Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json)
Hash identifier: 0oqKGNRfSsYhCHqmgdRNDyw7ulQtbvMT92d15Prmu+8=
Subject key identifier: F5:78:71:30:96:59:CE:4F:E7:26:51:10:D5:44:6C:C6:A0:D3:4C:0D
Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Certificate serial: 019A02228991DFF531500C5C54326D869EBA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
Manifest number: 028E
Signing time: Mon 20 Oct 2025 15:00:09 +0000
Manifest this update: Mon 20 Oct 2025 15:00:09 +0000
Manifest next update: Tue 21 Oct 2025 15:00:09 +0000
Files and hashes: 1: cllA8kNp-t480y7IfyyWuiklziY.roa (hash: 5bq8pPC98WVuN+UCw7i3OOCXOObrhETW5cCP805rEU4=)
2: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: +s8a2HhsGXCG86KIi0wx5f+DQIJHwQchtAuyRr4avAU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:22:89:91:df:f5:31:50:0c:5c:54:32:6d:86:9e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Validity
Not Before: Oct 20 15:00:09 2025 GMT
Not After : Oct 21 15:00:09 2025 GMT
Subject: CN=f57871309659ce4fe7265110d5446cc6a0d34c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:b6:99:80:83:63:45:e6:ad:72:65:86:2b:
c3:b1:a9:40:0b:02:c1:32:5f:93:93:2f:32:25:67:
32:5a:70:d5:fd:a3:a8:16:05:fe:fd:86:20:ed:4f:
27:41:c0:4c:38:cf:46:c1:2a:55:02:6f:12:2b:c0:
71:6a:9e:98:cd:31:0a:14:89:cd:ff:c3:ef:c3:a7:
bf:66:17:65:98:12:03:ae:9f:1f:69:f3:41:de:48:
5e:f6:f1:37:45:d5:9a:19:c8:4d:05:53:e4:d3:51:
0a:b8:b7:39:c1:c0:7a:52:87:5b:ed:7d:d1:0d:15:
10:e9:f8:db:54:0a:19:3f:ad:13:6e:6f:c3:6e:08:
a9:11:9b:de:93:62:b3:ac:e5:05:de:82:99:1a:46:
22:58:f9:3c:9f:56:df:72:e9:45:77:d2:0b:d6:5b:
0d:97:69:5d:82:c4:97:f4:f1:ba:f1:4a:a5:3b:ec:
cc:b6:c9:f3:7f:8b:54:e2:b4:ae:5b:b5:d7:e1:ba:
40:b7:be:8b:09:e7:24:e5:77:ea:ab:53:b7:04:24:
4e:82:71:61:80:b0:12:f4:fd:a1:8d:02:1c:e0:77:
6d:e4:73:30:b7:55:51:f2:f6:fa:0c:ee:38:2e:10:
80:4f:2f:07:ed:16:1a:5a:4d:55:63:00:05:d3:fb:
38:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:78:71:30:96:59:CE:4F:E7:26:51:10:D5:44:6C:C6:A0:D3:4C:0D
X509v3 Authority Key Identifier:
keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:a7:78:73:61:57:9e:c1:b1:0a:e2:04:55:8e:86:95:38:ea:
8b:c0:ca:c0:95:6c:c6:43:57:51:8d:1e:55:5f:e6:e5:bb:d8:
61:06:a9:69:8f:48:a4:79:11:73:fa:3e:7a:87:93:91:2e:7f:
5a:96:7f:fb:ba:0f:3a:15:5b:e5:9f:23:ae:94:b5:2d:af:72:
fc:65:bd:5b:5c:f6:28:ee:0b:d8:93:a4:de:65:12:7a:d0:a4:
ac:4d:59:69:3a:55:2a:5c:a8:81:da:c1:72:31:86:74:fe:5b:
8c:b1:16:1c:d0:45:e4:80:ae:78:a6:dc:81:71:81:d5:23:d8:
93:1f:c0:36:b1:b2:47:55:d1:aa:ba:16:f1:82:1c:fe:c6:8f:
f6:de:f5:3d:54:73:18:43:c8:72:1d:4e:52:0d:41:9c:69:16:
65:4f:1f:fc:75:ec:24:d4:e8:1a:68:c4:8f:60:35:8a:cd:2c:
66:2d:25:fe:f2:f3:ab:61:4c:06:e4:19:31:d3:9c:9d:e1:54:
ef:04:de:d5:5e:70:e2:17:4c:49:b8:b4:46:65:14:aa:d7:19:
f9:08:fa:f6:a8:39:52:30:97:b7:ff:57:c7:2b:6a:57:28:b2:
1d:5e:5c:4f:5c:a5:b4:29:fe:ba:3f:2d:1d:d8:13:da:6b:6f:
de:e0:39:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIomR3/UxUAxcVDJthp66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0
YTM3ZDgwHhcNMjUxMDIwMTUwMDA5WhcNMjUxMDIxMTUwMDA5WjAzMTEwLwYDVQQD
EyhmNTc4NzEzMDk2NTljZTRmZTcyNjUxMTBkNTQ0NmNjNmEwZDM0YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfa2mYCDY0XmrXJlhivDsalACwLB
Ml+Tky8yJWcyWnDV/aOoFgX+/YYg7U8nQcBMOM9GwSpVAm8SK8Bxap6YzTEKFInN
/8Pvw6e/ZhdlmBIDrp8fafNB3khe9vE3RdWaGchNBVPk01EKuLc5wcB6Uodb7X3R
DRUQ6fjbVAoZP60Tbm/DbgipEZvek2KzrOUF3oKZGkYiWPk8n1bfculFd9IL1lsN
l2ldgsSX9PG68UqlO+zMtsnzf4tU4rSuW7XX4bpAt76LCeck5Xfqq1O3BCROgnFh
gLAS9P2hjQIc4Hdt5HMwt1VR8vb6DO44LhCATy8H7RYaWk1VYwAF0/s4VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPV4cTCWWc5P5yZRENVEbMag00wNMB8GA1UdIwQY
MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt
ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj
LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqd4c2FX
nsGxCuIEVY6GlTjqi8DKwJVsxkNXUY0eVV/m5bvYYQapaY9IpHkRc/o+eoeTkS5/
WpZ/+7oPOhVb5Z8jrpS1La9y/GW9W1z2KO4L2JOk3mUSetCkrE1ZaTpVKlyogdrB
cjGGdP5bjLEWHNBF5ICueKbcgXGB1SPYkx/ANrGyR1XRqroW8YIc/saP9t71PVRz
GEPIch1OUg1BnGkWZU8f/HXsJNToGmjEj2A1is0sZi0l/vLzq2FMBuQZMdOcneFU
7wTe1V5w4hdMSbi0RmUUqtcZ+Qj69qg5UjCXt/9XxytqVyiyHV5cT1yltCn+uj8t
HdgT2mtv3uA58A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:19:17 2025 by rpki-client