Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
File: HKrZOQiq2NJG62n35mqnDeW9Whc.mft (raw, json)
Hash identifier: qR9XL52/mxr0k7mys+jlcqe0dqS0MKvCVNlfE+Dd7zc=
Subject key identifier: 88:3E:9B:23:52:91:85:ED:74:FE:48:8C:DF:D4:73:AC:D6:7D:12:0E
Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Certificate serial: 0198D4A7CBE304F4B670566B9FCA43A62ACC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
Manifest number: 0D2E
Signing time: Sat 23 Aug 2025 02:00:23 +0000
Manifest this update: Sat 23 Aug 2025 02:00:23 +0000
Manifest next update: Sun 24 Aug 2025 02:00:23 +0000
Files and hashes: 1: HKrZOQiq2NJG62n35mqnDeW9Whc.crl (hash: ysRU3GsnksR8z+kh9zMyhghOo2yu8D5vbcDNxY6U5lg=)
2: ackszuiJCTUVf3NL6BGlMWZR6mU.roa (hash: eS/ev9znkjBG3HaRk+tKGqjX3/CUPsNsHqj4Rs2K9+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:cb:e3:04:f4:b6:70:56:6b:9f:ca:43:a6:2a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Validity
Not Before: Aug 23 02:00:23 2025 GMT
Not After : Aug 24 02:00:23 2025 GMT
Subject: CN=883e9b23529185ed74fe488cdfd473acd67d120e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:f1:8b:0e:b3:90:a1:c0:52:24:41:6d:59:
5f:da:c2:75:8e:22:e3:94:39:00:b9:0d:bf:61:bb:
8e:cd:4d:03:5c:c4:09:29:2d:4f:12:36:67:ab:48:
07:73:17:22:5f:2a:11:c1:02:12:4d:be:04:81:ed:
f6:9c:46:3f:87:ae:07:44:f0:23:1c:eb:8f:9a:27:
8f:66:58:75:93:25:61:38:bc:03:2a:c0:48:55:08:
e1:be:b0:c3:36:8e:50:4b:4f:c7:63:49:55:9a:1f:
f0:fe:59:bd:a0:52:2f:80:44:ef:05:3d:9c:cd:2c:
14:b1:af:62:18:d6:63:c7:9b:50:0e:15:82:58:eb:
b2:f4:6c:4f:6f:37:4b:d9:5a:1c:e3:a2:8b:05:1e:
64:e2:b0:b3:71:22:5d:e3:ca:7c:53:b6:ad:d3:0b:
7d:57:76:90:82:5a:a0:d8:63:bd:73:66:7b:5d:55:
fa:19:46:b4:89:d7:f9:96:18:28:e1:a8:95:4d:5f:
3f:a6:e8:45:3e:c8:8a:b6:ed:3d:91:d4:4f:6e:f7:
1f:ee:75:79:df:06:4e:6b:dc:a5:a9:f8:ed:4a:75:
58:c6:43:f3:49:a1:88:ae:a2:98:72:44:ac:6e:95:
1e:b3:ed:49:69:cf:c7:ef:e5:0d:42:d3:d6:bf:7b:
ad:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3E:9B:23:52:91:85:ED:74:FE:48:8C:DF:D4:73:AC:D6:7D:12:0E
X509v3 Authority Key Identifier:
keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:c9:32:58:dc:dc:a3:28:22:47:e4:37:23:13:12:c0:37:65:
83:ab:ae:7e:a3:bc:42:70:75:93:5d:46:82:ae:55:20:2a:2d:
bb:7b:5c:05:1e:97:86:33:e6:e7:d1:dd:e3:66:9e:ee:ad:30:
8f:39:84:0d:e1:81:31:92:94:2a:35:fd:7b:dd:99:f4:1e:b9:
c4:b1:d7:85:cc:85:e8:da:90:af:69:ee:17:a4:b9:04:96:4e:
fe:92:ab:0d:77:f1:ca:35:21:6b:18:79:dd:2b:87:e8:31:a1:
e9:8d:c1:2e:6d:e4:63:f9:97:a3:7b:aa:f0:63:11:ff:97:7d:
04:b2:23:a5:e2:6b:3e:61:42:73:82:82:1f:1e:27:d4:d6:28:
3b:b9:15:4b:8f:09:07:bd:6d:04:22:40:eb:a1:8f:f0:33:6f:
09:25:46:cd:1b:f7:9b:7d:99:9f:05:5e:41:c9:74:86:94:e2:
d4:7c:cf:1a:d2:17:f2:08:a8:87:99:04:70:79:5b:eb:8e:b8:
62:1d:31:61:9e:b2:9d:29:a3:f9:02:59:7d:78:f6:4d:1f:d0:
37:a2:64:98:4d:72:04:c5:0e:5a:8f:3d:f5:c4:c7:aa:82:d5:
21:f1:0a:35:58:b5:cf:9b:a8:66:8d:bd:45:91:f7:c0:af:97:
da:43:9d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp8vjBPS2cFZrn8pDpirMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTVi
ZDVhMTcwHhcNMjUwODIzMDIwMDIzWhcNMjUwODI0MDIwMDIzWjAzMTEwLwYDVQQD
Eyg4ODNlOWIyMzUyOTE4NWVkNzRmZTQ4OGNkZmQ0NzNhY2Q2N2QxMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBvxiw6zkKHAUiRBbVlf2sJ1jiLj
lDkAuQ2/YbuOzU0DXMQJKS1PEjZnq0gHcxciXyoRwQISTb4Ege32nEY/h64HRPAj
HOuPmiePZlh1kyVhOLwDKsBIVQjhvrDDNo5QS0/HY0lVmh/w/lm9oFIvgETvBT2c
zSwUsa9iGNZjx5tQDhWCWOuy9GxPbzdL2Voc46KLBR5k4rCzcSJd48p8U7at0wt9
V3aQglqg2GO9c2Z7XVX6GUa0idf5lhgo4aiVTV8/puhFPsiKtu09kdRPbvcf7nV5
3wZOa9ylqfjtSnVYxkPzSaGIrqKYckSsbpUes+1Jac/H7+UNQtPWv3utqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIg+myNSkYXtdP5IjN/Uc6zWfRIOMB8GA1UdIwQY
MBaAFByq2TkIqtjSRutp9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMt
YTc5OGJkYzczMTFmLzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFm
LzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8kyWNzc
oygiR+Q3IxMSwDdlg6uufqO8QnB1k11Ggq5VICotu3tcBR6XhjPm59Hd42ae7q0w
jzmEDeGBMZKUKjX9e92Z9B65xLHXhcyF6NqQr2nuF6S5BJZO/pKrDXfxyjUhaxh5
3SuH6DGh6Y3BLm3kY/mXo3uq8GMR/5d9BLIjpeJrPmFCc4KCHx4n1NYoO7kVS48J
B71tBCJA66GP8DNvCSVGzRv3m32ZnwVeQcl0hpTi1HzPGtIX8gioh5kEcHlb6464
Yh0xYZ6ynSmj+QJZfXj2TR/QN6JkmE1yBMUOWo899cTHqoLVIfEKNVi1z5uoZo29
RZH3wK+X2kOdpg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:35:10 2025 by rpki-client