Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: GQVMcYvdhtWHtLAhAtA6rgj5dJeYswzi6S83+cn2OG8=
Subject key identifier: 16:CD:E4:26:8E:A0:E9:BC:FB:68:A6:04:1C:E3:E9:53:32:DB:8D:B2
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 0197B6A1CAE4DF0FF40993EBDFFC05C2F00D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 1362
Signing time: Sat 28 Jun 2025 13:02:25 +0000
Manifest this update: Sat 28 Jun 2025 13:02:25 +0000
Manifest next update: Sun 29 Jun 2025 13:02:25 +0000
Files and hashes: 1: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: rsx10TyUwocqHouuyNvSoDG1Uaui/TcQDCTPL4mrn54=)
2: jHj1kA03qC8i8hguuEC8ASnj4XQ.roa (hash: 6J5ezyoc/LI46xWXhW/cUUltYyOZg4CBJG0jaVAl1nQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:a1:ca:e4:df:0f:f4:09:93:eb:df:fc:05:c2:f0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: Jun 28 13:02:25 2025 GMT
Not After : Jun 29 13:02:25 2025 GMT
Subject: CN=16cde4268ea0e9bcfb68a6041ce3e95332db8db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:52:cf:3e:91:ac:83:f2:dd:93:84:06:6a:89:
9e:a2:96:1c:0b:7a:5b:29:95:b9:d9:43:cb:14:72:
ac:80:c6:93:e4:05:69:54:e1:5b:c8:58:b9:96:fa:
94:83:ce:ec:56:51:74:24:dd:6b:f3:fa:25:bd:fc:
3c:b9:e6:2b:5a:6f:5f:90:f4:c3:18:47:f5:47:a5:
b3:3b:e6:5a:2a:7d:37:58:de:d0:d4:a2:37:46:f0:
1b:59:ab:ca:dd:9c:b9:7e:28:4a:d5:d6:5c:37:6e:
61:f0:fe:bf:14:0b:bb:72:25:d3:e9:4f:b0:4f:c5:
d2:c6:d3:61:cf:1d:b8:5b:8e:64:59:cd:ca:29:1b:
7d:81:4f:4e:e3:66:07:7a:5e:53:f9:40:e3:7f:f8:
d9:7a:f9:24:39:9b:83:87:19:9c:9d:70:6f:19:a3:
47:29:7b:1f:14:97:3a:d9:d4:75:bd:db:25:a4:56:
7d:18:84:3e:8e:1e:6d:91:0a:55:88:34:19:9a:11:
1c:8a:ce:2f:88:5a:cc:e0:a4:57:7f:50:4e:a7:be:
2a:3a:db:74:22:7b:15:75:25:17:83:7e:0e:6d:d6:
a5:a9:8c:01:c5:76:93:06:1e:6b:88:a3:52:b6:41:
02:5b:e5:d1:cd:6b:70:4f:06:5d:ed:fe:f0:91:28:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CD:E4:26:8E:A0:E9:BC:FB:68:A6:04:1C:E3:E9:53:32:DB:8D:B2
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:fe:8d:15:7f:18:a6:5e:96:1e:08:e0:93:16:a2:6d:33:4f:
89:41:0d:59:e0:2f:6a:d3:2d:d1:4d:69:6a:0c:d7:c0:ac:9d:
4e:74:c7:32:24:10:69:8b:da:77:60:6f:41:59:43:e1:35:29:
b8:9a:c6:e6:bd:1a:80:3e:9b:7b:89:11:4b:98:2a:87:86:d1:
19:35:27:14:36:2e:ef:47:54:5c:47:c6:6f:ad:f6:6e:75:47:
cf:aa:f4:86:cf:ac:ab:8f:f9:bc:33:86:b7:59:8a:a6:ca:27:
cb:15:09:3f:f0:98:ab:3f:3f:99:99:f3:e4:c4:eb:ad:79:37:
dc:a2:2f:1c:82:6f:13:14:9e:87:1c:44:7b:01:3d:a5:fe:07:
b3:52:22:a8:b2:4d:00:e9:4a:57:9d:dc:24:ef:3b:00:08:2e:
28:d9:aa:4f:79:b4:d1:72:56:d3:cf:cd:6e:af:38:f3:a0:88:
fc:77:43:09:9c:99:c3:9f:fc:78:53:29:35:70:5a:e6:e5:ff:
02:17:95:3b:52:54:f1:d2:7b:01:e6:3d:99:fb:95:d0:1e:48:
d4:d7:fd:05:e2:a7:2f:6a:74:b9:9e:b6:b0:9c:d1:d7:ee:29:
20:11:d5:36:5f:07:c3:96:f5:fd:61:6a:34:8d:c8:c4:46:c1:
26:bb:16:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ocrk3w/0CZPr3/wFwvANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjUwNjI4MTMwMjI1WhcNMjUwNjI5MTMwMjI1WjAzMTEwLwYDVQQD
EygxNmNkZTQyNjhlYTBlOWJjZmI2OGE2MDQxY2UzZTk1MzMyZGI4ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFLPPpGsg/Ldk4QGaomeopYcC3pb
KZW52UPLFHKsgMaT5AVpVOFbyFi5lvqUg87sVlF0JN1r8/olvfw8ueYrWm9fkPTD
GEf1R6WzO+ZaKn03WN7Q1KI3RvAbWavK3Zy5fihK1dZcN25h8P6/FAu7ciXT6U+w
T8XSxtNhzx24W45kWc3KKRt9gU9O42YHel5T+UDjf/jZevkkOZuDhxmcnXBvGaNH
KXsfFJc62dR1vdslpFZ9GIQ+jh5tkQpViDQZmhEcis4viFrM4KRXf1BOp74qOtt0
InsVdSUXg34ObdalqYwBxXaTBh5riKNStkECW+XRzWtwTwZd7f7wkSgpVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbN5CaOoOm8+2imBBzj6VMy242yMB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMf6NFX8Y
pl6WHgjgkxaibTNPiUENWeAvatMt0U1pagzXwKydTnTHMiQQaYvad2BvQVlD4TUp
uJrG5r0agD6be4kRS5gqh4bRGTUnFDYu70dUXEfGb632bnVHz6r0hs+sq4/5vDOG
t1mKpsonyxUJP/CYqz8/mZnz5MTrrXk33KIvHIJvExSehxxEewE9pf4Hs1IiqLJN
AOlKV53cJO87AAguKNmqT3m00XJW08/Nbq8486CI/HdDCZyZw5/8eFMpNXBa5uX/
AheVO1JU8dJ7AeY9mfuV0B5I1Nf9BeKnL2p0uZ62sJzR1+4pIBHVNl8Hw5b1/WFq
NI3IxEbBJrsWvw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:53:44 2025 by rpki-client