
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File: HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier: EE+UAHmVD8V0ZiVma+te7amlMWFbr6L3UUjOXsw8Irw=
Subject key identifier: 2F:11:9A:FF:76:AE:67:BE:80:20:72:8E:F7:D7:90:B3:DD:E4:74:E2
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer: /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial: 0199FA6A6D5D960068E20C09EA1A11EC8C65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number: 10D9
Signing time: Sun 19 Oct 2025 03:01:42 +0000
Manifest this update: Sun 19 Oct 2025 03:01:42 +0000
Manifest next update: Mon 20 Oct 2025 03:01:42 +0000
Files and hashes: 1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: zCd9kwf7slro5nBYyE11+xykBXUKx45BSC9TrmHKWPY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 03:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:6a:6d:5d:96:00:68:e2:0c:09:ea:1a:11:ec:8c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
Validity
Not Before: Oct 19 03:01:42 2025 GMT
Not After : Oct 20 03:01:42 2025 GMT
Subject: CN=2f119aff76ae67be8020728ef7d790b3dde474e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ab:ba:0b:96:ea:32:db:c0:d6:ab:0e:e5:6f:
2f:de:15:17:99:85:5b:19:34:7e:82:9a:b5:76:37:
8b:c4:2d:d4:e9:98:c1:57:11:ce:64:8e:04:e3:12:
41:b2:77:5d:58:35:f1:4a:87:ac:fb:17:2b:28:2d:
3f:3c:0f:1e:f3:28:f8:7c:c3:39:de:b4:d4:4d:92:
de:b9:a4:5b:0f:7e:82:29:94:58:4b:88:dc:8f:38:
d9:dc:fe:26:ad:ac:0b:66:89:1b:83:e4:72:29:ea:
b2:a1:3b:a8:67:26:68:4c:98:4e:d9:ad:2a:ed:2a:
85:22:4c:60:94:d3:42:37:78:ba:41:c7:20:cf:ee:
23:1b:da:79:c9:9c:c0:5a:c5:87:d0:f0:72:6b:fa:
28:0f:46:36:a7:5f:3e:b1:6f:c3:76:62:80:6c:0d:
01:01:0f:34:7f:56:e7:eb:db:94:69:1e:96:e6:61:
54:ce:64:c0:14:b6:ab:50:8b:84:fd:de:ad:6b:0a:
14:d7:e0:61:28:30:b0:ca:09:da:14:43:cd:10:4f:
54:ae:2b:6b:71:1a:4b:6e:f1:b7:63:9c:fa:f7:e9:
b7:9c:20:4a:1c:af:a3:96:0e:b5:3d:fd:a7:ba:f5:
d8:ca:53:db:73:96:a3:23:5b:f5:96:01:c1:8d:b5:
67:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:11:9A:FF:76:AE:67:BE:80:20:72:8E:F7:D7:90:B3:DD:E4:74:E2
X509v3 Authority Key Identifier:
keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:3f:68:e7:b0:80:b8:8d:7b:f7:bd:31:36:6b:d9:cc:8b:60:
16:4d:b5:8d:11:c2:9e:ef:2b:4a:c4:3f:38:22:67:c1:7d:9d:
4d:09:32:08:c5:00:37:cf:a5:54:69:66:d3:9b:52:86:20:54:
db:0c:33:b0:68:78:19:cf:bf:2e:a9:cf:b8:42:e9:dd:f1:b4:
7e:3c:48:f8:74:b7:cd:d4:c5:0e:ae:ad:76:e6:af:06:4c:94:
bf:17:dc:60:31:79:77:91:9a:c2:99:3a:3b:ec:fc:f1:b2:8c:
6c:e3:8c:27:34:a3:7f:82:a7:b0:8c:07:93:c9:72:cf:52:cc:
60:5b:6d:f8:65:ea:2b:4c:2b:9a:6d:05:a0:69:87:48:ec:99:
c3:08:c4:7c:03:fd:fd:9d:29:d1:2f:9b:39:2c:8b:dd:2b:71:
8b:b8:df:d9:8d:98:4b:27:b4:49:6f:d0:42:49:11:47:b0:24:
37:ed:63:48:82:07:69:cb:b2:c1:d8:3c:08:f4:0c:e1:eb:96:
55:a7:9b:b8:a2:60:0f:f1:2d:8d:a0:12:28:6c:8c:62:8d:ab:
a5:d6:5c:89:76:b2:4f:56:75:f4:e7:25:0b:13:19:8f:a0:78:
dc:31:85:02:70:e2:a0:82:aa:48:da:16:5c:c7:47:81:be:aa:
db:37:d1:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6am1dlgBo4gwJ6hoR7IxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUxMDE5MDMwMTQyWhcNMjUxMDIwMDMwMTQyWjAzMTEwLwYDVQQD
EygyZjExOWFmZjc2YWU2N2JlODAyMDcyOGVmN2Q3OTBiM2RkZTQ3NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ku6C5bqMtvA1qsO5W8v3hUXmYVb
GTR+gpq1djeLxC3U6ZjBVxHOZI4E4xJBsnddWDXxSoes+xcrKC0/PA8e8yj4fMM5
3rTUTZLeuaRbD36CKZRYS4jcjzjZ3P4mrawLZokbg+RyKeqyoTuoZyZoTJhO2a0q
7SqFIkxglNNCN3i6Qccgz+4jG9p5yZzAWsWH0PBya/ooD0Y2p18+sW/DdmKAbA0B
AQ80f1bn69uUaR6W5mFUzmTAFLarUIuE/d6tawoU1+BhKDCwygnaFEPNEE9Uritr
cRpLbvG3Y5z69+m3nCBKHK+jlg61Pf2nuvXYylPbc5ajI1v1lgHBjbVnDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8Rmv92rme+gCByjvfXkLPd5HTiMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPz9o57CA
uI17970xNmvZzItgFk21jRHCnu8rSsQ/OCJnwX2dTQkyCMUAN8+lVGlm05tShiBU
2wwzsGh4Gc+/LqnPuELp3fG0fjxI+HS3zdTFDq6tduavBkyUvxfcYDF5d5Gawpk6
O+z88bKMbOOMJzSjf4KnsIwHk8lyz1LMYFtt+GXqK0wrmm0FoGmHSOyZwwjEfAP9
/Z0p0S+bOSyL3Stxi7jf2Y2YSye0SW/QQkkRR7AkN+1jSIIHacuywdg8CPQM4euW
VaebuKJgD/EtjaASKGyMYo2rpdZciXayT1Z19OclCxMZj6B43DGFAnDioIKqSNoW
XMdHgb6q2zfRYA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:05 2025 by rpki-client