Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
File: HCF8gIa-KdUPg8j9j8kXsAnePIE.mft (raw, json)
Hash identifier: eixFro3itTPZyAFYyc32AS1DKLeOVc9GHLjoO1nAtjo=
Subject key identifier: 61:5B:EE:ED:F7:7A:23:A2:C0:23:65:C9:02:B5:1D:3B:A3:4C:3A:86
Authority key identifier: 1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
Certificate issuer: /CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Certificate serial: 019A533F48260CB285BA28FD6C357D25BFD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
Manifest number: 0235
Signing time: Wed 05 Nov 2025 09:00:47 +0000
Manifest this update: Wed 05 Nov 2025 09:00:47 +0000
Manifest next update: Thu 06 Nov 2025 09:00:47 +0000
Files and hashes: 1: 0Ai9U12mBfKyiWOFnwxyJgomY7A.roa (hash: w93SlMAnXeNUWu2aTB2M64qmn0qVbSFDgVMubrcribE=)
2: HCF8gIa-KdUPg8j9j8kXsAnePIE.crl (hash: NwiTejwwSvCeNIlgHq1hTTf1PCUku+O160kOPBY9WgE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:3f:48:26:0c:b2:85:ba:28:fd:6c:35:7d:25:bf:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Validity
Not Before: Nov 5 09:00:47 2025 GMT
Not After : Nov 6 09:00:47 2025 GMT
Subject: CN=615beeedf77a23a2c02365c902b51d3ba34c3a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b6:97:96:6c:0f:2a:a0:e1:23:3c:cc:93:a1:
21:f6:3f:92:2f:54:d9:b8:27:07:de:03:81:df:6f:
6e:87:f1:8d:34:cc:8c:a3:0a:c3:66:c8:74:4d:f0:
d6:96:6c:be:2b:0d:9b:af:b8:2e:12:40:6e:15:31:
4b:12:11:f8:25:e2:3c:e2:6e:d4:9e:a7:f6:96:0b:
24:53:ee:7f:22:38:5c:41:76:fc:eb:3c:f6:da:11:
08:0a:71:5c:f2:02:43:1f:c7:c3:69:54:47:c2:4a:
7c:4c:b9:9d:61:fb:fa:fa:a9:d8:04:df:f9:4b:36:
ed:0e:e8:25:e1:22:17:be:e5:8d:9d:1a:13:98:3d:
b5:e9:27:3d:b3:23:e0:99:14:9e:6b:aa:c2:24:29:
18:c1:3d:d1:d7:81:ec:db:c1:dc:e2:ad:15:6b:bd:
9d:cf:41:01:13:74:1a:9f:8e:bf:03:4a:63:9a:51:
27:c6:86:55:b8:25:6e:ce:4f:80:dd:1e:31:2d:77:
35:f1:ed:9b:9b:cf:0a:41:2e:f6:2b:3d:4a:5b:74:
38:a5:e1:2e:0d:b6:52:b3:d8:7e:a7:c9:13:2f:78:
c6:1e:90:08:71:c4:34:37:bd:fd:c8:0b:ce:f6:3f:
50:21:ec:43:ca:ce:b1:63:49:53:f7:b9:63:a8:aa:
e6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5B:EE:ED:F7:7A:23:A2:C0:23:65:C9:02:B5:1D:3B:A3:4C:3A:86
X509v3 Authority Key Identifier:
keyid:1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:a5:bd:80:87:17:7b:81:4d:1e:ee:d9:04:00:04:9b:8f:fa:
57:5b:4e:d1:a0:07:66:92:bd:78:6c:9b:39:84:f6:f9:65:13:
fc:16:a8:a6:24:56:4c:57:fc:46:16:6d:50:3e:ab:20:81:0d:
46:13:bc:80:1e:7c:53:4c:cd:65:80:35:07:9b:e9:38:51:bf:
8a:86:75:b3:17:e9:63:f3:27:75:56:7a:df:7a:f2:ef:92:52:
d7:3c:b8:bc:7d:33:7f:d4:65:91:ef:34:09:3d:8b:26:55:04:
30:d7:0b:0b:a5:6c:9d:c1:fc:25:d2:a1:39:3f:a7:e9:87:e4:
7a:1c:66:b5:a3:7c:08:ec:de:2e:98:be:8e:bb:d2:81:81:f2:
34:2c:4a:d8:64:cb:9e:76:38:ff:ec:91:6a:0f:41:a6:17:28:
c7:2c:a8:e5:0b:b8:2f:19:b8:22:54:fb:ee:d0:01:3a:ab:51:
3f:27:3e:15:2f:f5:be:63:51:be:e0:bd:85:39:db:37:eb:4c:
21:d7:20:00:2a:e9:1e:43:7d:33:43:46:24:b4:0c:ae:1b:ab:
66:03:5d:32:de:a2:bd:a4:09:21:7f:a7:f9:f3:0c:3c:0f:63:
5c:30:26:05:0f:b3:a0:75:30:33:5a:92:84:84:68:15:07:3e:
96:84:61:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTP0gmDLKFuij9bDV9Jb/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjE3YzgwODZiZTI5ZDUwZjgzYzhmZDhmYzkxN2IwMDlk
ZTNjODEwHhcNMjUxMTA1MDkwMDQ3WhcNMjUxMTA2MDkwMDQ3WjAzMTEwLwYDVQQD
Eyg2MTViZWVlZGY3N2EyM2EyYzAyMzY1YzkwMmI1MWQzYmEzNGMzYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbaXlmwPKqDhIzzMk6Eh9j+SL1TZ
uCcH3gOB329uh/GNNMyMowrDZsh0TfDWlmy+Kw2br7guEkBuFTFLEhH4JeI84m7U
nqf2lgskU+5/IjhcQXb86zz22hEICnFc8gJDH8fDaVRHwkp8TLmdYfv6+qnYBN/5
SzbtDugl4SIXvuWNnRoTmD216Sc9syPgmRSea6rCJCkYwT3R14Hs28Hc4q0Va72d
z0EBE3Qan46/A0pjmlEnxoZVuCVuzk+A3R4xLXc18e2bm88KQS72Kz1KW3Q4peEu
DbZSs9h+p8kTL3jGHpAIccQ0N739yAvO9j9QIexDys6xY0lT97ljqKrm5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFb7u33eiOiwCNlyQK1HTujTDqGMB8GA1UdIwQY
MBaAFBwhfICGvinVD4PI/Y/JF7AJ3jyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1Zjkt
ZjM0YjMxZDNiNDNjLzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1ZjktZjM0YjMxZDNiNDNj
LzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIaW9gIcX
e4FNHu7ZBAAEm4/6V1tO0aAHZpK9eGybOYT2+WUT/BaopiRWTFf8RhZtUD6rIIEN
RhO8gB58U0zNZYA1B5vpOFG/ioZ1sxfpY/MndVZ633ry75JS1zy4vH0zf9Rlke80
CT2LJlUEMNcLC6VsncH8JdKhOT+n6YfkehxmtaN8COzeLpi+jrvSgYHyNCxK2GTL
nnY4/+yRag9Bphcoxyyo5Qu4Lxm4IlT77tABOqtRPyc+FS/1vmNRvuC9hTnbN+tM
IdcgACrpHkN9M0NGJLQMrhurZgNdMt6ivaQJIX+n+fMMPA9jXDAmBQ+zoHUwM1qS
hIRoFQc+loRhOg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:00:11 2025 by rpki-client