Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json)
Hash identifier: p2QRPyOlr69Y3jOsxgz35i7FPxVRsDp00Ol5/ze9cGg=
Subject key identifier: EE:8C:1A:00:37:E8:C2:DE:2E:91:4C:E1:F5:8D:9D:0D:A0:58:88:B0
Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Certificate serial: 019A4EF5EB66AF5159226F623DA587220EB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
Manifest number: 118C
Signing time: Tue 04 Nov 2025 13:02:10 +0000
Manifest this update: Tue 04 Nov 2025 13:02:10 +0000
Manifest next update: Wed 05 Nov 2025 13:02:10 +0000
Files and hashes: 1: CJqITen207ZODHzo1XtCMdI_VBo.roa (hash: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=)
2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: ucCZqwvJqvQQifGa/J1T5T9rdkmAZKWZG2uwrF2w9Ko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:eb:66:af:51:59:22:6f:62:3d:a5:87:22:0e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Validity
Not Before: Nov 4 13:02:10 2025 GMT
Not After : Nov 5 13:02:10 2025 GMT
Subject: CN=ee8c1a0037e8c2de2e914ce1f58d9d0da05888b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d3:8e:87:35:e0:c0:31:91:5c:eb:6b:82:ed:
2d:65:85:65:ef:81:1a:26:1c:7a:de:d5:46:78:ff:
b8:41:6f:dd:e1:cc:59:6e:82:24:3e:f3:19:c1:b9:
ce:65:0c:2e:28:c3:30:b5:07:be:77:18:fd:cf:03:
9a:38:9a:9b:82:75:39:91:8a:4d:b8:39:91:91:d2:
76:ab:ac:05:0d:d0:72:97:16:e2:a1:eb:1b:c5:d4:
5a:3d:04:10:71:1c:16:f4:98:4a:20:b1:1b:b8:0d:
14:72:a4:2e:ee:b4:71:f2:94:50:db:be:92:9c:d6:
ca:fe:70:47:49:b1:18:ff:d9:65:f6:60:30:6d:50:
93:cb:64:ff:2b:e7:8b:c0:da:1b:16:f8:4f:22:d5:
c4:30:40:47:62:34:4e:b0:83:23:9c:d8:24:d6:4e:
2a:7a:b0:f4:b3:de:e2:ec:20:3e:70:e4:37:14:99:
9d:da:21:5c:0c:7d:23:9b:5c:c1:e3:ff:18:79:83:
c3:85:46:29:01:45:4b:1b:01:cd:97:24:94:3d:b2:
e1:3b:b5:16:cf:02:8a:65:d8:01:92:d2:a8:c5:5f:
df:07:51:cf:15:80:87:be:29:6e:b5:eb:ab:9a:e8:
37:61:82:e1:f2:e1:b4:54:b3:a8:73:e8:c1:98:e2:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8C:1A:00:37:E8:C2:DE:2E:91:4C:E1:F5:8D:9D:0D:A0:58:88:B0
X509v3 Authority Key Identifier:
keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:c4:b9:1e:f5:76:72:3e:1f:d8:c6:02:47:b2:a1:49:8f:a8:
9a:9f:2f:29:49:9e:3d:b5:e7:a0:68:1e:64:3d:58:c5:0b:42:
d3:ea:1c:13:e6:8e:58:c3:a2:fd:00:29:13:ee:e4:98:46:0b:
58:de:32:37:16:00:cc:4c:48:8d:c9:a1:a1:b3:fe:78:bf:25:
43:58:73:01:1b:b8:f2:d1:f6:13:05:54:2f:ef:1b:96:43:30:
4f:28:f2:f0:9f:1c:88:30:24:0d:f0:30:f1:07:a9:ae:49:a8:
0d:30:29:13:04:10:c5:ed:2c:ca:ed:f2:69:14:92:a7:a4:35:
17:d0:57:9a:98:fc:41:10:76:90:d7:96:36:d8:61:05:58:53:
9a:69:41:e2:4b:dc:6d:84:75:2a:22:f1:b6:5f:04:c1:51:48:
43:a9:00:74:da:d3:96:a3:7b:51:f5:67:bd:e4:95:71:d8:6d:
3d:40:e9:dd:c3:ad:ab:3c:78:a1:2d:2f:69:1d:40:c6:b4:87:
12:f0:57:b7:7d:d7:14:8b:86:e4:86:3f:3f:4a:23:02:0e:0c:
7a:44:fd:33:12:3b:d0:0a:6d:ac:0e:46:12:91:a6:be:48:e9:
9c:e2:d2:6f:52:24:98:d7:07:44:c7:2c:f3:ee:a6:2c:6e:b1:
b6:d0:0d:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9etmr1FZIm9iPaWHIg6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh
YmNiYTgwHhcNMjUxMTA0MTMwMjEwWhcNMjUxMTA1MTMwMjEwWjAzMTEwLwYDVQQD
EyhlZThjMWEwMDM3ZThjMmRlMmU5MTRjZTFmNThkOWQwZGEwNTg4OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NOOhzXgwDGRXOtrgu0tZYVl74Ea
Jhx63tVGeP+4QW/d4cxZboIkPvMZwbnOZQwuKMMwtQe+dxj9zwOaOJqbgnU5kYpN
uDmRkdJ2q6wFDdBylxbioesbxdRaPQQQcRwW9JhKILEbuA0UcqQu7rRx8pRQ276S
nNbK/nBHSbEY/9ll9mAwbVCTy2T/K+eLwNobFvhPItXEMEBHYjROsIMjnNgk1k4q
erD0s97i7CA+cOQ3FJmd2iFcDH0jm1zB4/8YeYPDhUYpAUVLGwHNlySUPbLhO7UW
zwKKZdgBktKoxV/fB1HPFYCHviluteurmug3YYLh8uG0VLOoc+jBmOLlXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6MGgA36MLeLpFM4fWNnQ2gWIiwMB8GA1UdIwQY
MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt
NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy
LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp8S5HvV2
cj4f2MYCR7KhSY+omp8vKUmePbXnoGgeZD1YxQtC0+ocE+aOWMOi/QApE+7kmEYL
WN4yNxYAzExIjcmhobP+eL8lQ1hzARu48tH2EwVUL+8blkMwTyjy8J8ciDAkDfAw
8QeprkmoDTApEwQQxe0syu3yaRSSp6Q1F9BXmpj8QRB2kNeWNthhBVhTmmlB4kvc
bYR1KiLxtl8EwVFIQ6kAdNrTlqN7UfVnveSVcdhtPUDp3cOtqzx4oS0vaR1AxrSH
EvBXt33XFIuG5IY/P0ojAg4MekT9MxI70AptrA5GEpGmvkjpnOLSb1IkmNcHRMcs
8+6mLG6xttANJw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:48:02 2025 by rpki-client