Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft
File: hlsHwonfa8nHYttDKboM48Up_ss.mft (raw, json)
Hash identifier: RYwRMjMfQqdBsQ6VHFRgBOCK1IL710V+Q87avaY5alk=
Subject key identifier: CB:00:F3:74:CD:F3:FE:D6:9D:BB:8B:C2:D3:1F:42:D8:33:DA:B6:6B
Authority key identifier: 86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB
Certificate issuer: /CN=865b07c289df6bc9c762db4329ba0ce3c529fecb
Certificate serial: 019A5299F901CFFA35A3F9E50232F5714FC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft
Manifest number: 0101
Signing time: Wed 05 Nov 2025 06:00:13 +0000
Manifest this update: Wed 05 Nov 2025 06:00:13 +0000
Manifest next update: Thu 06 Nov 2025 06:00:13 +0000
Files and hashes: 1: EyJIl9GgE7NEizESEZnZ9ODAHzw.roa (hash: TDhr2Br5ELeOUc6goo8nbxisdzgPRnJxdfCh2qX9VlY=)
2: hlsHwonfa8nHYttDKboM48Up_ss.crl (hash: rvjD3En79EgD1JnMHpSwAAfSSHi1fa9Tr02snCMhrjA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 06:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:99:f9:01:cf:fa:35:a3:f9:e5:02:32:f5:71:4f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865b07c289df6bc9c762db4329ba0ce3c529fecb
Validity
Not Before: Nov 5 06:00:13 2025 GMT
Not After : Nov 6 06:00:13 2025 GMT
Subject: CN=cb00f374cdf3fed69dbb8bc2d31f42d833dab66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:bf:db:be:c5:fb:77:cb:1c:b7:7e:4d:d4:
37:92:80:8c:4b:6b:19:6b:cd:dc:3d:ca:dc:ca:5b:
6f:0f:42:99:95:47:32:25:9f:29:6e:cb:9e:11:46:
d0:99:48:02:54:86:40:c6:34:7d:b8:59:84:28:ca:
c4:b1:28:06:71:6b:7e:d5:81:d0:c6:65:1f:b0:fa:
f9:0b:cc:20:0a:94:8a:d7:69:f5:75:a7:30:2b:65:
91:81:5c:22:ca:ec:59:bd:c6:bb:18:38:f2:e7:1c:
3e:cd:e6:a9:3d:f0:fa:7d:4f:a6:64:6d:ea:4b:77:
28:20:fe:65:30:2d:18:67:98:b6:49:42:50:aa:68:
e3:96:5e:fc:25:fe:cb:ea:f5:00:38:00:2c:ac:91:
63:aa:5f:f3:90:5c:33:28:c2:ef:17:1a:5b:09:b2:
cf:b1:80:71:8c:5c:d2:14:c5:41:85:12:d7:59:0a:
a2:85:85:c5:d6:46:f7:ba:ea:c3:2a:3b:7e:f5:39:
50:5e:51:62:ad:0c:f7:87:9d:33:3f:05:77:d7:c9:
3c:e5:fa:dd:d7:e5:f2:7f:95:6f:72:17:1c:09:52:
52:cc:c2:1e:c6:61:c9:33:ce:70:00:df:34:f0:7f:
7b:94:30:22:ce:9f:35:f5:ea:fe:5c:36:20:29:b0:
d4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:00:F3:74:CD:F3:FE:D6:9D:BB:8B:C2:D3:1F:42:D8:33:DA:B6:6B
X509v3 Authority Key Identifier:
keyid:86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:fe:1a:9e:1d:dc:ea:35:22:eb:2b:2f:c0:20:22:4a:e5:d9:
dc:c3:27:21:8e:68:34:04:ab:8e:a6:bb:ed:04:6c:21:c2:6a:
68:c9:1c:c1:63:11:53:a8:16:34:bf:d5:5c:c4:34:25:b0:cb:
19:e2:ff:1d:9a:78:cb:69:73:69:72:4c:48:b8:af:43:93:cf:
56:09:b5:04:f3:59:1f:0d:12:f5:b1:4b:ca:15:84:cd:0e:ca:
6f:ad:a6:e8:44:26:f8:75:1e:9a:ef:c7:3c:a5:79:54:d9:d4:
32:15:72:e0:f0:4e:53:db:4d:4f:57:8a:48:75:8d:2b:9e:76:
f4:df:cc:b4:60:e8:cc:28:22:84:ee:40:5d:1e:5d:39:61:80:
e5:b7:d9:98:51:80:45:46:1c:f2:40:da:27:63:15:5f:45:98:
99:b1:d7:a7:48:86:22:dd:af:ef:7f:7e:a5:a1:ef:dd:1e:cf:
0c:53:3d:82:17:42:06:7c:27:62:9e:a1:43:a3:bf:1b:16:b3:
ed:51:1b:6a:f8:e7:45:60:20:c4:1f:13:bc:86:da:57:db:1b:
42:42:7a:24:d3:03:5f:d3:c3:e8:17:55:30:c2:1e:f4:dc:32:
66:08:9c:1f:df:c3:c0:44:d2:86:1b:b4:75:63:84:c2:5d:c1:
da:ad:1f:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSmfkBz/o1o/nlAjL1cU/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NWIwN2MyODlkZjZiYzljNzYyZGI0MzI5YmEwY2UzYzUy
OWZlY2IwHhcNMjUxMTA1MDYwMDEzWhcNMjUxMTA2MDYwMDEzWjAzMTEwLwYDVQQD
EyhjYjAwZjM3NGNkZjNmZWQ2OWRiYjhiYzJkMzFmNDJkODMzZGFiNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc2/277F+3fLHLd+TdQ3koCMS2sZ
a83cPcrcyltvD0KZlUcyJZ8pbsueEUbQmUgCVIZAxjR9uFmEKMrEsSgGcWt+1YHQ
xmUfsPr5C8wgCpSK12n1dacwK2WRgVwiyuxZvca7GDjy5xw+zeapPfD6fU+mZG3q
S3coIP5lMC0YZ5i2SUJQqmjjll78Jf7L6vUAOAAsrJFjql/zkFwzKMLvFxpbCbLP
sYBxjFzSFMVBhRLXWQqihYXF1kb3uurDKjt+9TlQXlFirQz3h50zPwV318k85frd
1+Xyf5VvchccCVJSzMIexmHJM85wAN808H97lDAizp819er+XDYgKbDU1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsA83TN8/7WnbuLwtMfQtgz2rZrMB8GA1UdIwQY
MBaAFIZbB8KJ32vJx2LbQym6DOPFKf7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEt
MmFmYTMwM2U0OTVkLzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEtMmFmYTMwM2U0OTVk
LzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqf4anh3c
6jUi6ysvwCAiSuXZ3MMnIY5oNASrjqa77QRsIcJqaMkcwWMRU6gWNL/VXMQ0JbDL
GeL/HZp4y2lzaXJMSLivQ5PPVgm1BPNZHw0S9bFLyhWEzQ7Kb62m6EQm+HUemu/H
PKV5VNnUMhVy4PBOU9tNT1eKSHWNK5529N/MtGDozCgihO5AXR5dOWGA5bfZmFGA
RUYc8kDaJ2MVX0WYmbHXp0iGIt2v739+paHv3R7PDFM9ghdCBnwnYp6hQ6O/Gxaz
7VEbavjnRWAgxB8TvIbaV9sbQkJ6JNMDX9PD6BdVMMIe9NwyZgicH9/DwETShhu0
dWOEwl3B2q0fyg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:13:32 2025 by rpki-client