
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: 6unfQMCHcj7drDkk+OgTpUp/hAqmq95MSiCLE3a2Mkg=
Subject key identifier: AA:43:69:CC:31:56:29:D8:D6:B1:86:9E:09:C2:E9:55:E5:E1:80:6C
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 01988B101EC6AA2437AE9A905527BAF87C47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 11A9
Signing time: Fri 08 Aug 2025 19:02:26 +0000
Manifest this update: Fri 08 Aug 2025 19:02:26 +0000
Manifest next update: Sat 09 Aug 2025 19:02:26 +0000
Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: 0EfJ0ZX/5kBevuWYek/LDWq45y1c87f4yxe1NJdLVIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 19:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:10:1e:c6:aa:24:37:ae:9a:90:55:27:ba:f8:7c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Aug 8 19:02:26 2025 GMT
Not After : Aug 9 19:02:26 2025 GMT
Subject: CN=aa4369cc315629d8d6b1869e09c2e955e5e1806c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:80:48:79:48:ad:b0:ec:3a:a6:ce:f4:63:
dc:2b:6a:bd:bb:1c:61:77:b8:db:a8:67:a6:fd:c2:
cc:dc:6d:7f:6f:f5:26:aa:96:f4:87:d5:2e:f8:81:
6f:71:04:d5:7f:fa:3d:76:95:f4:8d:69:49:b9:11:
ad:4c:3c:2e:c3:8e:d6:59:bf:48:98:df:f7:63:c6:
60:35:f2:14:35:88:1e:b0:be:ac:91:61:5a:8a:35:
3d:1e:a9:43:f7:49:38:47:60:af:b9:b8:26:f8:80:
9b:3f:07:6d:74:62:9a:90:a4:f1:7c:85:43:83:5c:
79:de:81:f7:5c:fd:02:4b:8a:5b:d8:d6:0d:16:a7:
51:cd:fc:ee:cd:c4:9a:3a:09:02:ee:a5:54:eb:2b:
4b:f3:39:1b:cf:39:ad:e2:b3:55:cc:2a:75:35:26:
4f:cd:4b:da:2a:9a:a0:08:c5:c8:26:f7:b9:60:2c:
59:b3:32:01:73:4d:a1:02:d8:7a:61:a3:b6:c6:b9:
97:3c:f4:af:51:df:4f:17:99:0b:c4:e9:87:c5:15:
b5:c6:79:89:a0:84:40:fa:66:94:d1:03:0c:ba:bd:
5a:4a:ec:c2:3d:bf:26:55:2c:8c:c8:87:9c:b3:d8:
41:fe:a7:da:08:35:d0:c6:64:72:fd:be:89:ed:65:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:43:69:CC:31:56:29:D8:D6:B1:86:9E:09:C2:E9:55:E5:E1:80:6C
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:1b:73:d7:cf:7d:4a:c8:ae:06:48:c9:d7:c8:a6:89:27:e1:
fd:c9:c3:10:19:48:7f:9b:e8:0c:8b:ef:00:2d:51:40:a5:9c:
2c:40:c6:ee:81:6f:cc:91:4c:38:6c:1f:a4:6c:ee:c8:25:b9:
86:6e:54:7f:a7:d4:69:a6:f7:12:fa:bf:3c:4a:8c:d0:cd:8c:
b9:24:11:43:0e:95:63:de:e9:0b:ae:8d:0c:ab:8a:04:0f:95:
30:86:a4:9c:b3:ce:c8:a2:91:b1:95:7f:d3:d9:77:e5:c8:8e:
2a:10:a2:11:b2:ee:12:f2:69:2a:d1:fd:44:2b:ee:06:42:f2:
b5:67:3d:22:26:7e:a9:56:2a:61:32:bd:9d:d7:31:f9:d7:17:
bd:e6:02:4b:70:ea:5e:ac:41:23:73:6a:06:f0:b9:85:fd:41:
32:f9:10:4c:aa:e1:6e:7c:f5:19:38:d5:84:01:fa:9d:78:72:
8e:f8:df:2d:88:3e:85:17:2d:eb:62:c4:a2:7a:34:af:95:c9:
39:16:64:40:17:8a:15:ec:27:a9:3b:a8:9c:e3:5e:de:49:01:
a9:9d:be:84:0b:b7:d4:d9:65:0c:7b:b3:ac:46:4f:cd:67:11:
40:ce:40:49:0a:14:e4:48:23:c6:93:33:a5:7e:61:70:74:ec:
3b:d1:2f:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEB7GqiQ3rpqQVSe6+HxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUwODA4MTkwMjI2WhcNMjUwODA5MTkwMjI2WjAzMTEwLwYDVQQD
EyhhYTQzNjljYzMxNTYyOWQ4ZDZiMTg2OWUwOWMyZTk1NWU1ZTE4MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu+ASHlIrbDsOqbO9GPcK2q9uxxh
d7jbqGem/cLM3G1/b/Umqpb0h9Uu+IFvcQTVf/o9dpX0jWlJuRGtTDwuw47WWb9I
mN/3Y8ZgNfIUNYgesL6skWFaijU9HqlD90k4R2Cvubgm+ICbPwdtdGKakKTxfIVD
g1x53oH3XP0CS4pb2NYNFqdRzfzuzcSaOgkC7qVU6ytL8zkbzzmt4rNVzCp1NSZP
zUvaKpqgCMXIJve5YCxZszIBc02hAth6YaO2xrmXPPSvUd9PF5kLxOmHxRW1xnmJ
oIRA+maU0QMMur1aSuzCPb8mVSyMyIecs9hB/qfaCDXQxmRy/b6J7WUzCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpDacwxVinY1rGGngnC6VXl4YBsMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRtz1899
SsiuBkjJ18imiSfh/cnDEBlIf5voDIvvAC1RQKWcLEDG7oFvzJFMOGwfpGzuyCW5
hm5Uf6fUaab3Evq/PEqM0M2MuSQRQw6VY97pC66NDKuKBA+VMIaknLPOyKKRsZV/
09l35ciOKhCiEbLuEvJpKtH9RCvuBkLytWc9IiZ+qVYqYTK9ndcx+dcXveYCS3Dq
XqxBI3NqBvC5hf1BMvkQTKrhbnz1GTjVhAH6nXhyjvjfLYg+hRct62LEono0r5XJ
ORZkQBeKFewnqTuonONe3kkBqZ2+hAu31NllDHuzrEZPzWcRQM5ASQoU5EgjxpMz
pX5hcHTsO9EvUA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:12 2025 by rpki-client