Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
File: hugNGBwlPRTaHgupwdVmb1Ym1YE.mft (raw, json)
Hash identifier: sr1TyrwLtdb663Kdc3rQ1/TaN2hzQrb5o81LX7//4ok=
Subject key identifier: 11:C5:EC:44:1B:E3:90:03:D4:32:B5:D4:86:64:7D:0B:55:9E:93:8D
Authority key identifier: 86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81
Certificate issuer: /CN=86e80d181c253d14da1e0ba9c1d5666f5626d581
Certificate serial: 019A5375B5A3885139E80C95DAEA6B242DCC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
Manifest number: 0134
Signing time: Wed 05 Nov 2025 10:00:14 +0000
Manifest this update: Wed 05 Nov 2025 10:00:14 +0000
Manifest next update: Thu 06 Nov 2025 10:00:14 +0000
Files and hashes: 1: GduTVoXL90rcY5IbBMohmd6Di4U.roa (hash: FpxhDiPtRQpdrB9mwbp5ACWnV465MFksntDsy9t3DCM=)
2: hugNGBwlPRTaHgupwdVmb1Ym1YE.crl (hash: vyIzkCWKJM+xXW0XJI0bx9o+g7KynQqe8wp5aUxIT7o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:75:b5:a3:88:51:39:e8:0c:95:da:ea:6b:24:2d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e80d181c253d14da1e0ba9c1d5666f5626d581
Validity
Not Before: Nov 5 10:00:14 2025 GMT
Not After : Nov 6 10:00:14 2025 GMT
Subject: CN=11c5ec441be39003d432b5d486647d0b559e938d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:6f:c3:a2:21:52:d1:38:01:91:34:d2:fa:
d1:2a:30:33:0b:33:85:a2:ec:38:b1:97:01:09:06:
91:84:63:16:07:47:3c:e0:96:2a:07:4a:dd:ed:b6:
4d:90:a5:17:38:32:f5:50:68:df:91:eb:6d:3a:09:
d7:a5:21:1d:9c:ed:91:28:8f:96:e5:ce:6c:0a:e6:
62:9c:4a:66:00:c6:c5:55:4c:83:8a:43:dd:d3:5d:
b7:8c:c7:3b:e7:58:56:b5:1c:4a:49:a5:75:ed:b8:
d4:f2:f1:77:02:ac:e1:fc:9d:1b:29:e3:0d:8c:26:
6e:dd:b2:8d:9b:ed:cc:3e:19:d5:e6:7c:a9:2e:e7:
4b:73:de:89:4c:ce:f9:e2:49:b6:58:16:29:f3:49:
14:92:1b:e1:9c:e4:6a:7b:c2:3e:82:38:87:f4:63:
cf:0c:30:92:c5:72:aa:fc:af:89:f4:15:d5:71:f1:
6a:28:d3:b1:81:bd:d7:8f:da:7e:c6:8d:cc:ca:3a:
1a:68:16:dc:cf:1f:2f:d0:8e:39:f7:f0:09:72:82:
db:c9:15:9b:4f:f2:30:e0:e2:98:ff:f6:9e:04:8c:
31:cb:a5:97:47:df:a1:87:03:73:fc:fa:ce:77:31:
47:c9:11:cf:3b:4d:81:a8:52:e7:60:f5:82:f8:c0:
86:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C5:EC:44:1B:E3:90:03:D4:32:B5:D4:86:64:7D:0B:55:9E:93:8D
X509v3 Authority Key Identifier:
keyid:86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:99:77:f6:02:b4:09:19:3d:db:d0:14:59:ba:99:91:da:a3:
2f:64:af:3a:35:e4:64:23:02:c8:47:f7:51:f5:66:9c:e4:b0:
d0:39:cb:65:05:04:ee:91:4b:f5:5e:da:dc:94:88:9a:18:16:
e5:1b:01:76:1d:87:29:6e:78:ea:58:e4:8d:5f:81:73:5a:48:
73:0e:26:35:9c:97:b8:9a:09:62:6d:96:a3:21:08:13:27:d0:
e6:70:df:5a:ee:a9:18:ed:46:33:55:2f:1f:07:f3:51:6b:86:
02:5c:e8:b2:44:35:e4:82:4f:3f:78:94:38:52:55:d0:8e:42:
44:ab:79:2a:73:06:6a:da:fe:45:af:40:c5:87:69:8b:33:ba:
df:f9:4c:59:81:cf:17:da:bf:30:cd:6e:3a:eb:14:0a:a1:34:
4c:c1:04:43:69:70:f8:a5:8e:29:48:9d:87:43:06:f4:da:af:
cf:06:1a:42:6c:06:9d:8b:d0:27:c1:db:14:63:90:09:41:3a:
92:d8:a1:f2:8c:c7:98:dd:8e:73:d9:b8:37:78:ae:a1:c7:c3:
f7:04:37:8f:ec:67:c7:10:1d:0f:b6:03:80:c7:c1:1a:25:5c:
76:18:60:5a:a7:65:72:8c:de:25:41:62:e0:80:6b:ed:f5:c9:
ba:2c:36:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdbWjiFE56AyV2uprJC3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTgwZDE4MWMyNTNkMTRkYTFlMGJhOWMxZDU2NjZmNTYy
NmQ1ODEwHhcNMjUxMTA1MTAwMDE0WhcNMjUxMTA2MTAwMDE0WjAzMTEwLwYDVQQD
EygxMWM1ZWM0NDFiZTM5MDAzZDQzMmI1ZDQ4NjY0N2QwYjU1OWU5MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBBvw6IhUtE4AZE00vrRKjAzCzOF
ouw4sZcBCQaRhGMWB0c84JYqB0rd7bZNkKUXODL1UGjfkettOgnXpSEdnO2RKI+W
5c5sCuZinEpmAMbFVUyDikPd0123jMc751hWtRxKSaV17bjU8vF3Aqzh/J0bKeMN
jCZu3bKNm+3MPhnV5nypLudLc96JTM754km2WBYp80kUkhvhnORqe8I+gjiH9GPP
DDCSxXKq/K+J9BXVcfFqKNOxgb3Xj9p+xo3MyjoaaBbczx8v0I459/AJcoLbyRWb
T/Iw4OKY//aeBIwxy6WXR9+hhwNz/PrOdzFHyRHPO02BqFLnYPWC+MCGUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHF7EQb45AD1DK11IZkfQtVnpONMB8GA1UdIwQY
MBaAFIboDRgcJT0U2h4LqcHVZm9WJtWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTkt
NzNmNTQzNDg4MjNjLzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTktNzNmNTQzNDg4MjNj
LzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR5l39gK0
CRk929AUWbqZkdqjL2SvOjXkZCMCyEf3UfVmnOSw0DnLZQUE7pFL9V7a3JSImhgW
5RsBdh2HKW546ljkjV+Bc1pIcw4mNZyXuJoJYm2WoyEIEyfQ5nDfWu6pGO1GM1Uv
HwfzUWuGAlzoskQ15IJPP3iUOFJV0I5CRKt5KnMGatr+Ra9AxYdpizO63/lMWYHP
F9q/MM1uOusUCqE0TMEEQ2lw+KWOKUidh0MG9NqvzwYaQmwGnYvQJ8HbFGOQCUE6
ktih8ozHmN2Oc9m4N3iuocfD9wQ3j+xnxxAdD7YDgMfBGiVcdhhgWqdlcozeJUFi
4IBr7fXJuiw2Nw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:11:39 2025 by rpki-client