Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: oI4+8KblZhh4vhtLIQdTnf38idz3h9dt94iAuEHS+eo=
Subject key identifier: 8E:94:28:EB:E1:DA:45:45:74:79:30:46:CB:4F:B3:EA:A0:19:47:49
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 0199FFFE963743625CA6FF52C63555C3E9F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 16E6
Signing time: Mon 20 Oct 2025 05:01:38 +0000
Manifest this update: Mon 20 Oct 2025 05:01:38 +0000
Manifest next update: Tue 21 Oct 2025 05:01:38 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: VxCf0k5cAE1Uef/7F3rIptSxKtKJaN+Ki8Oyx8yK4kI=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:96:37:43:62:5c:a6:ff:52:c6:35:55:c3:e9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Oct 20 05:01:38 2025 GMT
Not After : Oct 21 05:01:38 2025 GMT
Subject: CN=8e9428ebe1da454574793046cb4fb3eaa0194749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:2a:ab:08:a8:ea:b8:f4:04:67:8d:3a:b2:
b9:fd:a7:f8:b6:5b:bb:c5:1b:25:11:a9:bb:1c:a3:
87:ae:78:ae:5f:0b:b6:21:9e:e1:d1:b1:a5:63:bf:
62:23:b4:00:7f:99:60:33:10:03:9e:52:49:ba:df:
63:e8:63:46:9c:5a:3d:3f:a9:92:4b:03:15:bd:4b:
21:94:68:57:4e:2c:43:0f:68:9a:af:c4:dd:fa:33:
35:65:a8:16:06:f8:a7:fb:32:d0:33:61:09:86:ab:
d3:20:b0:4f:87:29:a5:28:2a:0f:b1:d4:0f:d0:d8:
24:6d:a3:66:ba:2e:03:74:df:a0:4c:18:77:e7:b2:
d3:b0:eb:55:f8:2b:3b:47:2d:d7:2a:27:9a:4a:5c:
3c:82:bc:4e:9a:cb:8c:cf:2d:f4:f0:ec:90:7d:a9:
29:a1:31:25:3d:15:fb:a4:dd:49:44:cb:61:38:8a:
ed:f0:3f:d0:f0:99:31:57:69:7d:06:c2:b2:dc:78:
51:c7:2f:07:6d:ae:6e:d7:b2:e3:41:5f:bc:c1:f5:
8b:3a:77:8c:f3:aa:eb:93:16:31:45:83:d0:98:85:
94:ef:85:e2:26:c1:79:60:ab:03:92:59:e9:3d:99:
bd:80:e1:76:6c:e1:73:58:18:6d:b5:f7:2e:bb:6d:
cf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:94:28:EB:E1:DA:45:45:74:79:30:46:CB:4F:B3:EA:A0:19:47:49
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:81:c7:f3:80:22:3c:fb:0a:d8:39:25:3c:f2:1a:bc:a5:e5:
d3:29:57:bd:c4:e4:14:90:13:21:f2:ef:1f:79:56:a9:ad:8a:
72:ec:ae:85:df:3a:e8:e2:84:72:91:5e:06:98:e7:9b:5a:9b:
20:56:eb:59:4a:3b:08:02:6a:0b:47:22:91:ab:fa:99:53:22:
be:01:09:19:44:cc:ac:4c:25:ad:ee:ea:c3:d8:ca:3d:67:ca:
c2:6e:46:44:e0:80:31:f9:bd:63:ae:76:89:6a:04:a0:4d:49:
62:84:66:8a:e4:b3:ae:07:17:83:a7:64:6a:f1:53:75:50:6d:
bd:a0:6f:b4:e5:1f:b0:f0:a9:38:c7:59:63:1f:e9:80:05:58:
47:66:20:70:81:6b:c9:50:6f:49:e2:82:96:d4:02:a0:37:bb:
88:88:dd:85:b3:1c:41:66:ba:65:33:4a:1c:e6:a1:2c:f3:a6:
d0:92:8f:5e:f8:ec:a1:cb:4d:e0:85:55:d2:2f:c3:51:c5:38:
76:3a:b6:ec:6c:4c:70:e0:5f:17:bc:b0:16:e5:63:bb:f7:b5:
d9:43:16:0a:a2:48:1f:24:4c:5e:9c:1d:b0:6d:52:64:ec:89:
d1:f3:c4:f7:3a:cf:d7:9e:4d:4b:5f:59:3f:b7:1f:be:22:45:
7a:79:ae:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//pY3Q2Jcpv9SxjVVw+n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUxMDIwMDUwMTM4WhcNMjUxMDIxMDUwMTM4WjAzMTEwLwYDVQQD
Eyg4ZTk0MjhlYmUxZGE0NTQ1NzQ3OTMwNDZjYjRmYjNlYWEwMTk0NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpQqqwio6rj0BGeNOrK5/af4tlu7
xRslEam7HKOHrniuXwu2IZ7h0bGlY79iI7QAf5lgMxADnlJJut9j6GNGnFo9P6mS
SwMVvUshlGhXTixDD2iar8Td+jM1ZagWBvin+zLQM2EJhqvTILBPhymlKCoPsdQP
0NgkbaNmui4DdN+gTBh357LTsOtV+Cs7Ry3XKieaSlw8grxOmsuMzy308OyQfakp
oTElPRX7pN1JRMthOIrt8D/Q8JkxV2l9BsKy3HhRxy8Hba5u17LjQV+8wfWLOneM
86rrkxYxRYPQmIWU74XiJsF5YKsDklnpPZm9gOF2bOFzWBhttfcuu23PeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6UKOvh2kVFdHkwRstPs+qgGUdJMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4HH84Ai
PPsK2DklPPIavKXl0ylXvcTkFJATIfLvH3lWqa2Kcuyuhd866OKEcpFeBpjnm1qb
IFbrWUo7CAJqC0cikav6mVMivgEJGUTMrEwlre7qw9jKPWfKwm5GROCAMfm9Y652
iWoEoE1JYoRmiuSzrgcXg6dkavFTdVBtvaBvtOUfsPCpOMdZYx/pgAVYR2YgcIFr
yVBvSeKCltQCoDe7iIjdhbMcQWa6ZTNKHOahLPOm0JKPXvjsoctN4IVV0i/DUcU4
djq27GxMcOBfF7ywFuVju/e12UMWCqJIHyRMXpwdsG1SZOyJ0fPE9zrP155NS19Z
P7cfviJFenmu5w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:39 2025 by rpki-client