Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File: HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier: hfv/fpk+2xItI207HRzJ9T6mjrqZ6to0PUic4qSK4nQ=
Subject key identifier: 98:E3:78:15:E7:B8:9A:70:6A:82:1F:E6:96:3F:40:57:4B:7C:89:1B
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer: /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial: 019A71B8553043A5F2BAB7E2335E8728C722
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number: 0553
Signing time: Tue 11 Nov 2025 07:01:36 +0000
Manifest this update: Tue 11 Nov 2025 07:01:36 +0000
Manifest next update: Wed 12 Nov 2025 07:01:36 +0000
Files and hashes: 1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: dmyzxdpcAxtVmmC5NLCOQxW9t+7a5kQh6i9xNJHpXqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:55:30:43:a5:f2:ba:b7:e2:33:5e:87:28:c7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Validity
Not Before: Nov 11 07:01:36 2025 GMT
Not After : Nov 12 07:01:36 2025 GMT
Subject: CN=98e37815e7b89a706a821fe6963f40574b7c891b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ec:24:41:1a:af:f7:f5:92:19:20:bd:2b:a7:
b9:a6:31:73:be:14:e6:b7:b1:9d:51:e0:73:02:d8:
5d:61:a9:d4:54:83:5e:ca:69:ae:57:ee:a5:68:53:
a3:49:15:cd:55:61:32:3b:d8:de:86:81:c6:a0:09:
85:cc:4d:e2:c7:6d:f6:14:ad:eb:d7:b8:6c:a0:c9:
36:b4:29:06:28:10:9f:be:fa:f2:08:dc:60:d7:34:
e2:f1:23:77:a6:d7:9f:64:8f:b9:68:f8:87:7e:01:
eb:06:c0:4e:7c:9c:79:bb:3e:e0:cd:7f:6f:c6:8d:
53:af:e8:eb:68:e9:06:76:1f:8c:2b:05:6a:af:97:
2b:32:16:fe:9b:3b:3d:03:06:18:3d:c6:e7:bf:7c:
a4:f3:97:6e:41:02:e9:60:dd:6e:7f:4b:bc:a5:bc:
0b:4c:09:71:18:c3:11:2f:dd:8b:2a:cd:80:05:b8:
f6:6c:66:59:e6:9e:4f:92:5b:77:b8:4e:a1:bc:fd:
3a:62:07:10:cc:01:af:7e:fe:a5:65:9d:a3:0b:f7:
d3:68:ac:58:f6:f4:14:cd:8b:00:33:bf:84:88:f4:
aa:53:29:45:8a:ec:b0:6a:80:0e:ad:aa:85:2d:22:
bb:29:69:98:16:de:b4:6d:42:81:72:63:9a:15:b8:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E3:78:15:E7:B8:9A:70:6A:82:1F:E6:96:3F:40:57:4B:7C:89:1B
X509v3 Authority Key Identifier:
keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:01:8a:ea:ce:9f:02:12:1d:90:1d:61:96:9f:72:f2:59:ef:
8b:25:63:5d:08:06:74:c3:df:56:75:df:b0:b6:48:b7:b8:a1:
c5:fd:fc:c2:69:fa:8d:30:39:24:39:a7:fc:0f:fa:b2:26:9c:
e6:c6:bc:97:32:0d:b2:4d:7f:b0:32:23:ad:91:0e:73:99:cb:
d9:b3:9d:28:1b:34:61:10:17:e3:10:c6:46:99:0a:8b:b9:24:
2b:84:2e:73:95:74:56:fa:9c:d6:27:c8:1b:a3:ca:b5:e6:5c:
69:69:65:e8:7d:9a:d0:69:3a:ff:80:a4:49:e1:46:73:e6:68:
ff:83:f0:26:e9:68:e2:e6:94:45:20:33:81:d8:e8:f7:8d:fe:
c7:47:f2:36:79:d0:10:6f:3a:b7:84:a2:17:c5:85:e9:2d:78:
33:d0:c8:f1:48:09:0b:c3:a0:41:c6:e5:81:46:fe:70:d6:4e:
77:fc:05:0b:33:a5:46:4c:47:9e:8e:7c:38:10:cd:00:a5:e0:
dc:7e:fd:5e:a3:92:bb:40:1d:9d:28:9f:ef:96:88:85:68:01:
99:81:32:a7:37:17:07:6f:28:cf:60:47:c7:8c:75:4d:8b:28:
8e:61:66:00:a8:a4:3f:44:f4:ba:db:8a:21:60:80:91:80:28:
c9:17:fc:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFUwQ6XyurfiM16HKMciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjUxMTExMDcwMTM2WhcNMjUxMTEyMDcwMTM2WjAzMTEwLwYDVQQD
Eyg5OGUzNzgxNWU3Yjg5YTcwNmE4MjFmZTY5NjNmNDA1NzRiN2M4OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+wkQRqv9/WSGSC9K6e5pjFzvhTm
t7GdUeBzAthdYanUVINeymmuV+6laFOjSRXNVWEyO9jehoHGoAmFzE3ix232FK3r
17hsoMk2tCkGKBCfvvryCNxg1zTi8SN3ptefZI+5aPiHfgHrBsBOfJx5uz7gzX9v
xo1Tr+jraOkGdh+MKwVqr5crMhb+mzs9AwYYPcbnv3yk85duQQLpYN1uf0u8pbwL
TAlxGMMRL92LKs2ABbj2bGZZ5p5Pklt3uE6hvP06YgcQzAGvfv6lZZ2jC/fTaKxY
9vQUzYsAM7+EiPSqUylFiuywaoAOraqFLSK7KWmYFt60bUKBcmOaFbg2sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjjeBXnuJpwaoIf5pY/QFdLfIkbMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAGK6s6f
AhIdkB1hlp9y8lnviyVjXQgGdMPfVnXfsLZIt7ihxf38wmn6jTA5JDmn/A/6siac
5sa8lzINsk1/sDIjrZEOc5nL2bOdKBs0YRAX4xDGRpkKi7kkK4Quc5V0Vvqc1ifI
G6PKteZcaWll6H2a0Gk6/4CkSeFGc+Zo/4PwJulo4uaURSAzgdjo943+x0fyNnnQ
EG86t4SiF8WF6S14M9DI8UgJC8OgQcblgUb+cNZOd/wFCzOlRkxHno58OBDNAKXg
3H79XqOSu0AdnSif75aIhWgBmYEypzcXB28oz2BHx4x1TYsojmFmAKikP0T0utuK
IWCAkYAoyRf8Ww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:09 2025 by rpki-client