Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.mft
File: HTHgIH7TynaEoD6I-aHeKSLdRd4.mft (raw, json)
Hash identifier: RS82/JfmU6aALI/dZ0GwSkj8/ulM2ksHchcPZN8opVY=
Subject key identifier: 12:0D:8F:9C:31:0D:BC:8C:47:10:69:9E:C7:DB:05:32:48:B4:6A:29
Authority key identifier: 1D:31:E0:20:7E:D3:CA:76:84:A0:3E:88:F9:A1:DE:29:22:DD:45:DE
Certificate issuer: /CN=1d31e0207ed3ca7684a03e88f9a1de2922dd45de
Certificate serial: 0199FFC7E2304AF85AFD55B5DCBF26367388
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HTHgIH7TynaEoD6I-aHeKSLdRd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.mft
Manifest number: 028C
Signing time: Mon 20 Oct 2025 04:01:53 +0000
Manifest this update: Mon 20 Oct 2025 04:01:53 +0000
Manifest next update: Tue 21 Oct 2025 04:01:53 +0000
Files and hashes: 1: HTHgIH7TynaEoD6I-aHeKSLdRd4.crl (hash: DJsBd3FHahYly6jbLrrvNvESI4hDb9M2D9/MLilYQw4=)
2: ZwHdEqulD1m_3ODalRm8KKpV4D8.roa (hash: AgKObURVZ2No/6B5xbYFDC7jFhFUnrv7+FottsPk3vg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HTHgIH7TynaEoD6I-aHeKSLdRd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:e2:30:4a:f8:5a:fd:55:b5:dc:bf:26:36:73:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d31e0207ed3ca7684a03e88f9a1de2922dd45de
Validity
Not Before: Oct 20 04:01:53 2025 GMT
Not After : Oct 21 04:01:53 2025 GMT
Subject: CN=120d8f9c310dbc8c4710699ec7db053248b46a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:94:f7:da:8c:b7:63:31:35:68:f7:42:48:fe:
b0:9f:e2:8d:84:f8:13:2c:77:e0:1d:88:0f:68:d7:
4c:b6:06:36:4d:26:41:ad:dd:b4:8d:cb:7d:a1:7b:
c0:8c:c4:e1:e9:4a:81:16:33:94:c0:0f:a6:da:e8:
af:15:21:8c:40:90:f9:b5:e0:60:29:8d:a5:6f:c6:
6e:0f:39:c0:dc:e3:05:69:5c:07:2c:a1:7b:99:5c:
aa:59:5f:2a:e6:cf:e7:2c:be:3d:20:5b:ae:17:c8:
b5:78:68:f7:cb:fc:c6:45:65:b0:8f:04:f0:e1:3d:
d7:41:16:5e:58:fa:2b:79:f3:36:ef:57:03:31:f2:
35:8c:80:28:95:6a:34:68:71:f4:90:6e:80:62:39:
ca:b6:3e:17:00:18:6c:28:a9:31:50:60:8f:1c:06:
4e:1d:1e:25:0d:a9:1d:19:5e:e2:3e:41:9c:4a:9e:
ff:d7:5a:c1:65:a9:1c:46:92:be:09:ab:75:e2:49:
4c:70:11:e0:26:50:26:cd:b7:bd:0e:5d:27:d3:90:
87:da:81:e2:ab:0e:55:12:fb:f5:d3:6a:83:40:07:
fd:13:b3:37:ba:6e:71:5e:8c:16:cb:d1:80:ee:63:
a9:53:5d:75:2f:e9:d0:af:d9:68:86:8f:33:10:35:
9f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0D:8F:9C:31:0D:BC:8C:47:10:69:9E:C7:DB:05:32:48:B4:6A:29
X509v3 Authority Key Identifier:
keyid:1D:31:E0:20:7E:D3:CA:76:84:A0:3E:88:F9:A1:DE:29:22:DD:45:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HTHgIH7TynaEoD6I-aHeKSLdRd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/730e38-ff89-43e1-94fe-a1b778f4d07d/1/HTHgIH7TynaEoD6I-aHeKSLdRd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:ad:e7:be:69:21:bb:bb:36:61:97:1f:17:51:67:e7:74:98:
87:4e:1a:3b:a3:10:91:ad:bd:9c:f4:a7:3b:b2:12:ef:c1:77:
44:2d:ed:8d:9e:06:ac:58:7a:ab:bc:c3:fc:7c:6f:97:f6:7a:
a0:57:00:fb:c7:a6:c5:64:3d:4f:49:2f:d6:00:96:ce:cf:dd:
9f:9d:20:9b:e9:51:93:2c:d6:e3:d1:02:8c:19:3b:cd:45:61:
58:79:c2:88:b0:b8:d7:7f:c9:13:c0:83:e4:e5:5e:45:74:33:
13:be:ae:9b:6b:95:2e:eb:e9:ef:3a:cc:f8:e3:4b:aa:bf:13:
10:e8:f0:88:9a:8d:31:24:51:6d:93:6e:b4:e3:f9:85:03:c4:
97:c5:00:a6:22:df:43:ab:09:d6:0f:e2:0e:0e:12:c4:a6:f8:
59:fa:35:ce:ab:66:a5:8e:4f:b0:f6:c9:10:92:81:72:71:e6:
ff:54:54:91:c1:40:18:88:ba:c8:e9:b9:8e:01:fd:2d:c3:3c:
a2:f4:33:e2:ad:64:91:b4:31:ae:3b:81:db:9d:6c:be:09:5e:
98:93:e7:32:b3:c7:30:8c:ba:db:1f:4a:ca:72:21:93:89:d1:
88:ef:ff:16:52:98:13:14:72:06:34:64:af:b2:1b:f3:06:1f:
3d:a1:10:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x+IwSvha/VW13L8mNnOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMzFlMDIwN2VkM2NhNzY4NGEwM2U4OGY5YTFkZTI5MjJk
ZDQ1ZGUwHhcNMjUxMDIwMDQwMTUzWhcNMjUxMDIxMDQwMTUzWjAzMTEwLwYDVQQD
EygxMjBkOGY5YzMxMGRiYzhjNDcxMDY5OWVjN2RiMDUzMjQ4YjQ2YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5T32oy3YzE1aPdCSP6wn+KNhPgT
LHfgHYgPaNdMtgY2TSZBrd20jct9oXvAjMTh6UqBFjOUwA+m2uivFSGMQJD5teBg
KY2lb8ZuDznA3OMFaVwHLKF7mVyqWV8q5s/nLL49IFuuF8i1eGj3y/zGRWWwjwTw
4T3XQRZeWPorefM271cDMfI1jIAolWo0aHH0kG6AYjnKtj4XABhsKKkxUGCPHAZO
HR4lDakdGV7iPkGcSp7/11rBZakcRpK+Cat14klMcBHgJlAmzbe9Dl0n05CH2oHi
qw5VEvv102qDQAf9E7M3um5xXowWy9GA7mOpU111L+nQr9loho8zEDWfAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBINj5wxDbyMRxBpnsfbBTJItGopMB8GA1UdIwQY
MBaAFB0x4CB+08p2hKA+iPmh3iki3UXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFRIZ0lIN1R5bmFFb0Q2SS1hSGVLU0xkUmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My83MzBlMzgtZmY4OS00M2UxLTk0ZmUt
YTFiNzc4ZjRkMDdkLzEvSFRIZ0lIN1R5bmFFb0Q2SS1hSGVLU0xkUmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My83MzBlMzgtZmY4OS00M2UxLTk0ZmUtYTFiNzc4ZjRkMDdk
LzEvSFRIZ0lIN1R5bmFFb0Q2SS1hSGVLU0xkUmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjq3nvmkh
u7s2YZcfF1Fn53SYh04aO6MQka29nPSnO7IS78F3RC3tjZ4GrFh6q7zD/Hxvl/Z6
oFcA+8emxWQ9T0kv1gCWzs/dn50gm+lRkyzW49ECjBk7zUVhWHnCiLC413/JE8CD
5OVeRXQzE76um2uVLuvp7zrM+ONLqr8TEOjwiJqNMSRRbZNutOP5hQPEl8UApiLf
Q6sJ1g/iDg4SxKb4Wfo1zqtmpY5PsPbJEJKBcnHm/1RUkcFAGIi6yOm5jgH9LcM8
ovQz4q1kkbQxrjuB251svglemJPnMrPHMIy62x9KynIhk4nRiO//FlKYExRyBjRk
r7Ib8wYfPaEQEg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:47:28 2025 by rpki-client