Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
File: hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft (raw, json)
Hash identifier: O+4QRys963z3HycKnKTTUWWDCjsr/PFsOLRM1+VdqO0=
Subject key identifier: B9:DA:8C:E7:CB:2E:5B:3E:2A:76:B8:07:5E:9A:53:3A:EB:39:D5:96
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 0198D473B66024DFF655CD3914E42A187F5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
Manifest number: 1303
Signing time: Sat 23 Aug 2025 01:03:29 +0000
Manifest this update: Sat 23 Aug 2025 01:03:29 +0000
Manifest next update: Sun 24 Aug 2025 01:03:29 +0000
Files and hashes: 1: HqsWPiwhPVLNcmUOAiPoyMKMaos.roa (hash: +cYbm5RTH5JZOTcPymiPp3fNwrHCYwm6lbNeUWc3jgg=)
2: hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl (hash: W5kLGbwp7zzhWdA9UahipT66bknZVszFNoCRbmMV9SA=)
3: u40_CVPRXQU3uk4qPbqc4cI2sHY.roa (hash: gnlLqRtRQL2T8+oJwalCgtWLP3BAY4oa8AUD9M1Xi/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:73:b6:60:24:df:f6:55:cd:39:14:e4:2a:18:7f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Aug 23 01:03:29 2025 GMT
Not After : Aug 24 01:03:29 2025 GMT
Subject: CN=b9da8ce7cb2e5b3e2a76b8075e9a533aeb39d596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c0:a6:27:a4:36:f1:bd:b2:6a:b3:54:a6:b3:
24:39:a5:ff:23:08:d1:16:e6:a6:19:73:54:1b:31:
b3:d4:ec:b7:4f:96:e2:c1:e2:1d:72:95:26:74:84:
38:7f:ee:2d:55:7f:cf:7f:82:e6:75:00:47:53:df:
ed:50:b7:98:ed:0d:8e:15:67:f6:4f:c8:fb:62:57:
8e:27:e8:07:4f:70:e5:66:01:71:26:f4:90:53:04:
c3:04:40:17:6c:94:70:82:27:1b:77:34:f8:07:3b:
ac:e8:38:8a:c3:12:1e:43:6a:db:05:6c:af:ed:75:
57:94:68:82:42:40:ed:1d:5a:c8:33:bb:ee:fe:bf:
ac:df:09:73:7a:d2:07:ea:ab:76:ab:6a:14:f2:f3:
7e:f2:4b:5a:87:6a:13:73:5f:9c:60:1a:a3:01:b4:
4c:0a:21:e5:83:2f:3f:e4:f7:c3:10:44:49:fc:07:
44:b2:7b:51:96:af:94:56:2c:3f:ab:3e:19:65:94:
ba:3c:eb:76:26:52:fd:c1:e3:b7:a7:7d:5b:0d:7e:
7e:d4:8c:8f:84:f6:2b:bd:12:e0:6e:a3:4b:b9:8a:
66:7f:2c:04:1e:3b:c1:70:a3:21:8c:6c:21:e4:34:
be:fc:d8:c6:40:68:17:d0:0d:3e:fa:9c:1c:05:fe:
2c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DA:8C:E7:CB:2E:5B:3E:2A:76:B8:07:5E:9A:53:3A:EB:39:D5:96
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:6d:4d:2f:9c:d6:c8:51:2d:7c:ed:77:f8:05:21:3d:c7:a9:
0f:26:6d:b3:90:86:2f:a2:74:08:3d:33:a8:22:e3:a7:31:66:
92:0f:82:7a:28:61:14:21:04:b3:12:ca:cc:4f:1e:d3:af:6a:
8f:97:ba:1e:30:12:e0:e0:1a:11:76:17:04:30:7f:90:52:d1:
01:66:40:00:d3:cd:23:e9:9a:1a:f8:93:e5:e0:eb:e6:4e:69:
9b:a1:85:1c:b3:d9:5f:e8:84:a2:59:b0:db:43:c6:b8:aa:68:
b2:d6:9c:34:65:27:82:9a:a0:fa:39:fa:a3:69:75:44:12:33:
b0:74:92:c3:38:7c:c6:f7:9e:13:a0:56:ad:0c:67:29:57:53:
8f:de:93:0a:7a:51:4d:e8:93:16:0b:8e:4b:d4:28:62:e6:31:
49:34:41:8c:5c:dd:02:53:a9:9d:a8:c0:21:1a:d7:b2:6d:c9:
0d:fd:ed:39:65:a4:1c:8e:f1:1c:72:da:56:4a:7d:1e:84:fa:
67:e1:82:f4:62:3d:39:79:bb:80:bb:bf:ee:52:4c:7b:87:65:
b2:57:8d:51:53:bf:9b:5d:a1:59:8d:06:f8:ab:e6:7e:ae:5a:
f5:1c:54:34:56:e6:79:7b:1f:b4:90:f9:5e:05:ab:a0:52:43:
dc:90:1a:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc7ZgJN/2Vc05FOQqGH9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjUwODIzMDEwMzI5WhcNMjUwODI0MDEwMzI5WjAzMTEwLwYDVQQD
EyhiOWRhOGNlN2NiMmU1YjNlMmE3NmI4MDc1ZTlhNTMzYWViMzlkNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosCmJ6Q28b2yarNUprMkOaX/IwjR
FuamGXNUGzGz1Oy3T5biweIdcpUmdIQ4f+4tVX/Pf4LmdQBHU9/tULeY7Q2OFWf2
T8j7YleOJ+gHT3DlZgFxJvSQUwTDBEAXbJRwgicbdzT4Bzus6DiKwxIeQ2rbBWyv
7XVXlGiCQkDtHVrIM7vu/r+s3wlzetIH6qt2q2oU8vN+8ktah2oTc1+cYBqjAbRM
CiHlgy8/5PfDEERJ/AdEsntRlq+UViw/qz4ZZZS6POt2JlL9weO3p31bDX5+1IyP
hPYrvRLgbqNLuYpmfywEHjvBcKMhjGwh5DS+/NjGQGgX0A0++pwcBf4sdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnajOfLLls+Kna4B16aUzrrOdWWMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr21NL5zW
yFEtfO13+AUhPcepDyZts5CGL6J0CD0zqCLjpzFmkg+CeihhFCEEsxLKzE8e069q
j5e6HjAS4OAaEXYXBDB/kFLRAWZAANPNI+maGviT5eDr5k5pm6GFHLPZX+iEolmw
20PGuKpostacNGUngpqg+jn6o2l1RBIzsHSSwzh8xveeE6BWrQxnKVdTj96TCnpR
TeiTFguOS9QoYuYxSTRBjFzdAlOpnajAIRrXsm3JDf3tOWWkHI7xHHLaVkp9HoT6
Z+GC9GI9OXm7gLu/7lJMe4dlsleNUVO/m12hWY0G+Kvmfq5a9RxUNFbmeXsftJD5
XgWroFJD3JAa6g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:49:23 2025 by rpki-client