Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
File: HlcDhG16g2S-wwMDTbkay_9C2gw.mft (raw, json)
Hash identifier: TCEl7PSyyWMFuujrx4YWvg7Wwl+OSWxO7X0NjmMkYDU=
Subject key identifier: 52:0C:A2:FE:8D:9C:15:3A:24:19:42:4E:6C:66:4A:1C:18:4E:1C:A3
Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c
Certificate serial: 0199FCFD46E7CECE418CF4F6B8BEEE141CFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
Manifest number: 0AA3
Signing time: Sun 19 Oct 2025 15:01:21 +0000
Manifest this update: Sun 19 Oct 2025 15:01:21 +0000
Manifest next update: Mon 20 Oct 2025 15:01:21 +0000
Files and hashes: 1: 4PNlkOPWAaPkvxKKyZ24ywHUUNs.roa (hash: eaQPOrhXnd6IgLBTpKSTCgVJBcG3spHBZu3BsMLZw3g=)
2: HlcDhG16g2S-wwMDTbkay_9C2gw.crl (hash: s8CQQnZHWag83EIMh+yEoC1sfPvauF65LQYfB4lCp3o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:46:e7:ce:ce:41:8c:f4:f6:b8:be:ee:14:1c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c
Validity
Not Before: Oct 19 15:01:21 2025 GMT
Not After : Oct 20 15:01:21 2025 GMT
Subject: CN=520ca2fe8d9c153a2419424e6c664a1c184e1ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:60:6e:4f:60:61:f4:cb:a2:e8:3e:d5:a1:54:
77:e7:cd:08:c0:86:92:d1:a9:79:62:7e:f5:71:1a:
bf:74:da:86:52:29:b4:62:f6:63:c4:66:6a:ad:a6:
d9:87:bd:6a:79:e3:28:d2:de:85:27:a9:3b:be:80:
22:8d:44:49:2f:de:44:d3:73:23:38:fc:1c:53:d7:
01:7f:84:99:ea:2e:91:12:e3:0e:13:db:5b:32:7c:
77:cc:5a:37:c5:a4:3a:55:1b:2e:1d:e2:1d:ac:68:
8d:7e:c6:f0:31:61:6e:b5:8c:89:60:5f:cf:53:37:
5a:1f:d4:95:ad:1b:c1:35:d4:3f:80:cc:96:40:03:
dc:6f:7c:ed:fd:6b:0a:87:c6:8c:23:ce:06:21:5e:
70:5e:66:e1:6b:37:d6:e2:75:a9:b2:de:3d:9a:ed:
f8:e1:b0:98:21:d6:8a:1a:7c:7f:00:83:8b:f4:06:
0b:2a:ff:d8:45:94:f9:60:9d:0d:1a:87:d0:68:ab:
f2:84:22:53:b3:1c:1f:f8:b1:0f:8f:3d:26:1e:84:
ea:1c:03:65:3b:98:ed:e0:a6:f2:7f:43:24:d2:87:
3c:4b:5a:4f:f5:70:17:d8:d2:fa:83:35:39:84:c4:
0a:09:c1:b6:c4:14:34:b6:31:96:76:23:ca:8f:f9:
9f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0C:A2:FE:8D:9C:15:3A:24:19:42:4E:6C:66:4A:1C:18:4E:1C:A3
X509v3 Authority Key Identifier:
keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:5e:b4:d4:18:72:91:6c:c2:d5:a2:5f:f7:87:f7:40:06:d3:
c3:64:54:2b:2a:e3:d0:0b:3f:39:0e:09:5e:45:63:a9:e6:12:
c8:18:24:ae:a0:2d:c3:cd:6c:4a:2e:97:3f:5d:bf:30:2d:51:
57:48:42:b8:a7:99:50:95:72:d1:7e:be:9b:71:d9:7e:f1:9f:
a6:af:2c:2e:c7:f1:5f:0d:0b:0c:1c:16:0f:65:a6:63:4b:ca:
48:b8:4d:40:0b:ba:5c:4e:4d:7e:5e:af:45:1e:cb:94:64:dc:
e0:f1:fe:34:58:72:08:25:4b:fa:31:77:49:62:47:26:4a:47:
ba:69:05:3e:21:c1:2c:8e:92:a5:2b:6c:52:5a:28:9a:04:8b:
6c:5c:01:41:e9:94:f6:83:9c:72:14:46:d5:b1:87:f4:aa:8f:
ab:37:f9:63:a6:60:fa:35:da:88:5b:6c:97:a2:be:7e:90:2c:
9d:78:30:b5:a2:99:6e:bd:bc:f0:8a:f7:e2:b2:a0:75:22:76:
6d:30:e9:a9:4d:d5:22:ad:3a:fe:e9:04:62:9d:77:52:49:ad:
e3:14:ab:2f:3a:58:1d:bc:3f:23:0d:48:14:5f:af:b6:0b:58:
7e:17:69:ab:38:3b:ac:0b:53:2e:02:82:52:91:d9:f3:c7:43:
45:dc:75:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Ubnzs5BjPT2uL7uFBz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0
MmRhMGMwHhcNMjUxMDE5MTUwMTIxWhcNMjUxMDIwMTUwMTIxWjAzMTEwLwYDVQQD
Eyg1MjBjYTJmZThkOWMxNTNhMjQxOTQyNGU2YzY2NGExYzE4NGUxY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mBuT2Bh9Mui6D7VoVR3580IwIaS
0al5Yn71cRq/dNqGUim0YvZjxGZqrabZh71qeeMo0t6FJ6k7voAijURJL95E03Mj
OPwcU9cBf4SZ6i6REuMOE9tbMnx3zFo3xaQ6VRsuHeIdrGiNfsbwMWFutYyJYF/P
UzdaH9SVrRvBNdQ/gMyWQAPcb3zt/WsKh8aMI84GIV5wXmbhazfW4nWpst49mu34
4bCYIdaKGnx/AIOL9AYLKv/YRZT5YJ0NGofQaKvyhCJTsxwf+LEPjz0mHoTqHANl
O5jt4Kbyf0Mk0oc8S1pP9XAX2NL6gzU5hMQKCcG2xBQ0tjGWdiPKj/mfQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIMov6NnBU6JBlCTmxmShwYThyjMB8GA1UdIwQY
MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt
MDdiMDllNDY1MTE5LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5
LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkl601Bhy
kWzC1aJf94f3QAbTw2RUKyrj0As/OQ4JXkVjqeYSyBgkrqAtw81sSi6XP12/MC1R
V0hCuKeZUJVy0X6+m3HZfvGfpq8sLsfxXw0LDBwWD2WmY0vKSLhNQAu6XE5Nfl6v
RR7LlGTc4PH+NFhyCCVL+jF3SWJHJkpHumkFPiHBLI6SpStsUloomgSLbFwBQemU
9oOcchRG1bGH9KqPqzf5Y6Zg+jXaiFtsl6K+fpAsnXgwtaKZbr288Ir34rKgdSJ2
bTDpqU3VIq06/ukEYp13Ukmt4xSrLzpYHbw/Iw1IFF+vtgtYfhdpqzg7rAtTLgKC
UpHZ88dDRdx16Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:54:39 2025 by rpki-client