Nov 2025 08:01:07 +0000
Files and hashes: 1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: KHzRRRJwk2Dl+3w+PYBv69XE2nQY8MxlAoAKLOzxgyM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ce:d2:35:a3:ae:76:48:f4:3b:53:e5:eb:19:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
Validity
Not Before: Nov 11 08:01:07 2025 GMT
Not After : Nov 12 08:01:07 2025 GMT
Subject: CN=8773ca7e810d357931b45b0d39ba12e2573856c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:ae:9a:18:dd:e5:7b:6f:65:93:58:24:46:
c0:8b:b4:87:c2:0e:25:2b:56:2a:1f:b6:20:64:1e:
86:be:ee:0f:85:be:5b:ca:17:7d:52:e5:df:c3:f7:
88:6e:ee:44:6c:ea:3a:01:73:13:54:44:0f:3b:99:
aa:3e:43:78:86:f9:6d:47:5c:4d:9b:f4:57:86:7f:
7e:ec:07:77:f4:12:4d:5d:e7:27:23:19:64:82:6a:
5e:3b:e5:2d:2c:e8:f3:3f:b3:e1:f3:33:05:2b:ad:
a6:29:85:2e:20:5c:f2:e6:36:e6:a5:6e:39:71:16:
81:ce:d2:26:b4:06:a8:7f:e5:4a:b8:32:5b:bb:ef:
57:95:d4:b2:1f:7c:01:46:0b:ca:5d:0a:d1:f7:d4:
64:5a:c8:6d:b8:10:0e:cd:f2:a2:4e:f4:0e:a7:67:
40:5b:04:fa:6f:05:42:78:60:e2:12:e5:0f:da:5f:
4f:cd:f1:47:4c:08:2b:37:d4:70:48:b9:77:79:41:
c0:89:ea:45:3f:c4:df:c4:5c:b1:bc:62:59:1b:23:
3c:4e:47:a4:c0:53:57:43:5a:cd:69:19:92:08:a6:
f8:f7:63:20:8d:a3:7a:7e:18:54:5a:81:db:8c:34:
f2:a4:64:47:71:6a:43:e6:f1:5d:c2:7b:83:0c:0e:
50:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:73:CA:7E:81:0D:35:79:31:B4:5B:0D:39:BA:12:E2:57:38:56:C5
X509v3 Authority Key Identifier:
keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:36:21:de:da:da:a1:8e:63:97:53:64:ba:b4:00:12:3c:e1:
dc:b2:d2:69:b2:f0:bf:ba:cc:f0:b0:44:a5:26:2a:ed:9e:af:
45:2b:7f:ea:4f:f4:67:ab:d2:2a:36:ea:61:ef:db:42:c9:84:
ad:5c:e0:ef:f4:5e:61:42:e9:28:bf:ab:df:92:37:dc:91:95:
41:a1:3c:96:f1:fe:6b:23:8a:46:a2:e3:73:12:b4:e6:12:b8:
0c:6c:7a:77:36:a9:d8:20:c6:f2:32:e2:b2:45:89:35:42:07:
5e:ee:c9:8f:0a:e2:69:bd:eb:0d:dc:eb:fe:6f:5f:ae:49:2c:
c8:f4:a1:14:02:5a:37:a2:d3:64:fa:f4:c0:f5:ea:3a:2e:24:
65:03:83:81:13:fb:f2:80:18:3e:ad:c0:3e:80:25:73:c6:f6:
f2:09:a7:b7:ae:86:8a:5e:2a:21:65:bb:78:21:0e:9c:f3:d4:
44:df:fe:7b:da:23:78:9b:76:50:b5:2d:d8:01:b4:59:7f:f0:
1f:e2:9e:b2:b2:80:e0:cc:7d:11:83:d2:83:67:12:dc:5e:d4:
7f:ae:6e:7c:4f:de:71:8b:32:d9:84:14:7d:f9:74:8b:7f:93:
3b:4f:21:b3:21:8e:38:c8:8c:1f:9d:24:80:2e:bf:bd:f9:49:
32:f6:2d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7s7SNaOudkj0O1Pl6xlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUxMTExMDgwMTA3WhcNMjUxMTEyMDgwMTA3WjAzMTEwLwYDVQQD
Eyg4NzczY2E3ZTgxMGQzNTc5MzFiNDViMGQzOWJhMTJlMjU3Mzg1NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuqumhjd5XtvZZNYJEbAi7SHwg4l
K1YqH7YgZB6Gvu4Phb5byhd9UuXfw/eIbu5EbOo6AXMTVEQPO5mqPkN4hvltR1xN
m/RXhn9+7Ad39BJNXecnIxlkgmpeO+UtLOjzP7Ph8zMFK62mKYUuIFzy5jbmpW45
cRaBztImtAaof+VKuDJbu+9XldSyH3wBRgvKXQrR99RkWshtuBAOzfKiTvQOp2dA
WwT6bwVCeGDiEuUP2l9PzfFHTAgrN9RwSLl3eUHAiepFP8TfxFyxvGJZGyM8Tkek
wFNXQ1rNaRmSCKb492MgjaN6fhhUWoHbjDTypGRHcWpD5vFdwnuDDA5QvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdzyn6BDTV5MbRbDTm6EuJXOFbFMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzYh3tra
oY5jl1NkurQAEjzh3LLSabLwv7rM8LBEpSYq7Z6vRSt/6k/0Z6vSKjbqYe/bQsmE
rVzg7/ReYULpKL+r35I33JGVQaE8lvH+ayOKRqLjcxK05hK4DGx6dzap2CDG8jLi
skWJNUIHXu7Jjwriab3rDdzr/m9frkksyPShFAJaN6LTZPr0wPXqOi4kZQODgRP7
8oAYPq3APoAlc8b28gmnt66Gil4qIWW7eCEOnPPURN/+e9ojeJt2ULUt2AG0WX/w
H+KesrKA4Mx9EYPSg2cS3F7Uf65ufE/ecYsy2YQUffl0i3+TO08hsyGOOMiMH50k
gC6/vflJMvYtpQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:04 2025 by rpki-client