Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: fdHw+liFMTfFU6shXgy3C3kU3K1M8hUe3kGZ+9Z656Q=
Subject key identifier: 23:A7:BE:0B:33:F0:DF:90:BC:DA:2F:06:48:77:EB:79:69:22:1E:26
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 0198D705F8372A4C79E83C068B033F4A817B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 1217
Signing time: Sat 23 Aug 2025 13:02:29 +0000
Manifest this update: Sat 23 Aug 2025 13:02:29 +0000
Manifest next update: Sun 24 Aug 2025 13:02:29 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: 6znugsOceRLcpWcC1nJi6hUKt8tsMDItclSv1HNhIdc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 13:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:05:f8:37:2a:4c:79:e8:3c:06:8b:03:3f:4a:81:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Aug 23 13:02:29 2025 GMT
Not After : Aug 24 13:02:29 2025 GMT
Subject: CN=23a7be0b33f0df90bcda2f064877eb7969221e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fb:32:d3:a9:65:43:a5:f7:89:d6:49:c5:fa:
c6:c5:74:1d:1e:4d:5b:a8:9f:e3:b9:90:e1:63:59:
54:98:07:4b:5a:2a:cd:e9:50:e7:5e:6a:61:f6:26:
30:1c:8f:95:3a:d7:70:3f:06:9c:58:da:41:84:89:
b4:75:0c:c8:cb:44:0a:0d:6b:43:3f:99:67:d7:e4:
04:a9:d4:56:5e:d2:a7:16:72:b1:5b:d6:5b:b2:c0:
e1:6c:9e:a2:47:0d:85:64:36:09:e7:74:16:03:f4:
60:dd:ea:96:fd:00:8c:3c:51:74:ea:db:6e:0d:fd:
f2:1d:c0:c4:9c:ed:c5:c4:19:e4:7d:9e:18:c3:d7:
1b:8b:7d:ea:2c:89:34:cb:54:7e:fa:1d:b0:81:3b:
99:46:ca:a7:c4:e2:36:8f:99:28:a2:cb:17:f2:62:
d1:62:98:d4:31:bc:a6:6d:39:35:1b:d9:99:a6:d8:
86:15:50:0f:9a:fc:4b:03:3b:54:f9:1a:9b:db:14:
fa:9a:3b:54:a2:3e:c6:f0:b1:f0:b5:03:32:38:d7:
e6:f0:1e:4c:84:88:88:b3:79:f8:17:84:c9:04:a9:
98:47:86:06:52:d5:e0:b9:be:4d:3b:80:6c:d3:cb:
fa:4d:48:8d:f4:2e:d5:ef:b5:b5:81:1d:92:1a:77:
66:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A7:BE:0B:33:F0:DF:90:BC:DA:2F:06:48:77:EB:79:69:22:1E:26
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:c7:d9:09:29:fe:7d:07:bf:b5:97:0c:91:be:f8:41:d7:50:
6d:3c:aa:48:17:89:59:85:02:32:08:a5:84:79:2d:e1:24:01:
ed:1b:53:46:8e:aa:26:1f:ef:55:24:13:5d:50:cd:e4:6d:f4:
b0:01:2f:e3:09:40:4a:e9:9e:bb:13:ae:61:83:74:34:db:f2:
c9:59:6f:2b:f8:a4:ed:47:1e:55:26:47:8d:87:a1:60:50:ab:
9d:b8:eb:36:65:6f:06:5f:ae:18:0e:56:5d:41:62:70:e3:27:
e8:1e:22:01:8f:43:e3:0b:be:6f:08:3a:f9:10:55:50:25:ec:
8c:74:ba:d1:29:de:64:a3:f8:ca:d8:bb:b3:4a:93:bf:b9:72:
71:fc:47:1c:06:32:2f:79:54:5b:79:09:86:f9:a7:58:e2:a9:
d8:3b:9f:70:fb:60:81:93:5d:1f:b8:75:4f:96:e2:8d:7e:fa:
ad:81:58:e7:f0:03:b6:25:e3:ed:0d:fb:eb:78:d0:42:94:c6:
13:b2:62:74:37:0a:46:63:12:b2:c7:fc:ef:e4:1c:7c:95:fc:
f3:c4:d4:08:cd:a2:db:2f:32:4e:2b:f1:62:86:a0:d3:b4:4d:
0f:85:b7:0f:27:80:5d:a8:e8:23:36:f3:1a:92:61:d2:bb:95:
db:51:4b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBfg3Kkx56DwGiwM/SoF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUwODIzMTMwMjI5WhcNMjUwODI0MTMwMjI5WjAzMTEwLwYDVQQD
EygyM2E3YmUwYjMzZjBkZjkwYmNkYTJmMDY0ODc3ZWI3OTY5MjIxZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPsy06llQ6X3idZJxfrGxXQdHk1b
qJ/juZDhY1lUmAdLWirN6VDnXmph9iYwHI+VOtdwPwacWNpBhIm0dQzIy0QKDWtD
P5ln1+QEqdRWXtKnFnKxW9ZbssDhbJ6iRw2FZDYJ53QWA/Rg3eqW/QCMPFF06ttu
Df3yHcDEnO3FxBnkfZ4Yw9cbi33qLIk0y1R++h2wgTuZRsqnxOI2j5koossX8mLR
YpjUMbymbTk1G9mZptiGFVAPmvxLAztU+Rqb2xT6mjtUoj7G8LHwtQMyONfm8B5M
hIiIs3n4F4TJBKmYR4YGUtXgub5NO4Bs08v6TUiN9C7V77W1gR2SGndm5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOnvgsz8N+QvNovBkh363lpIh4mMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsfZCSn+
fQe/tZcMkb74QddQbTyqSBeJWYUCMgilhHkt4SQB7RtTRo6qJh/vVSQTXVDN5G30
sAEv4wlASumeuxOuYYN0NNvyyVlvK/ik7UceVSZHjYehYFCrnbjrNmVvBl+uGA5W
XUFicOMn6B4iAY9D4wu+bwg6+RBVUCXsjHS60SneZKP4yti7s0qTv7lycfxHHAYy
L3lUW3kJhvmnWOKp2DufcPtggZNdH7h1T5bijX76rYFY5/ADtiXj7Q3763jQQpTG
E7JidDcKRmMSssf87+QcfJX888TUCM2i2y8yTivxYoag07RND4W3DyeAXajoIzbz
GpJh0ruV21FLCQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:08:30 2025 by rpki-client