Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: VaT55v8x9PbhqIqZ87GGVw3t0gzNKLOhty7/hagrS7g=
Subject key identifier: 8A:B8:22:B3:43:C1:63:94:38:DE:CD:F0:82:D4:B4:FE:F0:6B:FE:D7
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 0199FAA0F349708E35DD8BAB4E61E4CAD333
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 12AE
Signing time: Sun 19 Oct 2025 04:01:15 +0000
Manifest this update: Sun 19 Oct 2025 04:01:15 +0000
Manifest next update: Mon 20 Oct 2025 04:01:15 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: VmnHRYuGmP2RdvWOfP4sy8UeGtEhnPrrB5ciCIPhLiU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:a0:f3:49:70:8e:35:dd:8b:ab:4e:61:e4:ca:d3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Oct 19 04:01:15 2025 GMT
Not After : Oct 20 04:01:15 2025 GMT
Subject: CN=8ab822b343c1639438decdf082d4b4fef06bfed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e6:4a:1a:8a:88:70:c7:14:c4:8f:bb:52:d5:
7c:0d:56:25:73:4f:c3:cb:63:7c:92:5a:d0:12:ec:
39:27:40:e5:8a:6d:22:7b:f9:65:40:6a:99:6e:37:
11:d1:2d:45:de:89:7b:6d:8a:71:b0:78:e4:47:95:
9e:5b:c7:ee:e2:5a:4c:75:69:51:ac:5f:2f:70:a0:
5e:3f:38:18:e9:e6:e8:6a:54:58:cf:c7:5e:76:c5:
38:76:e1:49:b3:ad:55:7e:a9:9e:0f:1f:8e:2f:93:
22:ff:33:da:84:45:79:93:57:4c:97:a8:50:2e:1c:
b0:e2:97:42:7e:3a:9a:96:e9:46:9a:73:b1:6d:61:
9d:90:ad:65:1a:a7:55:91:f7:e4:2f:a4:8c:f2:44:
05:24:0b:8e:5a:2b:59:24:60:a3:4b:27:0c:9b:c1:
73:e5:0a:89:ce:03:07:38:9f:a3:af:9c:a5:39:2a:
af:d1:37:ed:29:9c:dd:d2:92:65:00:55:61:9f:d3:
3b:b8:e3:a0:79:4f:42:d1:57:a6:9c:bf:22:6b:c3:
e0:4f:f2:a7:65:8e:c4:76:96:bb:fc:ab:cc:0f:f4:
92:15:88:53:85:e5:a9:76:5a:cb:de:c7:c5:49:9e:
d0:a2:a9:4f:57:18:8c:4a:2d:62:0f:3a:eb:61:9e:
5e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B8:22:B3:43:C1:63:94:38:DE:CD:F0:82:D4:B4:FE:F0:6B:FE:D7
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:5d:b5:cf:63:f8:4f:3c:81:6e:04:9f:84:26:71:49:8b:0f:
33:bb:6f:5b:14:e6:f2:65:21:93:7f:90:b6:ac:06:ac:67:20:
43:f4:d8:29:87:d9:1c:4a:83:e4:61:87:1c:b7:21:93:78:02:
91:06:3d:70:6b:20:20:1b:ec:97:03:08:d2:e7:d6:f9:35:0f:
4f:57:11:ef:7b:0a:6e:9a:49:89:9c:92:7b:f4:21:fe:33:13:
80:1d:d4:9d:9d:16:e3:f6:b4:33:4b:c5:50:4a:87:d8:82:05:
56:14:28:49:a4:62:46:c5:56:d4:cc:2f:69:a0:59:12:a9:bc:
54:11:b9:d6:96:ac:a1:0f:d2:54:b0:ac:c8:12:ea:59:f8:c8:
28:76:8d:35:89:a2:95:ce:05:9d:60:d0:0f:b0:39:3e:d2:b8:
e3:b5:bd:87:33:2d:67:71:bd:46:ff:34:b8:56:38:d7:6f:02:
f4:0c:20:dd:5d:37:9f:19:b7:b1:b1:3e:22:00:a3:03:21:73:
db:7d:4c:40:81:45:78:d3:1f:61:50:4b:4b:cc:70:ef:a1:7f:
70:f7:cd:35:74:d0:e1:33:13:02:9e:47:10:f3:83:46:59:23:
14:87:09:36:24:b9:a6:67:81:8e:0a:e3:63:85:a5:6a:6a:e5:
02:be:64:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oPNJcI413YurTmHkytMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUxMDE5MDQwMTE1WhcNMjUxMDIwMDQwMTE1WjAzMTEwLwYDVQQD
Eyg4YWI4MjJiMzQzYzE2Mzk0MzhkZWNkZjA4MmQ0YjRmZWYwNmJmZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOZKGoqIcMcUxI+7UtV8DVYlc0/D
y2N8klrQEuw5J0Dlim0ie/llQGqZbjcR0S1F3ol7bYpxsHjkR5WeW8fu4lpMdWlR
rF8vcKBePzgY6eboalRYz8dedsU4duFJs61VfqmeDx+OL5Mi/zPahEV5k1dMl6hQ
Lhyw4pdCfjqalulGmnOxbWGdkK1lGqdVkffkL6SM8kQFJAuOWitZJGCjSycMm8Fz
5QqJzgMHOJ+jr5ylOSqv0TftKZzd0pJlAFVhn9M7uOOgeU9C0VemnL8ia8PgT/Kn
ZY7Edpa7/KvMD/SSFYhTheWpdlrL3sfFSZ7QoqlPVxiMSi1iDzrrYZ5eaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIq4IrNDwWOUON7N8ILUtP7wa/7XMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE121z2P4
TzyBbgSfhCZxSYsPM7tvWxTm8mUhk3+QtqwGrGcgQ/TYKYfZHEqD5GGHHLchk3gC
kQY9cGsgIBvslwMI0ufW+TUPT1cR73sKbppJiZySe/Qh/jMTgB3UnZ0W4/a0M0vF
UEqH2IIFVhQoSaRiRsVW1MwvaaBZEqm8VBG51pasoQ/SVLCsyBLqWfjIKHaNNYmi
lc4FnWDQD7A5PtK447W9hzMtZ3G9Rv80uFY4128C9Awg3V03nxm3sbE+IgCjAyFz
231MQIFFeNMfYVBLS8xw76F/cPfNNXTQ4TMTAp5HEPODRlkjFIcJNiS5pmeBjgrj
Y4WlamrlAr5kNg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:13:43 2025 by rpki-client