Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json)
Hash identifier: 2+WZbu1Ah6U3cavr/LfoYknFBn1XUkjyTLj+2VNCFTE=
Subject key identifier: B3:88:FC:BC:34:0B:91:91:CA:1B:D5:58:10:BA:65:65:D8:2D:77:F4
Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Certificate serial: 01989E5FAACE19611F096034262C22622BEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
Manifest number: 10AC
Signing time: Tue 12 Aug 2025 13:02:06 +0000
Manifest this update: Tue 12 Aug 2025 13:02:06 +0000
Manifest next update: Wed 13 Aug 2025 13:02:06 +0000
Files and hashes: 1: CJqITen207ZODHzo1XtCMdI_VBo.roa (hash: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=)
2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: +XEDqJFU2mk/4HV2bAd6V/21XgILIY3G5oLP6dIraw8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 13:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:5f:aa:ce:19:61:1f:09:60:34:26:2c:22:62:2b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Validity
Not Before: Aug 12 13:02:06 2025 GMT
Not After : Aug 13 13:02:06 2025 GMT
Subject: CN=b388fcbc340b9191ca1bd55810ba6565d82d77f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:55:25:6b:8d:c5:ab:11:08:90:8f:ce:7b:31:
08:0d:e8:86:3a:ed:9c:19:cb:42:cd:11:c1:23:5e:
5f:b0:b8:e5:b8:54:a4:b1:f8:f0:6f:b8:25:a2:44:
b8:6e:0e:94:66:01:ae:13:fd:39:af:9b:bc:45:aa:
98:d1:dd:9c:8d:ad:64:7f:ad:68:83:8b:d4:57:0e:
a0:d1:b8:93:ae:8b:01:65:c8:dd:4f:84:06:a3:60:
6c:fe:6e:4e:58:1b:89:cd:10:25:9e:9d:d2:36:2e:
8a:30:c7:d5:b9:4f:82:45:96:fc:88:90:e8:e5:04:
45:07:1d:cf:6f:38:ec:66:45:05:38:a8:25:4b:57:
be:39:4c:04:08:2f:f7:31:bc:65:92:99:19:6c:e5:
ea:eb:11:ba:dd:b9:ad:e3:c3:1d:d3:7a:ec:7a:ac:
11:df:a8:8a:8e:61:b2:c6:e8:37:39:78:00:c6:1e:
5e:73:05:e7:fd:35:c2:bb:d7:21:57:44:24:24:18:
5a:65:8f:0a:fe:ca:12:b7:ae:c0:b3:50:24:bc:71:
fe:b2:b3:8c:6b:1b:62:f2:aa:96:73:3b:aa:dd:27:
6d:2e:77:f0:01:c0:fc:d5:1b:e2:59:b1:23:0a:b3:
75:5f:14:f3:e5:c6:32:14:9f:45:51:2b:d5:4c:2c:
bc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:88:FC:BC:34:0B:91:91:CA:1B:D5:58:10:BA:65:65:D8:2D:77:F4
X509v3 Authority Key Identifier:
keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:0f:c5:34:15:72:f7:49:bf:5a:02:d4:17:c9:71:bd:1d:2f:
df:d4:f7:df:8e:2f:4a:a7:c7:27:8c:7f:aa:05:9e:5d:21:e1:
4f:11:b3:e7:85:6b:2c:53:96:f1:ef:00:f2:d4:d7:c6:ef:85:
f5:94:fb:8e:5c:bb:43:e0:c7:3d:10:20:66:e5:1b:05:08:56:
a0:fc:7e:90:2f:4c:84:04:b9:bf:fd:67:b6:40:35:2f:08:8c:
9c:82:9f:e7:3a:e1:07:1f:0c:bf:e2:43:b0:97:28:4b:14:a0:
a1:3f:bb:ec:f8:fc:ac:b1:9c:0f:c6:24:de:42:be:56:2b:84:
58:50:bc:68:b5:f0:00:62:b5:af:06:ef:04:55:04:c9:e4:ba:
b7:21:dc:0d:35:52:7f:2b:7f:3c:e9:cc:b7:d4:95:71:38:0d:
dc:cf:7d:a6:b5:4a:cd:01:23:f0:fb:76:f4:60:be:1f:ed:89:
dd:26:b6:12:f4:ff:d4:3c:c5:de:30:e5:8b:bd:7b:df:d7:f4:
f0:32:94:bc:a6:7c:f0:2c:3a:32:65:15:9e:ce:13:51:5c:c1:
ea:19:cd:de:1b:aa:ba:94:8e:37:d2:84:d7:64:f5:7e:98:8a:
f2:85:ed:b4:cb:89:c5:0c:eb:7a:73:35:6e:5c:11:ec:0f:cf:
5b:00:72:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZieX6rOGWEfCWA0JiwiYivvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh
YmNiYTgwHhcNMjUwODEyMTMwMjA2WhcNMjUwODEzMTMwMjA2WjAzMTEwLwYDVQQD
EyhiMzg4ZmNiYzM0MGI5MTkxY2ExYmQ1NTgxMGJhNjU2NWQ4MmQ3N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FUla43FqxEIkI/OezEIDeiGOu2c
GctCzRHBI15fsLjluFSksfjwb7glokS4bg6UZgGuE/05r5u8RaqY0d2cja1kf61o
g4vUVw6g0biTrosBZcjdT4QGo2Bs/m5OWBuJzRAlnp3SNi6KMMfVuU+CRZb8iJDo
5QRFBx3PbzjsZkUFOKglS1e+OUwECC/3MbxlkpkZbOXq6xG63bmt48Md03rseqwR
36iKjmGyxug3OXgAxh5ecwXn/TXCu9chV0QkJBhaZY8K/soSt67As1AkvHH+srOM
axti8qqWczuq3SdtLnfwAcD81RviWbEjCrN1XxTz5cYyFJ9FUSvVTCy81wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOI/Lw0C5GRyhvVWBC6ZWXYLXf0MB8GA1UdIwQY
MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt
NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy
LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQ/FNBVy
90m/WgLUF8lxvR0v39T3344vSqfHJ4x/qgWeXSHhTxGz54VrLFOW8e8A8tTXxu+F
9ZT7jly7Q+DHPRAgZuUbBQhWoPx+kC9MhAS5v/1ntkA1LwiMnIKf5zrhBx8Mv+JD
sJcoSxSgoT+77Pj8rLGcD8Yk3kK+ViuEWFC8aLXwAGK1rwbvBFUEyeS6tyHcDTVS
fyt/POnMt9SVcTgN3M99prVKzQEj8Pt29GC+H+2J3Sa2EvT/1DzF3jDli71739f0
8DKUvKZ88Cw6MmUVns4TUVzB6hnN3huqupSON9KE12T1fpiK8oXttMuJxQzrenM1
blwR7A/PWwBy7Q==
-----END CERTIFICATE-----
Generated at Tue Aug 12 22:40:46 2025 by rpki-client