Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File: hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier: 0aHKYtgTExrzJqD2Z4y1WBGZ2fEMV1LP2un2HLj+WJM=
Subject key identifier: D4:F5:D8:20:F6:29:8C:C2:B8:EA:DC:22:D4:CE:96:78:1D:66:91:3B
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer: /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial: 019874500065FD003145FCACF75CCD2FB7DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number: 09BE
Signing time: Mon 04 Aug 2025 09:00:56 +0000
Manifest this update: Mon 04 Aug 2025 09:00:56 +0000
Manifest next update: Tue 05 Aug 2025 09:00:56 +0000
Files and hashes: 1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: 2Zpd3cZqI3V9Xt0brRM6kbrjOpoT5KFZ/Vj3y5NigUw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:50:00:65:fd:00:31:45:fc:ac:f7:5c:cd:2f:b7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Validity
Not Before: Aug 4 09:00:56 2025 GMT
Not After : Aug 5 09:00:56 2025 GMT
Subject: CN=d4f5d820f6298cc2b8eadc22d4ce96781d66913b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:12:db:75:ed:8d:9f:d2:89:5c:a5:9d:71:
fc:7f:f6:8c:f6:cd:8c:a9:d8:c4:40:b0:8c:87:38:
0b:85:f4:8c:a9:70:83:2b:c4:4a:10:78:20:b8:66:
33:df:ec:88:16:f8:9f:e8:b1:97:08:86:21:7e:4a:
24:9f:d9:58:b3:62:0c:c8:49:06:a3:05:44:eb:28:
cc:5c:d5:23:57:68:5f:5d:7b:11:c9:28:a1:7e:c2:
3a:82:e3:f9:c6:26:a4:8e:ae:c1:d0:8c:03:65:3f:
c1:66:e5:b4:4e:48:cb:69:a5:3d:4f:d9:4c:99:b5:
bd:4b:ef:0c:a0:01:83:d5:61:d2:ab:21:4d:48:e8:
c7:b2:89:e0:d0:6e:ff:bb:a8:6f:65:69:9b:e2:b3:
7f:be:8c:3e:54:47:ab:b2:94:2a:f0:4b:17:29:98:
b0:79:c3:ce:4d:7b:38:63:2b:e2:af:86:e7:85:65:
36:c3:40:2a:38:23:e8:ff:6d:90:72:82:5c:00:9f:
a1:d9:ad:8d:c2:30:3b:0e:f4:8d:0e:ad:f7:41:6f:
3c:6a:22:a2:a5:2e:a9:c5:7f:6e:17:e6:a3:3b:a5:
27:81:31:6b:56:d1:b9:2b:e0:b0:a3:a3:1f:c9:2a:
24:97:0e:39:d5:ba:7f:78:af:dd:25:d0:d9:34:e3:
97:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F5:D8:20:F6:29:8C:C2:B8:EA:DC:22:D4:CE:96:78:1D:66:91:3B
X509v3 Authority Key Identifier:
keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:bf:a1:c9:de:b0:d1:4f:a0:fc:72:f6:d9:5f:5a:af:73:09:
4c:c9:ec:f9:cb:7d:6c:98:fe:87:fc:ef:47:96:be:14:71:3d:
3f:a0:6f:bb:f0:2b:0c:d0:f0:a5:47:62:ce:5d:2e:7e:8f:05:
96:87:eb:9a:30:b4:9b:9d:36:58:c6:e6:3e:6e:8c:fc:40:89:
31:77:78:ca:3e:75:9e:e1:49:99:cf:d4:90:f6:1c:69:15:99:
c4:bb:14:d2:57:88:17:ee:b0:06:30:7e:f3:f6:9d:64:0b:a9:
5b:ba:cd:bf:68:38:25:aa:96:e0:17:d4:4a:1e:5f:e2:8c:5c:
ad:61:03:c0:9d:cb:a0:1f:78:18:79:78:4f:e0:74:6f:51:e4:
d6:ba:98:cb:3d:bd:19:90:94:59:4d:6e:9e:9e:a2:73:57:fb:
13:9b:9e:f4:04:a3:f0:4f:c1:f1:7c:ab:a6:d5:d0:1c:38:0e:
59:03:c3:f3:92:ff:7f:98:c2:dd:df:30:7f:79:6e:cd:c9:4f:
a3:9b:47:9a:ad:a9:13:b3:f4:b5:c8:5b:3e:2b:76:07:01:1f:
12:bb:41:49:15:c7:eb:8b:f9:51:c2:ed:a5:ea:c2:28:d3:e5:
d8:86:fe:ee:bf:98:8f:fc:bf:a9:41:64:cb:f3:a1:fa:6a:05:
1c:30:ce:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UABl/QAxRfys91zNL7feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwODA0MDkwMDU2WhcNMjUwODA1MDkwMDU2WjAzMTEwLwYDVQQD
EyhkNGY1ZDgyMGY2Mjk4Y2MyYjhlYWRjMjJkNGNlOTY3ODFkNjY5MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKoS23XtjZ/SiVylnXH8f/aM9s2M
qdjEQLCMhzgLhfSMqXCDK8RKEHgguGYz3+yIFvif6LGXCIYhfkokn9lYs2IMyEkG
owVE6yjMXNUjV2hfXXsRySihfsI6guP5xiakjq7B0IwDZT/BZuW0TkjLaaU9T9lM
mbW9S+8MoAGD1WHSqyFNSOjHsong0G7/u6hvZWmb4rN/vow+VEerspQq8EsXKZiw
ecPOTXs4Yyvir4bnhWU2w0AqOCPo/22QcoJcAJ+h2a2NwjA7DvSNDq33QW88aiKi
pS6pxX9uF+ajO6UngTFrVtG5K+Cwo6MfySoklw451bp/eK/dJdDZNOOX0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT12CD2KYzCuOrcItTOlngdZpE7MB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuL+hyd6w
0U+g/HL22V9ar3MJTMns+ct9bJj+h/zvR5a+FHE9P6Bvu/ArDNDwpUdizl0ufo8F
lofrmjC0m502WMbmPm6M/ECJMXd4yj51nuFJmc/UkPYcaRWZxLsU0leIF+6wBjB+
8/adZAupW7rNv2g4JaqW4BfUSh5f4oxcrWEDwJ3LoB94GHl4T+B0b1Hk1rqYyz29
GZCUWU1unp6ic1f7E5ue9ASj8E/B8XyrptXQHDgOWQPD85L/f5jC3d8wf3luzclP
o5tHmq2pE7P0tchbPit2BwEfErtBSRXH64v5UcLtperCKNPl2Ib+7r+Yj/y/qUFk
y/Oh+moFHDDOxg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:54:21 2025 by rpki-client