Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
File: HlcDhG16g2S-wwMDTbkay_9C2gw.mft (raw, json)
Hash identifier: mMkjB644K4UNC+9/EWSAXtwenTeJ3eWH2ZtFvogDLvU=
Subject key identifier: CD:37:06:CC:18:F4:82:B8:C7:E6:52:46:64:33:29:3D:06:E6:88:00
Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c
Certificate serial: 019A51F5B8F98B3B6472EC9EE61A6FBA7D37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
Manifest number: 0ACF
Signing time: Wed 05 Nov 2025 03:00:49 +0000
Manifest this update: Wed 05 Nov 2025 03:00:49 +0000
Manifest next update: Thu 06 Nov 2025 03:00:49 +0000
Files and hashes: 1: 4PNlkOPWAaPkvxKKyZ24ywHUUNs.roa (hash: eaQPOrhXnd6IgLBTpKSTCgVJBcG3spHBZu3BsMLZw3g=)
2: HlcDhG16g2S-wwMDTbkay_9C2gw.crl (hash: okKWVi30rlNyhawmTTyqPb1lkbd5m22CnkwrbN4eU9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:b8:f9:8b:3b:64:72:ec:9e:e6:1a:6f:ba:7d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c
Validity
Not Before: Nov 5 03:00:49 2025 GMT
Not After : Nov 6 03:00:49 2025 GMT
Subject: CN=cd3706cc18f482b8c7e652466433293d06e68800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:00:30:26:e6:4d:c8:f8:c8:24:31:75:64:
e5:8e:b1:28:93:07:9f:47:55:e9:01:ce:fb:ce:be:
cc:2e:17:f9:49:e5:8b:d8:09:8b:9d:c0:52:96:55:
ff:37:df:79:e7:0b:42:b3:b0:66:02:10:8b:1e:31:
ee:d4:0b:ac:f3:ba:33:1d:69:2b:3f:44:b2:3f:a1:
0f:02:85:44:53:bf:92:a6:a3:3d:64:9a:7d:1e:5b:
54:d2:5b:60:e0:a0:63:00:6f:6b:43:5d:8e:4b:dd:
13:92:f7:a2:af:35:76:20:9e:b6:ee:5a:a7:0e:e9:
f3:55:b8:ec:d8:ed:39:ca:60:62:78:24:99:d3:45:
f9:92:49:01:e1:d8:b7:92:3c:d3:32:2a:0d:34:09:
5b:cd:46:1b:58:48:02:63:55:ea:fc:df:8c:6d:e4:
b9:7d:c0:a3:e5:db:79:ea:ca:58:6b:5d:15:cb:92:
29:b1:df:44:4e:02:b3:d1:9c:46:bd:25:87:0f:dd:
c3:9f:c3:8e:2b:68:8f:80:41:79:59:04:86:55:2c:
21:72:ea:d3:87:c8:3e:fa:da:0b:1b:53:be:40:b4:
7e:e6:04:26:2e:cb:64:b2:9c:c3:0a:19:a9:79:17:
6b:83:11:a7:77:f7:7b:f4:97:9f:2e:5e:32:f7:29:
69:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:37:06:CC:18:F4:82:B8:C7:E6:52:46:64:33:29:3D:06:E6:88:00
X509v3 Authority Key Identifier:
keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:4c:f6:e4:99:2b:2a:07:1e:cb:97:77:a1:e3:29:f4:30:15:
64:74:05:2c:ba:28:85:48:04:3c:c2:81:b5:c5:b9:b7:29:d8:
00:fe:d9:c1:56:17:99:23:9d:6f:1c:83:18:af:7e:f0:58:78:
6f:06:c0:01:21:a2:cf:81:1f:bd:ec:32:55:38:0b:49:64:25:
c1:50:7d:0b:7d:e9:94:fe:9b:67:fc:28:26:98:87:03:02:01:
91:2a:be:58:b2:56:85:ef:a5:bf:c5:03:15:47:a8:fe:d7:4d:
07:e1:ce:df:d1:5e:7b:7b:30:4d:dd:4d:6c:67:18:bd:06:25:
84:84:fd:90:b7:e2:ee:01:5f:20:ea:09:da:27:a7:02:20:dc:
09:13:a5:c4:10:df:e7:66:32:ec:32:05:b7:3e:13:db:a8:96:
0d:e3:a9:2b:3e:3b:d7:db:4f:ac:d3:e9:68:fc:14:8d:6c:17:
5d:12:97:98:be:3b:85:ef:58:7d:78:dc:1e:84:c8:db:39:b3:
69:dd:e1:fb:d4:c3:cf:f2:a8:2e:42:07:db:b9:86:3b:e0:1d:
c8:9b:b7:41:a7:b1:2d:82:2d:e5:40:8f:4a:fd:dd:6c:72:c9:
58:6f:3d:a5:15:53:d4:b0:cf:65:ca:81:38:7b:e7:8f:4b:4a:
51:04:8d:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9bj5iztkcuye5hpvun03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0
MmRhMGMwHhcNMjUxMTA1MDMwMDQ5WhcNMjUxMTA2MDMwMDQ5WjAzMTEwLwYDVQQD
EyhjZDM3MDZjYzE4ZjQ4MmI4YzdlNjUyNDY2NDMzMjkzZDA2ZTY4ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulwAMCbmTcj4yCQxdWTljrEokwef
R1XpAc77zr7MLhf5SeWL2AmLncBSllX/N9955wtCs7BmAhCLHjHu1Aus87ozHWkr
P0SyP6EPAoVEU7+SpqM9ZJp9HltU0ltg4KBjAG9rQ12OS90TkveirzV2IJ627lqn
DunzVbjs2O05ymBieCSZ00X5kkkB4di3kjzTMioNNAlbzUYbWEgCY1Xq/N+MbeS5
fcCj5dt56spYa10Vy5Ipsd9ETgKz0ZxGvSWHD93Dn8OOK2iPgEF5WQSGVSwhcurT
h8g++toLG1O+QLR+5gQmLstkspzDChmpeRdrgxGnd/d79JefLl4y9ylpGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM03BswY9IK4x+ZSRmQzKT0G5ogAMB8GA1UdIwQY
MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt
MDdiMDllNDY1MTE5LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5
LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYkz25Jkr
Kgcey5d3oeMp9DAVZHQFLLoohUgEPMKBtcW5tynYAP7ZwVYXmSOdbxyDGK9+8Fh4
bwbAASGiz4EfvewyVTgLSWQlwVB9C33plP6bZ/woJpiHAwIBkSq+WLJWhe+lv8UD
FUeo/tdNB+HO39Fee3swTd1NbGcYvQYlhIT9kLfi7gFfIOoJ2ienAiDcCROlxBDf
52Yy7DIFtz4T26iWDeOpKz4719tPrNPpaPwUjWwXXRKXmL47he9YfXjcHoTI2zmz
ad3h+9TDz/KoLkIH27mGO+AdyJu3QaexLYIt5UCPSv3dbHLJWG89pRVT1LDPZcqB
OHvnj0tKUQSN9A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:52:32 2025 by rpki-client