Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: TWuQLkh7u4hOBHKzMl1ZO0lGta+EEjFG6fLOygU60/Y=
Subject key identifier: 58:75:CE:08:CA:78:B7:B5:3A:8F:79:D2:F7:B3:73:07:35:CE:FB:A3
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 0199FFC78B313FED44DA70DE6738AAD1FF38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 11E3
Signing time: Mon 20 Oct 2025 04:01:31 +0000
Manifest this update: Mon 20 Oct 2025 04:01:31 +0000
Manifest next update: Tue 21 Oct 2025 04:01:31 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: 05nkAHflogsDE5KnYAuh9v5ELjCkpf/h1+oH5qHeS6s=)
2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:8b:31:3f:ed:44:da:70:de:67:38:aa:d1:ff:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Oct 20 04:01:31 2025 GMT
Not After : Oct 21 04:01:31 2025 GMT
Subject: CN=5875ce08ca78b7b53a8f79d2f7b3730735cefba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fc:cc:b8:68:3f:a1:76:bf:de:12:2f:10:7c:
d0:50:d0:fe:81:52:e8:27:dd:8f:4b:2b:61:e7:a2:
26:d3:94:62:b6:be:a9:81:75:ee:91:8e:49:c9:07:
72:54:c0:3f:75:68:53:a5:f4:be:29:7e:bf:1a:26:
c8:62:32:ec:5d:5c:73:1e:ae:01:6f:4e:a2:66:ce:
26:28:5e:d9:e0:9e:18:83:8b:6a:ee:51:75:4c:a4:
db:12:4e:0f:2d:44:28:bb:57:2b:16:3d:5e:a9:2a:
57:62:03:d1:e2:5e:ca:60:05:5a:31:88:52:6e:75:
3b:23:ae:65:f3:8e:bb:d3:80:cc:b1:0e:b4:2e:e9:
bb:54:5c:44:13:54:3b:5e:ff:f7:33:a4:2d:8c:55:
93:c6:69:e9:05:f0:72:fe:c4:76:49:e9:ec:2d:65:
46:7b:73:a1:c2:3d:28:80:18:4e:d4:f7:eb:dd:eb:
35:ea:ab:2b:92:21:fa:6f:c6:3f:7f:73:ed:78:77:
fc:1f:82:ac:a2:cc:63:ec:80:7e:c1:31:75:e8:0f:
47:85:d5:ed:d5:49:4e:12:72:00:bb:50:b7:74:4b:
76:86:fe:8c:26:2f:e5:1c:c5:9c:8a:4d:31:39:a7:
76:c6:9e:39:8a:4b:42:6f:0e:4d:d1:8f:5c:18:ae:
25:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:75:CE:08:CA:78:B7:B5:3A:8F:79:D2:F7:B3:73:07:35:CE:FB:A3
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:62:82:da:da:07:4a:1e:f3:cf:3e:58:94:6e:c0:31:d9:47:
04:83:a7:ec:2b:0f:62:29:af:79:8a:da:02:05:7e:b6:aa:4a:
ff:b2:52:16:36:9f:f1:3a:97:cd:6a:99:8d:38:f5:36:2e:ee:
b2:56:91:87:65:08:54:b0:98:31:a5:e5:7f:c8:07:64:c3:30:
df:bd:2b:6d:83:1b:66:18:17:64:69:47:a9:78:20:95:9b:9f:
6a:90:31:53:80:4d:73:7e:0a:99:2e:fb:c8:73:97:74:a1:e3:
10:37:76:47:04:cf:30:f0:d5:f3:1a:eb:05:85:66:f0:f0:4d:
ad:10:fc:55:c1:42:cd:22:89:0f:17:b3:90:df:c9:83:ac:8a:
c8:ce:51:be:33:d7:62:c8:05:a4:6b:b5:17:2a:8a:06:01:96:
43:fe:08:18:49:11:f5:29:b1:fc:2a:d6:0e:ea:a4:f4:65:bf:
76:f8:2b:51:35:38:f7:da:d1:31:e6:5c:66:37:f5:b7:b3:49:
b7:7d:af:cd:9c:e3:f3:7d:9c:a8:c2:c7:36:f3:b5:95:83:a7:
73:0c:e8:e2:f0:7a:37:1f:b3:0a:51:5e:87:6c:63:c2:ee:38:
26:96:3c:76:21:2e:bf:9e:25:95:c8:34:e2:b3:95:c9:c3:8a:
b1:31:0b:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x4sxP+1E2nDeZziq0f84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUxMDIwMDQwMTMxWhcNMjUxMDIxMDQwMTMxWjAzMTEwLwYDVQQD
Eyg1ODc1Y2UwOGNhNzhiN2I1M2E4Zjc5ZDJmN2IzNzMwNzM1Y2VmYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvzMuGg/oXa/3hIvEHzQUND+gVLo
J92PSyth56Im05Ritr6pgXXukY5JyQdyVMA/dWhTpfS+KX6/GibIYjLsXVxzHq4B
b06iZs4mKF7Z4J4Yg4tq7lF1TKTbEk4PLUQou1crFj1eqSpXYgPR4l7KYAVaMYhS
bnU7I65l846704DMsQ60Lum7VFxEE1Q7Xv/3M6QtjFWTxmnpBfBy/sR2SensLWVG
e3Ohwj0ogBhO1Pfr3es16qsrkiH6b8Y/f3PteHf8H4Ksosxj7IB+wTF16A9HhdXt
1UlOEnIAu1C3dEt2hv6MJi/lHMWcik0xOad2xp45iktCbw5N0Y9cGK4lcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFh1zgjKeLe1Oo950vezcwc1zvujMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGKC2toH
Sh7zzz5YlG7AMdlHBIOn7CsPYimveYraAgV+tqpK/7JSFjaf8TqXzWqZjTj1Ni7u
slaRh2UIVLCYMaXlf8gHZMMw370rbYMbZhgXZGlHqXgglZufapAxU4BNc34KmS77
yHOXdKHjEDd2RwTPMPDV8xrrBYVm8PBNrRD8VcFCzSKJDxezkN/Jg6yKyM5RvjPX
YsgFpGu1FyqKBgGWQ/4IGEkR9Smx/CrWDuqk9GW/dvgrUTU499rRMeZcZjf1t7NJ
t32vzZzj832cqMLHNvO1lYOncwzo4vB6Nx+zClFeh2xjwu44JpY8diEuv54llcg0
4rOVycOKsTELXQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:40:58 2025 by rpki-client