Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: tYGhucdU7I4GV2tfZti07YVRApiMXFMKFinRIjJmsR8=
Subject key identifier: E4:06:57:6B:A4:4E:FC:03:62:E9:29:52:47:27:D7:15:B3:B2:2E:A3
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 019A4EF521A930AB97A261A4B98FB0BD67BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 1293
Signing time: Tue 04 Nov 2025 13:01:19 +0000
Manifest this update: Tue 04 Nov 2025 13:01:19 +0000
Manifest next update: Wed 05 Nov 2025 13:01:19 +0000
Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: fY9R45J1PHem/zPuRc1vEIGd988laj+BDogEZf2eEfI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:21:a9:30:ab:97:a2:61:a4:b9:8f:b0:bd:67:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Nov 4 13:01:19 2025 GMT
Not After : Nov 5 13:01:19 2025 GMT
Subject: CN=e406576ba44efc0362e929524727d715b3b22ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6a:3d:60:1f:1a:04:21:23:e6:f0:f7:e2:70:
33:bd:ad:2a:23:91:0f:b7:46:ef:56:66:a7:64:8d:
0e:f5:6d:55:46:0d:16:5b:bb:54:e7:30:cb:17:77:
cc:36:92:bf:63:c9:99:cd:22:8c:2c:e2:6d:46:cd:
e1:fc:79:b1:16:ab:5e:af:f6:19:b5:bb:d9:fc:ee:
92:d8:7e:0e:69:de:34:3b:e7:5e:16:97:69:3a:07:
a5:6e:02:c2:3a:fe:b3:6e:04:8e:48:b4:38:97:d1:
0d:ca:51:bd:9f:e4:60:84:5d:d9:20:32:aa:72:fe:
82:7c:54:e2:b0:ba:a9:dd:88:ee:40:9e:27:bd:3a:
8f:f3:44:94:0f:be:9f:76:2c:8f:23:cc:42:bf:79:
d5:52:74:e4:57:fb:1b:89:b4:0e:a9:2b:75:70:9e:
ce:c9:72:a7:9b:7a:fa:f6:7a:a8:58:18:95:83:b0:
b9:51:ac:21:13:18:48:7c:23:dd:4c:78:b4:03:01:
ed:0f:96:e5:e2:5e:f3:7b:2b:14:bf:21:7a:e4:ed:
aa:5c:f1:f0:f6:fb:fa:b2:ef:f1:d7:da:07:b1:9f:
ce:18:bf:77:6e:a7:5b:99:02:fe:14:94:b1:1f:18:
b8:b2:88:71:46:f9:c5:12:bb:03:d2:47:7b:b4:43:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:06:57:6B:A4:4E:FC:03:62:E9:29:52:47:27:D7:15:B3:B2:2E:A3
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:f7:f0:ea:a6:08:37:75:d2:e7:1c:94:b2:ed:7a:6d:f2:a3:
5e:08:70:d5:c4:4c:02:fe:67:04:7d:b6:58:39:81:03:c0:80:
b1:7e:2f:4a:35:30:34:e0:80:b5:17:e7:c7:88:26:0c:45:06:
71:20:85:1d:16:ed:80:d4:a5:27:b8:83:33:1b:4d:07:99:bf:
9f:ee:80:7f:8f:72:64:52:74:00:2c:ad:6c:12:74:70:ff:6c:
e7:d3:50:32:dc:26:9d:a4:9c:c8:ee:d0:a8:19:96:46:53:e4:
87:40:c5:ee:33:47:8c:e5:d6:7b:0e:bd:0f:c8:ad:8f:9c:77:
ea:ba:2c:21:86:dc:3c:69:72:d2:bd:08:7a:2e:6f:5d:3f:53:
26:2f:73:27:2f:2f:c0:d6:ac:15:78:2f:cc:b6:3f:46:e2:90:
a7:c1:e7:f6:fd:37:7d:80:28:11:c2:00:2e:bc:47:77:d6:c9:
61:39:04:27:c1:32:ce:6f:a7:42:e9:3e:70:5c:14:95:22:fe:
05:25:8f:96:56:78:44:01:1d:cd:a1:74:8b:17:83:fe:6d:56:
4d:d4:22:1e:26:32:78:a9:e0:cb:0d:34:e3:9c:1e:d8:77:cf:
26:80:bc:0c:2b:e9:e8:de:c6:5f:ce:42:58:5e:15:be:cb:15:
0e:2e:14:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9SGpMKuXomGkuY+wvWe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUxMTA0MTMwMTE5WhcNMjUxMTA1MTMwMTE5WjAzMTEwLwYDVQQD
EyhlNDA2NTc2YmE0NGVmYzAzNjJlOTI5NTI0NzI3ZDcxNWIzYjIyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mo9YB8aBCEj5vD34nAzva0qI5EP
t0bvVmanZI0O9W1VRg0WW7tU5zDLF3fMNpK/Y8mZzSKMLOJtRs3h/HmxFqter/YZ
tbvZ/O6S2H4Oad40O+deFpdpOgelbgLCOv6zbgSOSLQ4l9ENylG9n+RghF3ZIDKq
cv6CfFTisLqp3YjuQJ4nvTqP80SUD76fdiyPI8xCv3nVUnTkV/sbibQOqSt1cJ7O
yXKnm3r69nqoWBiVg7C5UawhExhIfCPdTHi0AwHtD5bl4l7zeysUvyF65O2qXPHw
9vv6su/x19oHsZ/OGL93bqdbmQL+FJSxHxi4sohxRvnFErsD0kd7tENChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQGV2ukTvwDYukpUkcn1xWzsi6jMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPfw6qYI
N3XS5xyUsu16bfKjXghw1cRMAv5nBH22WDmBA8CAsX4vSjUwNOCAtRfnx4gmDEUG
cSCFHRbtgNSlJ7iDMxtNB5m/n+6Af49yZFJ0ACytbBJ0cP9s59NQMtwmnaScyO7Q
qBmWRlPkh0DF7jNHjOXWew69D8itj5x36rosIYbcPGly0r0Iei5vXT9TJi9zJy8v
wNasFXgvzLY/RuKQp8Hn9v03fYAoEcIALrxHd9bJYTkEJ8Eyzm+nQuk+cFwUlSL+
BSWPllZ4RAEdzaF0ixeD/m1WTdQiHiYyeKngyw0045we2HfPJoC8DCvp6N7GX85C
WF4VvssVDi4UIg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:22:23 2025 by rpki-client