Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json)
Hash identifier: rQaLVHX6j88Sf5jQ/XCqVkBB+YbNtNTUTkZFLvfRQ8I=
Subject key identifier: FD:50:55:4D:79:D8:69:85:98:CB:18:BD:41:0B:E3:58:CB:1D:6A:BC
Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Certificate serial: 0199FBEB9A0E241F0D3886653F9F6D612DBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
Manifest number: 1161
Signing time: Sun 19 Oct 2025 10:02:25 +0000
Manifest this update: Sun 19 Oct 2025 10:02:25 +0000
Manifest next update: Mon 20 Oct 2025 10:02:25 +0000
Files and hashes: 1: CJqITen207ZODHzo1XtCMdI_VBo.roa (hash: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=)
2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: RKXAKvShwc6QbjtUhuuWnDn7mRF1vF37l8x6Hd85w4s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:9a:0e:24:1f:0d:38:86:65:3f:9f:6d:61:2d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Validity
Not Before: Oct 19 10:02:25 2025 GMT
Not After : Oct 20 10:02:25 2025 GMT
Subject: CN=fd50554d79d8698598cb18bd410be358cb1d6abc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e1:12:6f:73:32:5b:66:1e:25:d7:0d:17:00:
ec:04:68:0d:13:a6:a2:86:27:4c:14:aa:26:a1:8d:
43:82:0f:12:e9:bd:16:80:71:78:fe:a2:42:61:1d:
a8:f5:26:32:12:ac:36:fb:37:4a:9c:f1:45:87:c8:
13:62:aa:a8:5b:66:5e:a1:86:41:88:30:b7:83:83:
1e:87:0f:28:df:b3:4a:fd:f1:fc:6b:a1:0a:e5:8c:
c6:24:f1:c1:33:ac:93:9d:5a:f9:e2:18:2e:c1:c7:
5d:f5:c9:b0:61:fb:b0:58:4a:7a:df:75:53:57:de:
cc:68:42:0a:8f:b9:b1:ae:57:3e:ec:dd:1c:d2:cf:
48:d9:e7:d6:15:46:3d:d5:5b:f9:cb:8e:4d:51:f5:
88:29:39:b3:b8:6f:a0:92:e8:c4:1d:7c:f3:68:0d:
e5:fb:36:95:2f:32:fb:36:0c:9e:15:c2:58:8f:b4:
45:37:68:48:d0:d4:50:71:e0:fe:60:10:24:3a:6e:
63:ce:9a:6d:cd:f8:37:d7:e0:3e:e1:ca:18:f7:bd:
8e:6a:ae:e8:65:00:95:66:b5:c1:4a:4e:5b:5c:c2:
36:8a:eb:e7:21:e7:9a:b6:9d:2a:f1:59:5e:fd:f9:
18:43:3a:0f:63:0b:bc:68:c5:68:58:1b:fc:c2:73:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:50:55:4D:79:D8:69:85:98:CB:18:BD:41:0B:E3:58:CB:1D:6A:BC
X509v3 Authority Key Identifier:
keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:32:25:5f:8d:95:ad:d8:8a:e0:48:98:4c:3b:77:62:08:42:
a6:7f:d5:d3:8e:5f:e2:e1:21:f6:6a:c6:cc:0f:05:40:d3:1a:
68:2a:6b:66:72:38:14:93:fa:b3:6b:57:79:7e:c1:a2:43:ec:
5e:b3:e3:30:c0:b3:e0:47:50:27:44:73:0d:a8:f3:e9:ba:8f:
56:1e:64:61:cd:fc:c2:e9:0b:2b:37:5f:5b:89:f0:70:e1:ad:
fc:fb:c1:ad:ab:23:16:cb:85:97:f3:fd:86:a0:77:01:a4:58:
dc:9b:7d:93:5f:77:28:e6:77:22:2a:ce:23:8b:a3:45:2a:fc:
52:e5:e0:a3:c3:0c:25:ad:6a:82:ce:9a:83:5b:85:ae:4e:0d:
da:70:06:b9:86:32:a3:df:fe:0e:6c:43:fc:ba:e8:2a:e0:91:
1b:8d:99:5e:86:f6:0d:eb:98:47:8b:ec:dc:2a:0f:60:3d:19:
12:15:95:82:a2:04:28:71:6e:94:c5:7a:ea:ca:79:73:f8:49:
90:f5:88:bb:6f:e9:ee:87:de:16:48:6f:ea:92:41:51:98:43:
1e:32:4c:ae:ea:cb:7d:44:50:71:dc:bd:cb:de:81:10:8a:f3:
ae:9f:f4:0d:e4:a1:30:06:db:0d:d4:c3:a0:54:0f:e2:82:19:
17:d7:e7:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765oOJB8NOIZlP59tYS27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh
YmNiYTgwHhcNMjUxMDE5MTAwMjI1WhcNMjUxMDIwMTAwMjI1WjAzMTEwLwYDVQQD
EyhmZDUwNTU0ZDc5ZDg2OTg1OThjYjE4YmQ0MTBiZTM1OGNiMWQ2YWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uESb3MyW2YeJdcNFwDsBGgNE6ai
hidMFKomoY1Dgg8S6b0WgHF4/qJCYR2o9SYyEqw2+zdKnPFFh8gTYqqoW2ZeoYZB
iDC3g4Mehw8o37NK/fH8a6EK5YzGJPHBM6yTnVr54hguwcdd9cmwYfuwWEp633VT
V97MaEIKj7mxrlc+7N0c0s9I2efWFUY91Vv5y45NUfWIKTmzuG+gkujEHXzzaA3l
+zaVLzL7NgyeFcJYj7RFN2hI0NRQceD+YBAkOm5jzpptzfg31+A+4coY972Oaq7o
ZQCVZrXBSk5bXMI2iuvnIeeatp0q8Vle/fkYQzoPYwu8aMVoWBv8wnOKvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1QVU152GmFmMsYvUEL41jLHWq8MB8GA1UdIwQY
MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt
NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy
LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDIlX42V
rdiK4EiYTDt3YghCpn/V045f4uEh9mrGzA8FQNMaaCprZnI4FJP6s2tXeX7BokPs
XrPjMMCz4EdQJ0RzDajz6bqPVh5kYc38wukLKzdfW4nwcOGt/PvBrasjFsuFl/P9
hqB3AaRY3Jt9k193KOZ3IirOI4ujRSr8UuXgo8MMJa1qgs6ag1uFrk4N2nAGuYYy
o9/+DmxD/LroKuCRG42ZXob2DeuYR4vs3CoPYD0ZEhWVgqIEKHFulMV66sp5c/hJ
kPWIu2/p7ofeFkhv6pJBUZhDHjJMrurLfURQcdy9y96BEIrzrp/0DeShMAbbDdTD
oFQP4oIZF9fnXw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:56:44 2025 by rpki-client