Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File: HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier: KFlIl7YQxBuSxlZvkzaW5IvhkUJ7k+yynk1RKqXv4CI=
Subject key identifier: 71:DF:BD:71:03:BC:03:E7:E2:8A:E6:93:C6:AA:CB:39:E0:68:0D:05
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer: /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial: 019A4C611EF443F792D9D70C09A3B670F534
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number: 08CB
Signing time: Tue 04 Nov 2025 01:00:24 +0000
Manifest this update: Tue 04 Nov 2025 01:00:24 +0000
Manifest next update: Wed 05 Nov 2025 01:00:24 +0000
Files and hashes: 1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: K6avcqfWzhLcvBvzz1d8oBreCqKAy6id88EVJ7Js8WE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:61:1e:f4:43:f7:92:d9:d7:0c:09:a3:b6:70:f5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Validity
Not Before: Nov 4 01:00:24 2025 GMT
Not After : Nov 5 01:00:24 2025 GMT
Subject: CN=71dfbd7103bc03e7e28ae693c6aacb39e0680d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e9:24:9f:9c:ab:5a:cc:4c:76:ec:01:44:81:
78:68:48:15:06:21:8f:30:14:5c:15:65:ec:05:95:
55:e4:1e:2e:06:b2:43:a7:fa:c5:76:21:50:46:3e:
71:74:0f:21:24:9f:bb:31:9c:63:d7:f9:9a:55:a1:
05:d0:06:17:5d:3d:0e:d7:62:06:e8:9e:58:1a:73:
27:f5:bb:2a:3e:7e:c0:6c:0e:4d:b7:1c:9a:36:28:
3c:07:1b:04:30:c5:21:a3:77:c9:55:b4:f6:ca:c6:
2c:62:e0:32:37:8e:0b:27:d8:76:c7:41:1e:25:53:
22:37:e5:c4:50:09:15:c6:62:36:89:95:e6:c3:d7:
e8:12:29:83:ee:61:fc:6d:1d:f9:07:3d:c4:3f:67:
f4:d4:f6:36:63:61:13:db:dd:ce:a9:b9:78:94:3e:
4c:eb:79:dc:d1:c3:32:8e:d8:ca:61:a9:74:0f:81:
76:6e:18:ff:f7:ea:2e:60:c4:2b:3e:1b:3d:81:a3:
c4:30:40:b8:da:3b:ca:fc:0f:2d:c7:ef:5d:63:10:
3a:00:a2:e2:69:a9:fa:22:ce:4d:1c:93:eb:77:fb:
28:4d:04:9a:44:90:70:95:8d:7f:86:c1:95:b4:e9:
30:94:2a:4f:04:82:f4:91:d9:ab:d7:5a:5b:10:ac:
e2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DF:BD:71:03:BC:03:E7:E2:8A:E6:93:C6:AA:CB:39:E0:68:0D:05
X509v3 Authority Key Identifier:
keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:21:59:25:cf:6a:22:cc:32:22:16:83:04:94:24:9e:38:0b:
a9:e7:cb:83:2b:dd:2d:49:43:58:65:a2:84:a7:93:4b:cf:1f:
c2:2b:2d:8c:53:8c:10:87:08:f1:58:74:6a:b3:90:67:c9:26:
57:73:51:6c:30:01:85:6e:9b:07:47:7b:7c:4c:f2:51:cc:7c:
8e:87:68:02:fb:b6:11:bf:24:58:59:f0:d2:a2:75:ad:85:3f:
f5:41:d2:de:f1:5d:86:69:eb:1f:d0:53:87:ba:2a:ad:74:b9:
1c:0a:e6:42:eb:a6:05:3d:4a:50:f7:8b:b8:13:0c:44:f1:84:
2a:29:c2:84:42:39:49:e3:4c:b1:b7:19:8f:8e:45:90:06:ba:
dc:96:fb:5f:24:7f:de:17:ae:01:95:1f:38:51:60:9d:40:0d:
2d:d3:0e:90:ca:ae:7d:48:89:5d:7a:11:f4:02:6d:73:32:49:
bd:9b:78:fe:a0:d3:5a:03:62:9c:25:d4:65:60:35:ea:c2:99:
50:8c:e3:cc:aa:c0:13:f1:5e:ff:b3:76:87:34:f7:40:1a:51:
e9:7d:b3:4e:41:3f:01:0e:a4:b0:5f:50:f4:ed:86:aa:d3:af:
2d:51:5a:ad:9b:f6:6d:61:4e:c3:ff:e7:16:58:8d:d0:b3:dc:
eb:08:6a:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYR70Q/eS2dcMCaO2cPU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUxMTA0MDEwMDI0WhcNMjUxMTA1MDEwMDI0WjAzMTEwLwYDVQQD
Eyg3MWRmYmQ3MTAzYmMwM2U3ZTI4YWU2OTNjNmFhY2IzOWUwNjgwZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlekkn5yrWsxMduwBRIF4aEgVBiGP
MBRcFWXsBZVV5B4uBrJDp/rFdiFQRj5xdA8hJJ+7MZxj1/maVaEF0AYXXT0O12IG
6J5YGnMn9bsqPn7AbA5NtxyaNig8BxsEMMUho3fJVbT2ysYsYuAyN44LJ9h2x0Ee
JVMiN+XEUAkVxmI2iZXmw9foEimD7mH8bR35Bz3EP2f01PY2Y2ET293Oqbl4lD5M
63nc0cMyjtjKYal0D4F2bhj/9+ouYMQrPhs9gaPEMEC42jvK/A8tx+9dYxA6AKLi
aan6Is5NHJPrd/soTQSaRJBwlY1/hsGVtOkwlCpPBIL0kdmr11pbEKzixwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHfvXEDvAPn4ormk8aqyzngaA0FMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFSFZJc9q
IswyIhaDBJQknjgLqefLgyvdLUlDWGWihKeTS88fwistjFOMEIcI8Vh0arOQZ8km
V3NRbDABhW6bB0d7fEzyUcx8jodoAvu2Eb8kWFnw0qJ1rYU/9UHS3vFdhmnrH9BT
h7oqrXS5HArmQuumBT1KUPeLuBMMRPGEKinChEI5SeNMsbcZj45FkAa63Jb7XyR/
3heuAZUfOFFgnUANLdMOkMqufUiJXXoR9AJtczJJvZt4/qDTWgNinCXUZWA16sKZ
UIzjzKrAE/Fe/7N2hzT3QBpR6X2zTkE/AQ6ksF9Q9O2GqtOvLVFarZv2bWFOw//n
FliN0LPc6whqyg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:49:05 2025 by rpki-client