Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
File: hvKEMvItcjPdX3Xz07HMCHN4-0g.mft (raw, json)
Hash identifier: +wVluOkJQVpW1tNdeEZf6Pl+MZCpAUoeITnN8oEPI+c=
Subject key identifier: 1C:53:3D:04:00:50:C5:50:09:C2:F8:F2:B5:E4:24:66:47:8A:56:FC
Authority key identifier: 86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48
Certificate issuer: /CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
Certificate serial: 019A7180824BD6137F7141617717DC8C721C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
Manifest number: CB
Signing time: Tue 11 Nov 2025 06:00:38 +0000
Manifest this update: Tue 11 Nov 2025 06:00:38 +0000
Manifest next update: Wed 12 Nov 2025 06:00:38 +0000
Files and hashes: 1: hvKEMvItcjPdX3Xz07HMCHN4-0g.crl (hash: hHWAP6lC4gs626I/A82fn3L628ekbxq3JTwVHxmn2w0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:82:4b:d6:13:7f:71:41:61:77:17:dc:8c:72:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
Validity
Not Before: Nov 11 06:00:38 2025 GMT
Not After : Nov 12 06:00:38 2025 GMT
Subject: CN=1c533d040050c55009c2f8f2b5e42466478a56fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:29:cb:f8:42:ee:3a:3a:4c:59:f5:c7:ed:61:
38:72:e1:c1:d9:99:93:2d:ee:61:a3:d0:a7:d6:43:
31:cb:e0:bf:75:53:f7:e7:a9:c4:92:67:d7:96:9f:
03:32:19:c2:15:00:a1:ec:d7:cc:8b:3a:5c:96:91:
d5:f3:38:f5:f8:5c:63:1c:84:b5:99:ee:2f:60:e0:
bc:3e:e2:59:e5:4c:18:be:0b:ef:10:12:2f:23:05:
4c:f7:7a:f0:be:b5:97:13:84:8a:23:09:78:90:a3:
c1:79:71:ba:8a:4b:54:8e:86:04:0c:ea:12:04:90:
83:cb:24:5e:31:43:33:62:2e:b7:be:43:1f:2f:15:
66:16:4d:3b:06:9d:bb:fb:09:c1:f6:b0:56:b0:d4:
15:8b:85:c6:c2:eb:54:45:4c:17:97:8d:cd:45:78:
58:74:88:a1:7b:af:5c:09:b0:fb:ff:81:e5:b2:2e:
49:59:86:31:43:1f:08:02:71:c4:e5:51:3a:e3:18:
9f:f4:ec:2e:7c:25:ff:19:e4:8a:b8:3e:e1:d6:b2:
7f:73:ec:18:c8:53:b8:05:ae:51:0f:00:73:b2:18:
2d:28:9d:6e:b6:46:3f:0a:f5:1a:d0:1e:8b:ca:d9:
b3:d9:d8:48:38:3b:2f:4f:b5:29:fb:86:9d:95:8f:
9d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:53:3D:04:00:50:C5:50:09:C2:F8:F2:B5:E4:24:66:47:8A:56:FC
X509v3 Authority Key Identifier:
keyid:86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:47:b0:7c:10:a3:41:bd:fb:ff:12:f0:dd:87:67:20:81:d5:
7b:84:bb:fb:90:c2:12:18:72:8a:52:05:f6:35:a8:2a:6f:83:
98:d7:b8:56:58:9f:80:c0:72:1b:1a:58:b0:5d:1a:b8:74:8e:
ce:ed:a9:53:13:12:9b:01:bf:77:5f:74:84:d4:b3:a2:86:0a:
33:a0:83:d6:3a:a0:da:37:5c:8d:3d:8d:68:5c:29:73:4c:1e:
70:e2:d6:97:1f:1f:3d:0c:46:91:2a:a0:f3:d4:7c:53:59:97:
ad:ad:2e:b1:e0:86:e6:5f:8b:4d:0e:06:7a:b3:b7:0a:55:5f:
07:16:09:3d:18:bd:b7:d2:a8:74:18:0a:c0:3d:8c:f3:5c:36:
fe:cc:b5:0b:53:49:89:08:4c:f5:3a:1d:98:a6:da:74:4d:ba:
ff:68:1a:54:75:92:02:5d:b3:59:fb:8a:45:9a:e7:f7:68:03:
33:ba:a8:20:e5:4c:77:4f:f1:81:e2:c9:77:22:a2:82:f5:d4:
d9:39:e2:c5:a9:be:4e:d0:29:64:fc:19:74:5c:82:67:76:a0:
c5:68:e7:2c:53:33:e0:ab:39:18:79:32:40:1b:a4:88:a2:2e:
9b:e9:7e:4c:06:e5:0d:55:73:bc:7e:99:ab:ce:94:be:a0:0d:
66:23:bf:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgIJL1hN/cUFhdxfcjHIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjI4NDMyZjIyZDcyMzNkZDVmNzVmM2QzYjFjYzA4NzM3
OGZiNDgwHhcNMjUxMTExMDYwMDM4WhcNMjUxMTEyMDYwMDM4WjAzMTEwLwYDVQQD
EygxYzUzM2QwNDAwNTBjNTUwMDljMmY4ZjJiNWU0MjQ2NjQ3OGE1NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkinL+ELuOjpMWfXH7WE4cuHB2ZmT
Le5ho9Cn1kMxy+C/dVP356nEkmfXlp8DMhnCFQCh7NfMizpclpHV8zj1+FxjHIS1
me4vYOC8PuJZ5UwYvgvvEBIvIwVM93rwvrWXE4SKIwl4kKPBeXG6iktUjoYEDOoS
BJCDyyReMUMzYi63vkMfLxVmFk07Bp27+wnB9rBWsNQVi4XGwutURUwXl43NRXhY
dIihe69cCbD7/4Hlsi5JWYYxQx8IAnHE5VE64xif9OwufCX/GeSKuD7h1rJ/c+wY
yFO4Ba5RDwBzshgtKJ1utkY/CvUa0B6Lytmz2dhIODsvT7Up+4adlY+d6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxTPQQAUMVQCcL48rXkJGZHilb8MB8GA1UdIwQY
MBaAFIbyhDLyLXIz3V9189OxzAhzePtIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjct
ZmU1MWE0OGM2ODAxLzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjctZmU1MWE0OGM2ODAx
LzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUewfBCj
Qb37/xLw3YdnIIHVe4S7+5DCEhhyilIF9jWoKm+DmNe4VlifgMByGxpYsF0auHSO
zu2pUxMSmwG/d190hNSzooYKM6CD1jqg2jdcjT2NaFwpc0wecOLWlx8fPQxGkSqg
89R8U1mXra0useCG5l+LTQ4GerO3ClVfBxYJPRi9t9KodBgKwD2M81w2/sy1C1NJ
iQhM9TodmKbadE26/2gaVHWSAl2zWfuKRZrn92gDM7qoIOVMd0/xgeLJdyKigvXU
2Tnixam+TtApZPwZdFyCZ3agxWjnLFMz4Ks5GHkyQBukiKIum+l+TAblDVVzvH6Z
q86UvqANZiO/XQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:58 2025 by rpki-client