Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: 8DXilhmxoTNgF11qWXEncMhGyi9zV+T/mTfaUXZNGHs=
Subject key identifier: 86:E1:8C:B6:6E:18:8D:59:5F:A9:E5:3C:45:27:58:8A:E8:5E:9C:C3
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 01988F2228B6CEF1742A59E6270D9F004B12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1627
Signing time: Sat 09 Aug 2025 14:00:37 +0000
Manifest this update: Sat 09 Aug 2025 14:00:37 +0000
Manifest next update: Sun 10 Aug 2025 14:00:37 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: VG2t29Q0styGkf0Z6cAuB/o7SF+IwDTi5ireMtNIDQY=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:22:28:b6:ce:f1:74:2a:59:e6:27:0d:9f:00:4b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Aug 9 14:00:37 2025 GMT
Not After : Aug 10 14:00:37 2025 GMT
Subject: CN=86e18cb66e188d595fa9e53c4527588ae85e9cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:4c:ec:ae:c7:5e:52:ab:05:03:6a:74:c2:
17:95:ea:65:7e:9b:cd:76:d0:23:e4:0d:0f:2d:1c:
b6:a9:27:de:d6:b0:4f:cf:f1:5f:a3:d0:66:cf:14:
78:73:d4:3a:40:ae:d3:45:29:5e:b2:72:a3:8d:ac:
99:df:70:39:4a:43:00:25:73:94:07:3c:bf:ed:fd:
46:3a:21:8b:e2:89:e7:bf:6c:cd:c1:dd:d6:29:fd:
16:eb:dc:57:6a:f0:89:15:93:73:4b:aa:d6:1b:5c:
42:47:0b:d3:03:b7:3c:c7:90:b6:1e:73:ba:6d:6a:
38:a1:d1:67:35:9c:cb:cc:d3:70:e7:17:3b:a7:56:
96:31:fc:61:bc:c0:01:49:cb:35:73:50:74:76:93:
92:22:63:45:5b:c5:45:81:1a:b8:b8:28:bb:ea:58:
68:32:d6:be:11:43:2f:2e:34:33:bc:03:d7:e6:74:
a5:47:71:a9:62:0a:85:66:b4:00:98:3f:9d:bb:86:
e1:1a:fe:d8:14:b6:9f:dd:a5:4d:c8:4a:61:a9:ba:
11:18:a0:dc:0a:8d:e7:cf:b5:87:7e:3b:0a:6e:32:
96:2b:61:ec:a4:f6:fa:5f:00:00:bc:8a:f8:eb:ab:
d3:7e:08:19:ce:c1:96:37:24:5c:82:55:ac:6e:ba:
ed:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E1:8C:B6:6E:18:8D:59:5F:A9:E5:3C:45:27:58:8A:E8:5E:9C:C3
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:83:31:6f:d1:d3:70:ed:fc:ca:a2:af:4a:69:c7:99:50:8c:
3e:57:b2:66:fa:c5:49:8d:3a:4c:4f:a4:96:19:d5:ec:aa:b5:
a2:06:8b:a1:67:df:db:a6:a7:7a:eb:84:40:38:98:d3:cf:b9:
c2:6b:a0:87:7d:29:8d:6c:db:54:94:38:e8:cb:f8:17:ed:08:
de:a1:02:51:ed:da:34:f0:51:40:05:13:90:26:38:56:71:f3:
ea:c9:01:3e:43:46:0f:11:05:b3:a2:52:39:5b:60:84:3b:12:
ce:c7:92:6e:66:a4:7f:49:f3:18:05:4a:d2:61:66:24:2e:ca:
7c:6d:e4:30:91:3e:17:4c:fb:a4:b8:1a:4a:3f:a2:c9:8c:79:
7b:99:4d:be:a2:36:e6:f7:28:b2:08:60:b8:79:b9:84:a4:3a:
f8:1d:11:8c:12:f8:df:ff:2e:dd:55:e3:8e:68:9a:95:9a:85:
07:42:db:dc:0e:ce:31:d8:76:42:84:43:74:7b:20:af:f0:b2:
a0:84:53:67:b9:5c:78:f6:e6:1d:c8:cb:e4:61:7b:99:c7:17:
f5:f6:d5:45:22:99:cb:52:4d:cd:ed:db:43:09:92:c3:62:73:
50:e6:a7:36:ed:32:96:54:54:d9:2d:6b:bc:46:29:74:c1:2e:
a7:d0:3e:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPIii2zvF0KlnmJw2fAEsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwODA5MTQwMDM3WhcNMjUwODEwMTQwMDM3WjAzMTEwLwYDVQQD
Eyg4NmUxOGNiNjZlMTg4ZDU5NWZhOWU1M2M0NTI3NTg4YWU4NWU5Y2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF1M7K7HXlKrBQNqdMIXleplfpvN
dtAj5A0PLRy2qSfe1rBPz/Ffo9BmzxR4c9Q6QK7TRSlesnKjjayZ33A5SkMAJXOU
Bzy/7f1GOiGL4onnv2zNwd3WKf0W69xXavCJFZNzS6rWG1xCRwvTA7c8x5C2HnO6
bWo4odFnNZzLzNNw5xc7p1aWMfxhvMABScs1c1B0dpOSImNFW8VFgRq4uCi76lho
Mta+EUMvLjQzvAPX5nSlR3GpYgqFZrQAmD+du4bhGv7YFLaf3aVNyEphqboRGKDc
Co3nz7WHfjsKbjKWK2HspPb6XwAAvIr466vTfggZzsGWNyRcglWsbrrtYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbhjLZuGI1ZX6nlPEUnWIroXpzDMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK4Mxb9HT
cO38yqKvSmnHmVCMPleyZvrFSY06TE+klhnV7Kq1ogaLoWff26aneuuEQDiY08+5
wmugh30pjWzbVJQ46Mv4F+0I3qECUe3aNPBRQAUTkCY4VnHz6skBPkNGDxEFs6JS
OVtghDsSzseSbmakf0nzGAVK0mFmJC7KfG3kMJE+F0z7pLgaSj+iyYx5e5lNvqI2
5vcosghguHm5hKQ6+B0RjBL43/8u3VXjjmialZqFB0Lb3A7OMdh2QoRDdHsgr/Cy
oIRTZ7lcePbmHcjL5GF7mccX9fbVRSKZy1JNze3bQwmSw2JzUOanNu0yllRU2S1r
vEYpdMEup9A+QA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:34:25 2025 by rpki-client