Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
File: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft (raw, json)
Hash identifier: KiHNGR3x1eANWHhtC0WLzW7q8eZ6fMVV2R8Sg4mbPQU=
Subject key identifier: E6:74:CD:FA:83:F7:A2:8A:D0:DA:16:FF:9A:9C:B8:0C:7E:77:DF:A9
Authority key identifier: 1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
Certificate issuer: /CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Certificate serial: 019A4E867B83B6D3F9869A14F1FBE78789E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
Manifest number: 0C2E
Signing time: Tue 04 Nov 2025 11:00:27 +0000
Manifest this update: Tue 04 Nov 2025 11:00:27 +0000
Manifest next update: Wed 05 Nov 2025 11:00:27 +0000
Files and hashes: 1: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl (hash: XpcI4DDuaA30WpbHI9S2aZ1n8Uy/KxhBhjK6Xt1XkJU=)
2: cnFeqHBw9aaza2RenBeNwJKndxs.roa (hash: kjgI4uTxYMi7MCfdj3M5XWKqSFRmZG0IxbqIvN1jC7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:7b:83:b6:d3:f9:86:9a:14:f1:fb:e7:87:89:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Validity
Not Before: Nov 4 11:00:27 2025 GMT
Not After : Nov 5 11:00:27 2025 GMT
Subject: CN=e674cdfa83f7a28ad0da16ff9a9cb80c7e77dfa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:ae:a3:4f:40:ab:c7:7b:bd:a1:52:41:b0:
a1:30:d5:cb:9c:d9:8f:ef:7a:63:d9:eb:85:9e:c4:
6e:25:05:a9:57:b8:58:19:8b:7a:4c:50:d1:e8:1c:
65:c0:5b:9a:23:34:0b:68:c5:ba:00:6b:1d:84:50:
29:24:32:0f:23:9a:c8:cf:c5:82:c5:66:3a:01:65:
cd:ed:97:0c:23:5b:c1:d0:65:10:e1:f5:31:ca:63:
e9:44:6e:bb:a9:9a:fc:df:70:6a:e8:6e:b9:56:65:
30:a2:5b:27:22:ca:41:07:f7:8a:a3:e2:f2:35:f7:
a3:ba:e8:72:28:58:58:a1:ff:89:58:55:6a:96:73:
0e:57:2c:9a:d2:b1:f5:6d:eb:e2:cd:e4:24:d2:60:
a9:69:25:96:9b:e0:37:06:e0:84:11:ea:dd:e1:74:
ed:4a:8c:1a:ae:5b:75:fa:5b:f2:8d:ec:f6:e1:77:
03:b5:cd:ed:38:a7:a7:9b:da:fe:e2:80:1b:21:6a:
36:28:62:fa:32:a5:43:70:a0:aa:45:ac:ae:19:57:
66:19:7b:84:61:5c:f2:37:b7:40:07:a6:55:7d:aa:
9f:71:4b:f2:0a:54:31:33:9c:2c:fa:df:1b:38:96:
2c:84:01:ca:8f:a9:cf:f9:06:95:95:41:e8:03:a3:
ba:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:74:CD:FA:83:F7:A2:8A:D0:DA:16:FF:9A:9C:B8:0C:7E:77:DF:A9
X509v3 Authority Key Identifier:
keyid:1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:e8:30:aa:9f:bb:86:73:cd:90:b2:1e:7d:b1:44:07:a0:fd:
8b:fd:2a:c6:9d:3e:5f:4a:ac:a0:5f:f4:9d:4e:55:8a:62:58:
b9:c7:b6:2e:82:cc:5f:58:1e:a7:27:20:9f:8c:ce:1b:39:18:
4b:a5:09:11:96:79:6b:46:a4:74:b5:ad:e7:62:63:62:5b:3d:
f8:f0:1a:44:b7:a1:fb:95:e0:4a:2d:62:70:7c:88:ae:d3:88:
b4:a6:41:9a:ea:b8:b6:c7:fd:1e:0c:db:76:af:b9:28:6b:19:
27:a1:9e:97:74:03:21:87:d6:1d:4f:79:82:19:b0:75:ae:7c:
4a:dd:ac:e2:bb:8c:1c:2c:01:da:80:ef:76:fc:f1:e1:f9:bb:
bc:35:35:85:17:16:15:4f:90:e4:69:ce:f0:97:4e:4b:85:ed:
3f:59:47:c2:94:36:0d:cf:f9:ba:c8:7e:82:fd:af:3a:42:ef:
5c:5a:59:b2:d7:7f:8e:4a:4b:c8:35:18:9a:7c:55:31:24:b3:
24:6c:d9:ac:9f:86:30:0b:c2:f7:fc:54:61:08:4a:02:26:72:
cd:12:25:3d:89:1e:3e:1d:d1:e9:0c:c2:80:cd:08:22:31:5f:
a7:52:1c:64:71:a4:56:08:60:14:f8:66:ff:25:f2:55:6b:7a:
5a:34:67:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhnuDttP5hpoU8fvnh4nmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDI2MDQwNmU4MzdhZTM4MzgwZmNjOGQ5OTJiOTNkMGRl
MWE4M2IwHhcNMjUxMTA0MTEwMDI3WhcNMjUxMTA1MTEwMDI3WjAzMTEwLwYDVQQD
EyhlNjc0Y2RmYTgzZjdhMjhhZDBkYTE2ZmY5YTljYjgwYzdlNzdkZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMiuo09Aq8d7vaFSQbChMNXLnNmP
73pj2euFnsRuJQWpV7hYGYt6TFDR6BxlwFuaIzQLaMW6AGsdhFApJDIPI5rIz8WC
xWY6AWXN7ZcMI1vB0GUQ4fUxymPpRG67qZr833Bq6G65VmUwolsnIspBB/eKo+Ly
NfejuuhyKFhYof+JWFVqlnMOVyya0rH1bevizeQk0mCpaSWWm+A3BuCEEerd4XTt
Sowarlt1+lvyjez24XcDtc3tOKenm9r+4oAbIWo2KGL6MqVDcKCqRayuGVdmGXuE
YVzyN7dAB6ZVfaqfcUvyClQxM5ws+t8bOJYshAHKj6nP+QaVlUHoA6O6awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZ0zfqD96KK0NoW/5qcuAx+d9+pMB8GA1UdIwQY
MBaAFB0CYEBug3rjg4D8yNmSuT0N4ag7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzIt
OGMwZmFjYTNjYmQ4LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzItOGMwZmFjYTNjYmQ4
LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALegwqp+7
hnPNkLIefbFEB6D9i/0qxp0+X0qsoF/0nU5VimJYuce2LoLMX1gepycgn4zOGzkY
S6UJEZZ5a0akdLWt52JjYls9+PAaRLeh+5XgSi1icHyIrtOItKZBmuq4tsf9Hgzb
dq+5KGsZJ6Gel3QDIYfWHU95ghmwda58St2s4ruMHCwB2oDvdvzx4fm7vDU1hRcW
FU+Q5GnO8JdOS4XtP1lHwpQ2Dc/5ush+gv2vOkLvXFpZstd/jkpLyDUYmnxVMSSz
JGzZrJ+GMAvC9/xUYQhKAiZyzRIlPYkePh3R6QzCgM0IIjFfp1IcZHGkVghgFPhm
/yXyVWt6WjRn3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:59:08 2025 by rpki-client