Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File: HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier: VnTy4LUlFRMGrYlVYdycVnSf0Z81oXL/e/7UmIZgLMM=
Subject key identifier: 33:69:2B:0F:C7:2E:B6:A3:56:94:A7:55:6C:F0:94:EF:71:D1:2F:8D
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer: /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial: 019A4F2B939285B940D83AF47E4777C9E46A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number: 0683
Signing time: Tue 04 Nov 2025 14:00:47 +0000
Manifest this update: Tue 04 Nov 2025 14:00:47 +0000
Manifest next update: Wed 05 Nov 2025 14:00:47 +0000
Files and hashes: 1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: lhS3kfHI0NCCYL6TLyxRJk0/AzGj5BVjLEhm7Rp2JZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:93:92:85:b9:40:d8:3a:f4:7e:47:77:c9:e4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
Validity
Not Before: Nov 4 14:00:47 2025 GMT
Not After : Nov 5 14:00:47 2025 GMT
Subject: CN=33692b0fc72eb6a35694a7556cf094ef71d12f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:07:bc:c0:da:bf:c6:80:ce:f8:e7:63:e5:f1:
01:e3:0b:71:f1:6e:21:ca:11:be:af:8f:19:d0:01:
6a:8c:e4:9d:d9:46:7b:32:86:f1:94:b2:e2:6b:34:
77:f2:32:01:29:94:de:60:a0:fc:b2:d4:a4:79:d6:
61:71:8b:62:be:69:49:84:a6:14:93:4c:e5:0b:a0:
16:52:71:e8:c0:85:3d:c0:79:f3:e4:da:07:76:81:
6f:8c:0c:22:01:fc:31:9a:dd:a8:c7:3d:f0:17:4c:
4a:bd:f3:ff:e7:b8:08:bc:0a:49:16:e7:40:8f:b4:
47:a3:51:e5:18:dd:62:77:0d:a5:1a:14:2d:48:18:
c8:e7:59:cf:2e:bb:2b:5c:24:fe:5d:ef:c7:5d:2c:
91:19:e7:d2:08:c9:a2:59:92:bd:6f:a7:5e:77:f4:
20:f4:71:63:10:82:ea:0d:21:45:16:06:82:89:f1:
fc:c3:e0:2b:55:57:ef:ae:32:ae:59:9d:42:d9:ac:
49:5c:26:9b:39:66:db:1a:c0:35:3d:8b:6f:b2:d0:
bc:f0:a5:11:06:e6:41:17:69:51:21:4f:0e:93:1e:
34:ad:2c:85:5a:db:a1:cf:af:cb:d5:bf:fa:0d:2d:
76:3c:77:df:e6:8a:ce:b9:aa:48:f1:82:d1:84:ba:
f1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:69:2B:0F:C7:2E:B6:A3:56:94:A7:55:6C:F0:94:EF:71:D1:2F:8D
X509v3 Authority Key Identifier:
keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:cb:43:22:0c:ed:83:09:dd:d8:19:30:c0:05:15:70:1d:5d:
29:ce:94:94:37:11:da:58:e3:25:20:ee:d2:48:9f:5a:89:50:
3f:b4:48:20:92:36:57:cb:f4:91:fc:a1:1d:8c:ab:8b:3b:8f:
b7:5c:7f:5e:dc:9f:dc:11:d6:7c:32:b3:5f:07:59:cd:54:28:
38:1a:14:48:47:77:cd:28:32:ec:ae:70:99:62:0f:cb:6a:5f:
e0:5d:d9:7d:44:b7:3b:73:f8:c4:f3:3a:2c:24:bb:fb:7d:76:
f8:25:44:fd:e1:53:70:60:c2:d1:ea:c0:99:17:f5:b1:03:66:
79:cb:c5:cd:a5:e2:dd:11:1c:cb:7f:7a:c3:9c:69:bf:30:e2:
0c:7c:9b:fc:be:ad:d0:e7:bd:bb:df:a4:11:7f:7b:47:e3:3c:
2b:1e:4e:73:91:b0:6e:ff:bc:3e:c9:51:84:f7:a0:b1:17:61:
b9:ad:a7:8a:e4:ab:8e:fd:55:d1:8d:2c:f5:2d:0e:a9:c6:2a:
0b:84:2c:f6:35:18:71:87:be:1c:54:f2:07:18:92:50:a3:18:
48:c0:65:af:b3:cd:52:b0:bd:21:12:4b:bb:51:65:90:dd:22:
a9:63:32:4e:66:03:d3:e8:68:a4:74:d7:05:75:49:66:3e:9b:
5d:25:45:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK5OShblA2Dr0fkd3yeRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUxMTA0MTQwMDQ3WhcNMjUxMTA1MTQwMDQ3WjAzMTEwLwYDVQQD
EygzMzY5MmIwZmM3MmViNmEzNTY5NGE3NTU2Y2YwOTRlZjcxZDEyZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwe8wNq/xoDO+Odj5fEB4wtx8W4h
yhG+r48Z0AFqjOSd2UZ7MobxlLLiazR38jIBKZTeYKD8stSkedZhcYtivmlJhKYU
k0zlC6AWUnHowIU9wHnz5NoHdoFvjAwiAfwxmt2oxz3wF0xKvfP/57gIvApJFudA
j7RHo1HlGN1idw2lGhQtSBjI51nPLrsrXCT+Xe/HXSyRGefSCMmiWZK9b6ded/Qg
9HFjEILqDSFFFgaCifH8w+ArVVfvrjKuWZ1C2axJXCabOWbbGsA1PYtvstC88KUR
BuZBF2lRIU8Okx40rSyFWtuhz6/L1b/6DS12PHff5orOuapI8YLRhLrxhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNpKw/HLrajVpSnVWzwlO9x0S+NMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf8tDIgzt
gwnd2BkwwAUVcB1dKc6UlDcR2ljjJSDu0kifWolQP7RIIJI2V8v0kfyhHYyrizuP
t1x/Xtyf3BHWfDKzXwdZzVQoOBoUSEd3zSgy7K5wmWIPy2pf4F3ZfUS3O3P4xPM6
LCS7+312+CVE/eFTcGDC0erAmRf1sQNmecvFzaXi3REcy396w5xpvzDiDHyb/L6t
0Oe9u9+kEX97R+M8Kx5Oc5Gwbv+8PslRhPegsRdhua2niuSrjv1V0Y0s9S0OqcYq
C4Qs9jUYcYe+HFTyBxiSUKMYSMBlr7PNUrC9IRJLu1FlkN0iqWMyTmYD0+hopHTX
BXVJZj6bXSVF/g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:54:30 2025 by rpki-client