Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
File: HQHtI2TsgiZcaIaf5yvnVzGaMes.mft (raw, json)
Hash identifier: UU3AFaBrGPJgMuweoUr2zhfeoZbUupJ5BtqjaX0JVdA=
Subject key identifier: 6F:C1:BA:15:AF:CE:20:0D:F8:5F:91:24:9F:4A:36:13:51:25:1E:D6
Authority key identifier: 1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB
Certificate issuer: /CN=1d01ed2364ec82265c68869fe72be757319a31eb
Certificate serial: 019A714A02B867CE00E90462B0377F879318
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
Manifest number: 1540
Signing time: Tue 11 Nov 2025 05:01:07 +0000
Manifest this update: Tue 11 Nov 2025 05:01:07 +0000
Manifest next update: Wed 12 Nov 2025 05:01:07 +0000
Files and hashes: 1: HQHtI2TsgiZcaIaf5yvnVzGaMes.crl (hash: qvf0ImQkwKZWqeSq8kpRTnfX7LV0XQwrHpUQD1cX6+U=)
2: VrKnPWUHZqDvzs6ur0GOjZl2i2E.roa (hash: mb8FZcI3peRcYmZtZcg+Q1vM47sFhZh3vrE8fwC75+A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:02:b8:67:ce:00:e9:04:62:b0:37:7f:87:93:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01ed2364ec82265c68869fe72be757319a31eb
Validity
Not Before: Nov 11 05:01:07 2025 GMT
Not After : Nov 12 05:01:07 2025 GMT
Subject: CN=6fc1ba15afce200df85f91249f4a361351251ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:f3:0d:a8:5e:f0:13:50:c9:7b:f6:0e:47:
58:69:cf:9d:78:21:25:6e:39:17:ce:a3:0f:35:fe:
af:f6:f3:11:8a:09:60:07:f0:fc:fe:00:ca:dc:2e:
02:99:19:9a:92:ce:c9:6a:05:e8:27:de:d2:a5:38:
05:0b:ab:79:f2:df:ec:bf:d0:a4:e6:ad:80:9e:cf:
8f:24:39:80:13:9a:dc:e5:40:d4:72:51:6e:d8:00:
2f:53:07:09:dc:e7:48:26:da:06:96:31:e7:82:7d:
d8:cb:d3:8e:91:89:06:9c:02:16:69:d0:7e:59:a0:
6b:43:38:c3:11:5e:aa:fc:7a:74:22:0d:2c:a7:25:
6b:e4:af:98:a1:62:66:c1:b2:52:a3:23:71:c0:4d:
d3:bc:86:89:be:32:29:2a:67:c0:85:87:84:68:c0:
2f:28:ae:81:d1:11:53:49:00:3f:ca:5d:66:c3:28:
19:58:08:1b:99:a1:59:2d:2a:4f:19:74:0f:2e:e8:
dc:67:a0:3c:be:5a:56:f0:0c:97:f1:e7:34:81:9f:
b3:ca:e4:85:99:f0:b4:88:ab:be:a5:26:a7:8c:92:
06:c0:3e:e0:75:c2:a1:6d:f7:2a:29:9a:f6:ce:62:
d3:96:a4:4a:f7:d1:73:93:26:15:7d:7e:41:5b:a6:
17:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C1:BA:15:AF:CE:20:0D:F8:5F:91:24:9F:4A:36:13:51:25:1E:D6
X509v3 Authority Key Identifier:
keyid:1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:a6:cf:5a:98:98:e8:f8:73:40:01:63:0b:3b:b7:58:57:47:
ad:24:6a:7c:d3:03:6d:f9:3f:a4:4f:bb:db:c0:ac:e1:b3:42:
4c:e5:ed:0e:24:c7:1f:9e:53:9a:ae:cd:08:6b:97:e4:d3:f0:
e3:a3:bb:aa:20:32:08:3b:8c:88:6b:6f:8a:81:08:b2:e4:f1:
6d:56:b5:9c:b4:44:fe:16:92:90:25:cb:2d:f7:59:60:45:c1:
d0:fb:be:7f:56:61:43:c2:df:c0:61:04:79:fb:06:94:a3:ed:
93:c3:a1:42:de:40:75:4c:86:a3:a0:0c:f3:6d:4f:57:57:e5:
70:e4:81:b5:a1:2c:42:a3:48:c2:8e:c3:4a:8d:90:b4:3d:1e:
84:f9:2b:6e:c4:21:d9:ad:c2:20:26:b2:1d:df:35:54:02:b6:
d2:4c:01:27:60:67:7c:67:fd:c0:0c:60:72:8a:e4:0f:43:65:
d0:e2:f7:43:c6:59:98:45:19:36:d3:c0:68:5b:5e:84:39:36:
68:66:ea:fc:33:97:9a:54:33:49:46:1e:a1:9e:90:e8:d0:83:
5e:28:51:26:b0:18:bb:9f:39:9c:92:fe:b5:7c:ad:8c:57:d7:
d3:5d:1d:bb:65:b0:ed:09:be:34:2a:09:4d:de:71:98:36:45:
9b:eb:fc:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSgK4Z84A6QRisDd/h5MYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFlZDIzNjRlYzgyMjY1YzY4ODY5ZmU3MmJlNzU3MzE5
YTMxZWIwHhcNMjUxMTExMDUwMTA3WhcNMjUxMTEyMDUwMTA3WjAzMTEwLwYDVQQD
Eyg2ZmMxYmExNWFmY2UyMDBkZjg1ZjkxMjQ5ZjRhMzYxMzUxMjUxZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut7zDahe8BNQyXv2DkdYac+deCEl
bjkXzqMPNf6v9vMRiglgB/D8/gDK3C4CmRmaks7JagXoJ97SpTgFC6t58t/sv9Ck
5q2Ans+PJDmAE5rc5UDUclFu2AAvUwcJ3OdIJtoGljHngn3Yy9OOkYkGnAIWadB+
WaBrQzjDEV6q/Hp0Ig0spyVr5K+YoWJmwbJSoyNxwE3TvIaJvjIpKmfAhYeEaMAv
KK6B0RFTSQA/yl1mwygZWAgbmaFZLSpPGXQPLujcZ6A8vlpW8AyX8ec0gZ+zyuSF
mfC0iKu+pSanjJIGwD7gdcKhbfcqKZr2zmLTlqRK99FzkyYVfX5BW6YXlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/BuhWvziAN+F+RJJ9KNhNRJR7WMB8GA1UdIwQY
MBaAFB0B7SNk7IImXGiGn+cr51cxmjHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDct
YjQzY2FlNmUyMzE5LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDctYjQzY2FlNmUyMzE5
LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz6bPWpiY
6PhzQAFjCzu3WFdHrSRqfNMDbfk/pE+728Cs4bNCTOXtDiTHH55Tmq7NCGuX5NPw
46O7qiAyCDuMiGtvioEIsuTxbVa1nLRE/haSkCXLLfdZYEXB0Pu+f1ZhQ8LfwGEE
efsGlKPtk8OhQt5AdUyGo6AM821PV1flcOSBtaEsQqNIwo7DSo2QtD0ehPkrbsQh
2a3CICayHd81VAK20kwBJ2BnfGf9wAxgcorkD0Nl0OL3Q8ZZmEUZNtPAaFtehDk2
aGbq/DOXmlQzSUYeoZ6Q6NCDXihRJrAYu585nJL+tXytjFfX010du2Ww7Qm+NCoJ
Td5xmDZFm+v8Cg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:59 2025 by rpki-client