
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
File: hGlcglEp42VKUIs7xSn-Ols4ObE.mft (raw, json)
Hash identifier: kLYaYRQWRHg5blstzAk1nYP1p2Oxdsly4w2ikkXbKeA=
Subject key identifier: 53:6E:20:48:8B:07:C0:EC:E7:34:C7:0E:FB:67:45:EE:7E:95:33:5B
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Certificate issuer: /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial: 0199FDD922E0A480A7555A095A95B5E6F4D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
Manifest number: 1234
Signing time: Sun 19 Oct 2025 19:01:29 +0000
Manifest this update: Sun 19 Oct 2025 19:01:29 +0000
Manifest next update: Mon 20 Oct 2025 19:01:29 +0000
Files and hashes: 1: DLIEmy-lWsyrr-sd36twYuEevio.roa (hash: aUcurTUu0ie7YyEr+ll+2DTq3WZheC8vTveKU2r56C8=)
2: hGlcglEp42VKUIs7xSn-Ols4ObE.crl (hash: PsyvA/cXgXDlr0qv+j2vQK5dzdH4K63soMMpCPYyD+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:22:e0:a4:80:a7:55:5a:09:5a:95:b5:e6:f4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Validity
Not Before: Oct 19 19:01:29 2025 GMT
Not After : Oct 20 19:01:29 2025 GMT
Subject: CN=536e20488b07c0ece734c70efb6745ee7e95335b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:89:04:65:49:e8:1e:eb:5e:83:0e:8f:6b:
9a:ef:5c:cf:0b:10:5a:2b:0f:60:74:b0:80:a0:34:
78:03:f6:af:cc:ba:e2:86:74:9a:2e:2f:da:39:ca:
d8:fe:65:cb:f1:8b:6a:6d:d3:fe:bd:85:b5:61:26:
ee:8c:07:f3:78:95:1a:41:b5:5a:da:23:af:01:59:
71:96:10:ae:f4:a9:0b:0d:57:13:cb:f9:03:38:a3:
bb:2a:5f:10:cf:0d:ed:7e:f8:cc:01:02:94:97:3b:
8e:31:ad:8c:1a:d6:4c:8f:9e:bf:01:87:bb:15:ee:
40:1c:f3:cd:c8:80:e7:e5:b1:ba:dd:1a:30:5c:fc:
b2:09:d1:41:e3:54:66:83:47:fc:49:d4:45:1e:84:
3f:cf:fe:3e:3c:ff:c7:94:54:97:76:4e:94:e2:f7:
9a:9e:06:98:97:c0:aa:ef:44:18:5e:7b:cf:ed:43:
b2:6e:93:ea:ea:0f:c5:d1:8d:00:5a:32:a8:63:48:
30:eb:7d:da:ea:00:0e:9e:19:cd:1c:ab:7f:41:75:
20:4d:d7:47:79:e4:f4:fe:4e:fe:70:0f:85:dd:b0:
96:4e:cb:4a:e0:18:54:95:3b:65:24:d5:65:ae:a3:
d9:41:b1:a7:b0:19:f3:e9:b4:5f:4b:29:ca:9e:c6:
1a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6E:20:48:8B:07:C0:EC:E7:34:C7:0E:FB:67:45:EE:7E:95:33:5B
X509v3 Authority Key Identifier:
keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:10:97:98:b7:c6:87:82:21:a8:94:0c:84:96:37:16:95:ab:
83:78:a4:16:58:da:2a:a7:38:b8:64:fc:fe:4f:43:63:28:14:
e5:64:4a:b2:27:d3:27:8b:b9:e4:57:8b:d7:f8:fd:ba:27:71:
78:51:0f:71:56:8e:de:a4:66:c9:b5:ba:cd:47:fc:f2:ca:f5:
63:7a:45:e4:e0:aa:d0:22:00:90:52:1a:03:c1:cb:40:31:80:
fe:24:0f:70:f3:6e:07:c4:0b:d7:81:ce:c9:97:d8:15:b2:04:
f0:e1:06:d9:96:6f:c8:ee:2c:e5:ce:5f:cf:f6:60:fe:67:7a:
f0:ef:c6:ba:b5:89:17:eb:19:8d:73:0b:fe:b6:4a:d0:97:a2:
23:55:c9:40:a7:05:a6:1e:90:96:8a:4a:4c:bf:eb:8b:6f:1e:
63:12:86:ba:4a:d3:56:f1:8d:aa:fb:cb:21:58:75:58:53:16:
67:45:10:d3:11:ee:4d:67:a9:89:d4:8a:da:61:4e:1a:82:6f:
ef:de:6f:36:99:1b:e0:4a:ef:52:63:43:eb:c6:58:77:3f:f4:
92:40:16:a1:d8:81:69:c5:5a:2a:23:4c:c3:5b:c4:f3:a4:39:
4c:32:2a:87:70:1b:ca:0a:7e:5e:d5:72:3f:19:33:64:41:be:
fe:b8:3e:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92SLgpICnVVoJWpW15vTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njk1YzgyNTEyOWUzNjU0YTUwOGIzYmM1MjlmZTNhNWIz
ODM5YjEwHhcNMjUxMDE5MTkwMTI5WhcNMjUxMDIwMTkwMTI5WjAzMTEwLwYDVQQD
Eyg1MzZlMjA0ODhiMDdjMGVjZTczNGM3MGVmYjY3NDVlZTdlOTUzMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueuJBGVJ6B7rXoMOj2ua71zPCxBa
Kw9gdLCAoDR4A/avzLrihnSaLi/aOcrY/mXL8YtqbdP+vYW1YSbujAfzeJUaQbVa
2iOvAVlxlhCu9KkLDVcTy/kDOKO7Kl8Qzw3tfvjMAQKUlzuOMa2MGtZMj56/AYe7
Fe5AHPPNyIDn5bG63RowXPyyCdFB41Rmg0f8SdRFHoQ/z/4+PP/HlFSXdk6U4vea
ngaYl8Cq70QYXnvP7UOybpPq6g/F0Y0AWjKoY0gw633a6gAOnhnNHKt/QXUgTddH
eeT0/k7+cA+F3bCWTstK4BhUlTtlJNVlrqPZQbGnsBnz6bRfSynKnsYa6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNuIEiLB8Ds5zTHDvtnRe5+lTNbMB8GA1UdIwQY
MBaAFIRpXIJRKeNlSlCLO8Up/jpbODmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMt
YjdmNjM0MjNmMTkyLzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMtYjdmNjM0MjNmMTky
LzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBCXmLfG
h4IhqJQMhJY3FpWrg3ikFljaKqc4uGT8/k9DYygU5WRKsifTJ4u55FeL1/j9uidx
eFEPcVaO3qRmybW6zUf88sr1Y3pF5OCq0CIAkFIaA8HLQDGA/iQPcPNuB8QL14HO
yZfYFbIE8OEG2ZZvyO4s5c5fz/Zg/md68O/GurWJF+sZjXML/rZK0JeiI1XJQKcF
ph6QlopKTL/ri28eYxKGukrTVvGNqvvLIVh1WFMWZ0UQ0xHuTWepidSK2mFOGoJv
795vNpkb4ErvUmND68ZYdz/0kkAWodiBacVaKiNMw1vE86Q5TDIqh3Abygp+XtVy
PxkzZEG+/rg+sg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:51:26 2025 by rpki-client