Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft
File: hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft (raw, json)
Hash identifier: c2vInIn2VxrfFgO1lUOwa2as10Wj2fHRA9tvC0xBpSs=
Subject key identifier: 90:0C:5F:18:2F:7E:01:E2:EE:4B:F8:31:13:91:8B:2D:FA:41:99:0C
Authority key identifier: 84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D
Certificate issuer: /CN=84a3cf114be4fa4c4ff76b218fad50e51739160d
Certificate serial: 019A52D1E1CA3923ACDA34E8FBEFE7EE8935
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft
Manifest number: 10EB
Signing time: Wed 05 Nov 2025 07:01:17 +0000
Manifest this update: Wed 05 Nov 2025 07:01:17 +0000
Manifest next update: Thu 06 Nov 2025 07:01:17 +0000
Files and hashes: 1: hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl (hash: Ha0X+zVM5IuRy55D5e0rUfr3ncLIX7BfF3THL+pIaus=)
2: sudojg6HDCizETctxsBEtvD9ceA.roa (hash: WBqfbYsjDjIGknBmCSsGnzqS8ek9/ghen0y1LOmx5Ns=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:e1:ca:39:23:ac:da:34:e8:fb:ef:e7:ee:89:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a3cf114be4fa4c4ff76b218fad50e51739160d
Validity
Not Before: Nov 5 07:01:17 2025 GMT
Not After : Nov 6 07:01:17 2025 GMT
Subject: CN=900c5f182f7e01e2ee4bf83113918b2dfa41990c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a1:16:2c:22:11:92:e3:a7:12:38:6a:55:33:
67:2a:2c:71:99:3f:e3:c7:a4:0a:d4:39:88:57:76:
75:ca:c0:ea:9a:53:2b:53:f1:50:e8:2f:82:8e:b9:
cf:d4:f6:2d:11:46:54:1f:45:5f:57:4f:7e:9b:65:
2a:66:bb:81:fd:4e:69:60:94:6e:65:2e:08:0c:92:
a8:15:8d:46:91:f7:67:a8:d1:fb:3e:51:1f:22:c3:
74:8a:5d:08:c0:f4:c1:e4:ad:a9:bf:a6:8a:f8:b4:
3b:83:31:68:da:f4:1d:0d:4a:20:54:42:fa:9a:54:
5e:0e:b8:6a:4f:a7:62:e2:7f:d9:ad:0e:6b:7a:33:
0c:6a:9e:5b:3c:7b:85:be:14:2d:f5:f3:8b:65:4b:
fd:de:44:c7:81:df:13:14:fd:32:be:8f:73:54:3c:
74:7f:59:20:09:33:37:dd:b0:b5:88:40:f1:0a:9b:
35:ea:56:30:70:9e:cc:79:ee:08:d8:f1:7f:80:e9:
fa:52:d7:17:3c:81:20:de:01:9f:e6:a4:20:0b:bf:
3b:57:c2:b5:ab:4a:0d:7f:67:37:14:18:79:bc:82:
59:fc:b5:17:cf:ed:ba:22:04:33:a3:1f:4a:98:ea:
a2:59:f7:df:ce:b2:39:09:51:10:35:90:03:1f:35:
f7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0C:5F:18:2F:7E:01:E2:EE:4B:F8:31:13:91:8B:2D:FA:41:99:0C
X509v3 Authority Key Identifier:
keyid:84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:29:a0:ec:92:60:3e:e1:aa:da:a6:9c:fa:96:4d:2e:80:f1:
74:c8:5c:f8:c8:d2:a7:11:00:6a:87:6d:c4:29:41:b8:f5:f4:
b1:c6:c1:b4:28:ac:d5:60:dd:dd:22:9c:e4:69:7e:ce:04:5d:
4e:8f:5d:41:37:60:a6:6d:bd:b4:49:ab:92:d5:5c:20:ed:81:
30:27:7c:3a:0b:c7:9f:ec:63:62:ce:0e:95:ec:34:16:5e:a5:
00:55:20:a1:f2:14:52:04:60:98:ee:0e:06:17:4e:a1:68:70:
e3:e3:c2:45:32:b3:15:d1:a1:d4:33:b2:52:73:98:d6:54:c8:
87:98:40:3d:8a:62:12:df:23:4c:ec:c6:76:a0:69:c1:a4:26:
c7:d3:b5:77:0b:04:17:58:c9:e5:4b:bf:7d:ea:cc:0f:95:95:
1e:bf:97:02:0a:6b:c0:f8:b7:15:50:53:ea:45:b0:78:b9:1d:
16:2a:9c:cd:c1:f7:72:ad:dd:e8:84:a4:05:13:7b:46:55:03:
70:cf:9e:5b:f8:28:ba:dd:15:e7:c4:61:6e:bb:9e:0c:46:85:
66:62:98:75:bb:8e:b3:6d:85:2b:bb:5e:c6:97:d0:2f:90:ee:
f9:c6:fb:53:f6:91:4d:e7:94:d7:22:b0:5f:93:bb:8b:d4:73:
06:b4:5c:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0eHKOSOs2jTo++/n7ok1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YTNjZjExNGJlNGZhNGM0ZmY3NmIyMThmYWQ1MGU1MTcz
OTE2MGQwHhcNMjUxMTA1MDcwMTE3WhcNMjUxMTA2MDcwMTE3WjAzMTEwLwYDVQQD
Eyg5MDBjNWYxODJmN2UwMWUyZWU0YmY4MzExMzkxOGIyZGZhNDE5OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaEWLCIRkuOnEjhqVTNnKixxmT/j
x6QK1DmIV3Z1ysDqmlMrU/FQ6C+CjrnP1PYtEUZUH0VfV09+m2UqZruB/U5pYJRu
ZS4IDJKoFY1GkfdnqNH7PlEfIsN0il0IwPTB5K2pv6aK+LQ7gzFo2vQdDUogVEL6
mlReDrhqT6di4n/ZrQ5rejMMap5bPHuFvhQt9fOLZUv93kTHgd8TFP0yvo9zVDx0
f1kgCTM33bC1iEDxCps16lYwcJ7Mee4I2PF/gOn6UtcXPIEg3gGf5qQgC787V8K1
q0oNf2c3FBh5vIJZ/LUXz+26IgQzox9KmOqiWfffzrI5CVEQNZADHzX3pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAMXxgvfgHi7kv4MRORiy36QZkMMB8GA1UdIwQY
MBaAFISjzxFL5PpMT/drIY+tUOUXORYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUt
NTM5MzI5YmVkNDZlLzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUtNTM5MzI5YmVkNDZl
LzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSmg7JJg
PuGq2qac+pZNLoDxdMhc+MjSpxEAaodtxClBuPX0scbBtCis1WDd3SKc5Gl+zgRd
To9dQTdgpm29tEmrktVcIO2BMCd8OgvHn+xjYs4Olew0Fl6lAFUgofIUUgRgmO4O
BhdOoWhw4+PCRTKzFdGh1DOyUnOY1lTIh5hAPYpiEt8jTOzGdqBpwaQmx9O1dwsE
F1jJ5Uu/ferMD5WVHr+XAgprwPi3FVBT6kWweLkdFiqczcH3cq3d6ISkBRN7RlUD
cM+eW/gout0V58RhbrueDEaFZmKYdbuOs22FK7texpfQL5Du+cb7U/aRTeeU1yKw
X5O7i9RzBrRccw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:09:31 2025 by rpki-client