Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
File: HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json)
Hash identifier: xU+KxgFjlEN1Kv0y2yJtvfs88umdTD06lH8IGhituyQ=
Subject key identifier: 94:C0:EC:22:79:71:6C:32:CD:15:D3:72:13:69:AB:5A:C4:F8:F9:E6
Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
Certificate issuer: /CN=1d8933c193f04e32441e37162dc4defa9744b84f
Certificate serial: 0199FD3419ACAB619DA0E1E1652DC72DB872
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
Manifest number: 14A7
Signing time: Sun 19 Oct 2025 16:01:13 +0000
Manifest this update: Sun 19 Oct 2025 16:01:13 +0000
Manifest next update: Mon 20 Oct 2025 16:01:13 +0000
Files and hashes: 1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: Je29yvuZWFDpX0GwC1VHFRNMz7HjTO/F7IvWkJ08/pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:19:ac:ab:61:9d:a0:e1:e1:65:2d:c7:2d:b8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f
Validity
Not Before: Oct 19 16:01:13 2025 GMT
Not After : Oct 20 16:01:13 2025 GMT
Subject: CN=94c0ec2279716c32cd15d3721369ab5ac4f8f9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:6f:9b:db:21:43:0d:63:cd:66:e0:95:a7:
c8:06:6c:44:3d:d6:0f:7b:5d:75:25:29:cf:cf:d4:
f3:bf:6c:21:e4:bd:a0:0d:c6:21:78:53:dc:a1:7b:
2f:9b:2f:cc:7e:62:58:5d:93:a7:d6:84:3a:27:60:
68:38:dd:f6:57:21:bd:22:62:3d:28:2d:27:41:69:
50:75:b5:cf:fc:80:e8:6c:8f:94:76:1b:f5:c9:7a:
30:a2:e1:3f:0c:36:46:fa:3e:76:e7:e7:38:92:07:
6b:f4:80:1c:44:7e:bc:bf:cf:82:ab:ca:87:35:e9:
24:ab:21:7b:70:44:82:f4:b7:93:b5:d0:36:e2:05:
63:98:81:c1:18:f4:e0:07:ef:64:f2:68:1a:a8:00:
5a:8e:d8:0b:42:b0:8c:eb:65:7e:e4:0b:ad:2e:fe:
5a:1a:11:89:c2:39:9a:f2:b2:f9:a4:6b:a5:68:2c:
cf:3e:f1:c9:ef:17:c4:b5:25:ca:96:ca:0b:b6:be:
8c:ad:48:75:7e:de:f2:78:f1:5f:2c:83:bc:65:e9:
51:2c:9b:a4:1b:42:b6:19:1e:44:b4:3b:78:65:01:
a5:c6:43:41:ab:38:ba:b7:1a:bb:ce:c6:96:8f:af:
47:06:f4:54:8a:d4:c7:f3:17:d5:15:a8:a0:ff:15:
14:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C0:EC:22:79:71:6C:32:CD:15:D3:72:13:69:AB:5A:C4:F8:F9:E6
X509v3 Authority Key Identifier:
keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:28:53:ad:6b:af:f5:08:41:5f:dc:b7:74:6a:b8:fb:c3:71:
dc:26:f2:02:70:e3:e0:b8:e8:0f:a0:c0:7e:9c:51:3a:0f:6e:
1b:9e:35:1f:80:d7:11:a4:62:17:7b:b5:19:75:c3:a5:34:e9:
f6:db:2d:1d:37:09:40:c6:11:17:1e:30:05:dd:cc:36:9c:9c:
aa:78:48:49:dc:0c:e8:9d:5b:4c:fb:74:ed:c7:f7:13:48:78:
9c:74:95:20:ad:c9:26:55:3e:74:10:e9:f6:8d:e1:6b:fc:87:
bb:35:8f:2c:31:13:d5:dd:b6:f1:3c:d6:73:14:ab:52:6f:60:
a1:15:e6:0d:90:5e:4e:56:40:86:de:8a:9a:e9:72:f4:45:5d:
e5:81:f3:83:ef:d4:44:c5:7e:50:96:45:ed:9c:9e:89:81:e1:
18:14:59:55:b6:7b:1e:18:0f:8e:35:b7:7f:56:13:07:a4:73:
3f:83:c5:9f:46:7b:fd:4d:bc:ba:e4:b7:80:f3:9b:27:58:d3:
84:ad:c2:6d:80:7c:85:27:f8:bf:1b:1f:48:5b:8d:dc:e9:ed:
67:65:ed:4d:bb:31:a2:22:c0:9b:98:0c:a5:15:5c:84:c3:ed:
73:ee:6d:93:40:02:b0:88:aa:e6:99:7b:83:d4:86:1c:75:69:
9b:51:2a:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NBmsq2GdoOHhZS3HLbhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0
NGI4NGYwHhcNMjUxMDE5MTYwMTEzWhcNMjUxMDIwMTYwMTEzWjAzMTEwLwYDVQQD
Eyg5NGMwZWMyMjc5NzE2YzMyY2QxNWQzNzIxMzY5YWI1YWM0ZjhmOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAFvm9shQw1jzWbglafIBmxEPdYP
e111JSnPz9Tzv2wh5L2gDcYheFPcoXsvmy/MfmJYXZOn1oQ6J2BoON32VyG9ImI9
KC0nQWlQdbXP/IDobI+Udhv1yXowouE/DDZG+j525+c4kgdr9IAcRH68v8+Cq8qH
NekkqyF7cESC9LeTtdA24gVjmIHBGPTgB+9k8mgaqABajtgLQrCM62V+5AutLv5a
GhGJwjma8rL5pGulaCzPPvHJ7xfEtSXKlsoLtr6MrUh1ft7yePFfLIO8ZelRLJuk
G0K2GR5EtDt4ZQGlxkNBqzi6txq7zsaWj69HBvRUitTH8xfVFaig/xUUSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTA7CJ5cWwyzRXTchNpq1rE+PnmMB8GA1UdIwQY
MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt
MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3
LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaihTrWuv
9QhBX9y3dGq4+8Nx3CbyAnDj4LjoD6DAfpxROg9uG541H4DXEaRiF3u1GXXDpTTp
9tstHTcJQMYRFx4wBd3MNpycqnhISdwM6J1bTPt07cf3E0h4nHSVIK3JJlU+dBDp
9o3ha/yHuzWPLDET1d228TzWcxSrUm9goRXmDZBeTlZAht6Kmuly9EVd5YHzg+/U
RMV+UJZF7ZyeiYHhGBRZVbZ7HhgPjjW3f1YTB6RzP4PFn0Z7/U28uuS3gPObJ1jT
hK3CbYB8hSf4vxsfSFuN3OntZ2XtTbsxoiLAm5gMpRVchMPtc+5tk0ACsIiq5pl7
g9SGHHVpm1EqHg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:05:47 2025 by rpki-client