Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
File: hnkOzbhqxvqivMfusg0nTPpGULA.mft (raw, json)
Hash identifier: ZQdhhC8Zp3PVorUZUo61tfkaZnd10+0yBbriGu3/ZZQ=
Subject key identifier: 5A:C5:11:C4:A9:06:C6:B5:14:C3:2E:6F:AB:FB:BA:3C:FA:A7:73:CC
Authority key identifier: 86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
Certificate issuer: /CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Certificate serial: 0199FBB3681B074D3A9D24EBA136C7611039
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
Manifest number: BB
Signing time: Sun 19 Oct 2025 09:01:02 +0000
Manifest this update: Sun 19 Oct 2025 09:01:02 +0000
Manifest next update: Mon 20 Oct 2025 09:01:02 +0000
Files and hashes: 1: hnkOzbhqxvqivMfusg0nTPpGULA.crl (hash: F0GxftKEg7SgeLarIe0bnWz5jPVJ0jK7tb7RIcJHSqw=)
2: tR9T-2FvtEGouyPVT6CL-0oJmZs.roa (hash: oiTzhXBQqy2Mz5Nqrcv/ZCMdCONRk6F6wZpQ15vc3o0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:b3:68:1b:07:4d:3a:9d:24:eb:a1:36:c7:61:10:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0
Validity
Not Before: Oct 19 09:01:02 2025 GMT
Not After : Oct 20 09:01:02 2025 GMT
Subject: CN=5ac511c4a906c6b514c32e6fabfbba3cfaa773cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1c:95:da:42:7a:84:57:d6:60:24:d9:5e:25:
1c:5f:88:2f:41:f6:05:78:13:9a:b2:7b:85:bd:d6:
a0:0f:6f:f9:20:8a:ae:59:71:81:21:97:30:e6:87:
a6:e4:95:69:20:7e:ff:ff:12:3c:8e:0a:49:78:8d:
dc:64:4a:e6:09:82:b0:b1:ba:3d:4b:b1:fb:82:ef:
6e:90:38:12:47:22:05:d0:2e:1c:e3:76:20:ac:61:
bf:4c:aa:a3:93:cd:58:c4:22:30:ce:61:78:c1:55:
ab:1c:03:a4:59:30:5d:b9:b5:27:e0:ed:64:f8:5b:
4e:a9:d1:ac:f1:af:41:46:b8:17:74:f3:06:fb:cc:
c5:fe:67:ce:e8:e1:44:b7:3e:f9:c2:0c:36:64:a4:
cf:23:7a:30:7e:e0:0b:8c:ca:b2:17:fb:26:22:b0:
23:c0:bb:87:43:c6:24:fe:02:19:99:01:1d:01:24:
28:16:81:cc:20:c0:2e:7b:be:0d:83:5a:d8:1c:3e:
27:94:b8:61:c9:4a:a7:5f:f4:0d:21:16:c2:d0:7e:
43:17:86:ad:fd:a9:85:f0:cc:5f:a7:e8:92:60:87:
d4:f4:89:6d:95:71:dc:af:ad:cb:c3:2f:a0:9b:78:
c9:16:0c:52:a1:bc:0e:0f:51:97:77:47:78:d6:8f:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C5:11:C4:A9:06:C6:B5:14:C3:2E:6F:AB:FB:BA:3C:FA:A7:73:CC
X509v3 Authority Key Identifier:
keyid:86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:e9:4b:1f:5d:59:97:13:78:b2:5e:04:81:bf:9d:8a:e8:30:
cf:6f:59:76:84:87:ad:e0:59:32:e6:ca:38:f2:ba:3e:1e:6d:
b6:0a:24:7a:0e:a5:3c:69:23:e1:02:e1:89:a1:04:98:38:68:
cc:7f:17:a8:41:0a:c7:a3:bd:61:e4:81:d0:fc:be:3b:ab:90:
de:b8:99:3c:d2:11:81:83:e9:d5:ea:4c:85:b5:4c:92:22:b2:
97:7a:31:0c:bc:0b:20:99:05:2e:8d:f0:40:aa:31:9f:dc:a9:
c3:c6:26:24:77:4c:b3:a3:17:59:37:0b:ae:0d:4a:ca:67:75:
77:9e:30:df:52:0c:52:44:fa:a6:7a:1e:f4:c3:aa:6e:29:b1:
6a:27:ea:45:06:b0:65:7f:75:55:50:22:02:0e:db:2c:a8:5b:
5a:b3:13:ad:a2:c3:c2:76:04:6c:7b:90:b5:1d:a3:4e:73:4c:
54:56:71:0b:40:5b:15:35:91:b2:c7:fe:74:2c:c6:b6:d7:bb:
34:ba:84:1b:ae:f9:a5:09:13:3d:6f:08:95:7d:24:a2:dc:ab:
e0:0b:bd:9c:70:34:96:96:79:83:76:2e:ab:59:4c:d7:3d:35:
31:d9:6e:a5:ea:fe:bb:fb:39:c9:51:95:0d:93:ea:8d:88:5d:
42:ab:20:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s2gbB006nSTroTbHYRA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NzkwZWNkYjg2YWM2ZmFhMmJjYzdlZWIyMGQyNzRjZmE0
NjUwYjAwHhcNMjUxMDE5MDkwMTAyWhcNMjUxMDIwMDkwMTAyWjAzMTEwLwYDVQQD
Eyg1YWM1MTFjNGE5MDZjNmI1MTRjMzJlNmZhYmZiYmEzY2ZhYTc3M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxyV2kJ6hFfWYCTZXiUcX4gvQfYF
eBOasnuFvdagD2/5IIquWXGBIZcw5oem5JVpIH7//xI8jgpJeI3cZErmCYKwsbo9
S7H7gu9ukDgSRyIF0C4c43YgrGG/TKqjk81YxCIwzmF4wVWrHAOkWTBdubUn4O1k
+FtOqdGs8a9BRrgXdPMG+8zF/mfO6OFEtz75wgw2ZKTPI3owfuALjMqyF/smIrAj
wLuHQ8Yk/gIZmQEdASQoFoHMIMAue74Ng1rYHD4nlLhhyUqnX/QNIRbC0H5DF4at
/amF8Mxfp+iSYIfU9IltlXHcr63Lwy+gm3jJFgxSobwOD1GXd0d41o9tXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrFEcSpBsa1FMMub6v7ujz6p3PMMB8GA1UdIwQY
MBaAFIZ5Ds24asb6orzH7rINJ0z6RlCwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAt
ZTBmNmUzMTVmNWI4LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAtZTBmNmUzMTVmNWI4
LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaulLH11Z
lxN4sl4Egb+diugwz29ZdoSHreBZMubKOPK6Ph5ttgokeg6lPGkj4QLhiaEEmDho
zH8XqEEKx6O9YeSB0Py+O6uQ3riZPNIRgYPp1epMhbVMkiKyl3oxDLwLIJkFLo3w
QKoxn9ypw8YmJHdMs6MXWTcLrg1Kymd1d54w31IMUkT6pnoe9MOqbimxaifqRQaw
ZX91VVAiAg7bLKhbWrMTraLDwnYEbHuQtR2jTnNMVFZxC0BbFTWRssf+dCzGtte7
NLqEG675pQkTPW8IlX0kotyr4Au9nHA0lpZ5g3Yuq1lM1z01Mdluper+u/s5yVGV
DZPqjYhdQqsg1g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:29:30 2025 by rpki-client