Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
File: HCF8gIa-KdUPg8j9j8kXsAnePIE.mft (raw, json)
Hash identifier: N9LdqAP8BnOvE/7TPRti0KlQgdZjlhtIP+P1k+MdVpk=
Subject key identifier: FA:6D:65:B4:7B:57:C6:B3:D7:A3:8D:A0:2B:06:A4:32:2D:E8:BB:10
Authority key identifier: 1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
Certificate issuer: /CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Certificate serial: 019A552D1F817DB1A40CED746E9947707B8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
Manifest number: 0236
Signing time: Wed 05 Nov 2025 18:00:11 +0000
Manifest this update: Wed 05 Nov 2025 18:00:11 +0000
Manifest next update: Thu 06 Nov 2025 18:00:11 +0000
Files and hashes: 1: 0Ai9U12mBfKyiWOFnwxyJgomY7A.roa (hash: w93SlMAnXeNUWu2aTB2M64qmn0qVbSFDgVMubrcribE=)
2: HCF8gIa-KdUPg8j9j8kXsAnePIE.crl (hash: JyNPwncERKLHn6sQKP0U4E2QMaq3jfjPv1vtugGlQj4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 18:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:2d:1f:81:7d:b1:a4:0c:ed:74:6e:99:47:70:7b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Validity
Not Before: Nov 5 18:00:11 2025 GMT
Not After : Nov 6 18:00:11 2025 GMT
Subject: CN=fa6d65b47b57c6b3d7a38da02b06a4322de8bb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:22:ca:c6:04:ed:ea:e0:d0:a0:7f:89:bf:
13:51:f9:d8:6e:f6:73:5a:35:73:7e:98:95:4f:0a:
52:7a:b6:ae:ee:20:35:13:75:44:48:c8:6f:30:70:
a6:ab:bd:3e:7a:01:95:1e:74:15:7a:cf:ae:09:7b:
47:f3:4c:60:ff:8e:ce:22:42:60:ca:1b:62:16:be:
28:d5:34:49:1a:c0:df:6c:1a:09:a7:a0:04:7c:b9:
42:a1:0f:30:e0:87:8f:10:0d:9a:e2:2c:e6:87:f1:
56:e9:95:50:c2:6d:01:37:0c:5c:fe:fb:40:bd:74:
91:37:ba:c2:da:1a:9a:58:ab:5b:07:8e:4c:6c:2a:
a9:29:47:e4:d0:56:12:8b:f3:d4:a0:4a:50:79:dc:
a1:ec:84:51:f8:a7:ec:fb:f0:d0:a9:cb:7b:60:ed:
4d:69:56:22:10:ae:a2:98:3a:b1:76:42:ad:53:82:
ac:86:91:34:b6:b2:56:54:67:55:26:ed:4d:0a:25:
13:21:e8:23:96:2e:1a:a1:26:96:db:84:ff:63:c4:
e9:2c:31:89:21:16:13:af:53:04:fc:cd:bc:ce:00:
40:d2:c5:39:5c:28:c7:bf:93:9b:b2:e8:81:c5:70:
04:7d:9a:62:e5:11:53:dc:ad:94:9e:5c:21:20:c3:
0b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6D:65:B4:7B:57:C6:B3:D7:A3:8D:A0:2B:06:A4:32:2D:E8:BB:10
X509v3 Authority Key Identifier:
keyid:1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:fa:f6:9d:16:5d:ae:08:61:f0:ac:13:3d:cb:a9:fa:38:7d:
06:75:de:55:4f:33:6e:33:f8:77:37:19:66:38:b5:68:10:9b:
0e:da:ab:71:58:ab:db:92:18:f8:40:86:0a:2e:40:96:b7:45:
ed:03:27:d2:2e:ab:93:dc:49:27:55:50:62:35:b3:05:3c:28:
98:82:d5:aa:36:a7:5f:20:5e:3c:2a:f6:11:30:bd:ec:ad:1d:
12:66:1b:3a:4e:71:1c:48:49:fb:8e:b0:28:d9:af:e0:55:dc:
9d:14:9b:34:18:91:cf:4f:ac:98:5d:a7:cc:7f:2e:f3:cb:8c:
12:c9:31:48:e3:70:ab:58:c5:25:13:84:04:81:e1:6c:c9:64:
af:9d:6c:de:f2:c7:ca:47:04:c0:ab:37:a5:bc:d8:be:17:24:
93:31:47:ef:fb:25:df:e4:80:f3:2b:97:42:92:e3:fd:6b:2f:
8a:29:35:8a:59:3c:4b:cb:61:06:1a:83:72:7c:db:ab:da:52:
ce:eb:a4:fd:aa:0b:e6:37:99:f1:bf:2c:6b:a8:e0:b7:d9:8b:
73:da:8d:84:c0:5d:cf:1a:45:8d:39:34:0b:a2:31:90:ac:d8:
86:81:31:9b:f4:25:c3:7e:a1:c5:18:10:45:70:88:45:c1:da:
f4:d3:55:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVLR+BfbGkDO10bplHcHuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjE3YzgwODZiZTI5ZDUwZjgzYzhmZDhmYzkxN2IwMDlk
ZTNjODEwHhcNMjUxMTA1MTgwMDExWhcNMjUxMTA2MTgwMDExWjAzMTEwLwYDVQQD
EyhmYTZkNjViNDdiNTdjNmIzZDdhMzhkYTAyYjA2YTQzMjJkZThiYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwekiysYE7erg0KB/ib8TUfnYbvZz
WjVzfpiVTwpSerau7iA1E3VESMhvMHCmq70+egGVHnQVes+uCXtH80xg/47OIkJg
yhtiFr4o1TRJGsDfbBoJp6AEfLlCoQ8w4IePEA2a4izmh/FW6ZVQwm0BNwxc/vtA
vXSRN7rC2hqaWKtbB45MbCqpKUfk0FYSi/PUoEpQedyh7IRR+Kfs+/DQqct7YO1N
aVYiEK6imDqxdkKtU4KshpE0trJWVGdVJu1NCiUTIegjli4aoSaW24T/Y8TpLDGJ
IRYTr1ME/M28zgBA0sU5XCjHv5ObsuiBxXAEfZpi5RFT3K2UnlwhIMMLfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPptZbR7V8az16ONoCsGpDIt6LsQMB8GA1UdIwQY
MBaAFBwhfICGvinVD4PI/Y/JF7AJ3jyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1Zjkt
ZjM0YjMxZDNiNDNjLzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1ZjktZjM0YjMxZDNiNDNj
LzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq/r2nRZd
rghh8KwTPcup+jh9BnXeVU8zbjP4dzcZZji1aBCbDtqrcVir25IY+ECGCi5AlrdF
7QMn0i6rk9xJJ1VQYjWzBTwomILVqjanXyBePCr2ETC97K0dEmYbOk5xHEhJ+46w
KNmv4FXcnRSbNBiRz0+smF2nzH8u88uMEskxSONwq1jFJROEBIHhbMlkr51s3vLH
ykcEwKs3pbzYvhckkzFH7/sl3+SA8yuXQpLj/Wsviik1ilk8S8thBhqDcnzbq9pS
zuuk/aoL5jeZ8b8sa6jgt9mLc9qNhMBdzxpFjTk0C6IxkKzYhoExm/Qlw36hxRgQ
RXCIRcHa9NNVIg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:47:07 2025 by rpki-client