
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier: g8QNpVKhjhXlHz0d1B9aLfwazz6bqXT5cy5Th5k9/qs=
Subject key identifier: 17:E1:22:A8:01:74:88:87:DC:D2:4D:C0:28:5B:93:AC:DD:4A:84:01
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer: /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial: 01987D89BF4D54B383BAF12B635A7A4F74A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number: 1016
Signing time: Wed 06 Aug 2025 04:00:36 +0000
Manifest this update: Wed 06 Aug 2025 04:00:36 +0000
Manifest next update: Thu 07 Aug 2025 04:00:36 +0000
Files and hashes: 1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: +UyQ384K6A3p7zAJaAZnTJ82pgTQpcg8dsjxgG9pX2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:89:bf:4d:54:b3:83:ba:f1:2b:63:5a:7a:4f:74:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Validity
Not Before: Aug 6 04:00:36 2025 GMT
Not After : Aug 7 04:00:36 2025 GMT
Subject: CN=17e122a801748887dcd24dc0285b93acdd4a8401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:83:34:95:49:7e:52:9e:3a:0f:30:c7:00:
f2:b0:a2:eb:e6:c4:8a:fe:5a:2c:fd:a8:6d:04:c0:
79:f7:5d:6b:d5:a1:86:f4:f1:71:94:16:f8:69:a0:
d1:72:ff:8a:8a:34:a2:db:98:2b:31:41:7e:23:31:
ca:03:78:9a:7d:3b:3d:98:d2:8a:45:89:b9:ab:8c:
34:2f:6f:86:23:11:ad:b2:8f:75:cb:c1:f7:af:c3:
4f:c4:15:da:fd:e7:32:8e:54:77:7c:e3:7c:e5:59:
20:17:45:6b:08:de:da:4a:d7:41:e7:c4:a0:b0:85:
55:dc:a4:9d:81:98:8f:42:1a:b0:af:f2:91:f1:a0:
24:f5:ad:79:ad:ba:3b:5d:3a:1e:ba:d8:85:bf:e3:
6b:a6:ab:c5:fd:ec:ca:1a:23:9b:13:d8:80:44:bd:
33:2a:c4:7b:77:c3:55:6f:da:9d:c9:02:2a:45:80:
45:4d:4d:42:02:fa:d8:aa:18:60:89:cd:73:0e:8d:
0d:80:f9:a5:bc:32:4d:52:2b:28:80:ed:0e:2f:08:
1e:96:34:b5:58:ed:87:3c:92:db:f4:99:e1:85:5b:
ca:53:ac:f7:e5:4a:96:73:c5:b6:a0:29:97:ab:65:
02:cc:21:7a:3e:f3:a0:bd:98:cb:42:80:db:35:23:
d6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E1:22:A8:01:74:88:87:DC:D2:4D:C0:28:5B:93:AC:DD:4A:84:01
X509v3 Authority Key Identifier:
keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:36:94:4a:6a:a2:7f:c3:37:55:e9:75:af:9e:4b:bd:5f:ea:
6a:aa:12:c6:35:d1:38:4a:34:a1:85:a7:d2:a6:2a:84:73:c6:
39:d6:f2:57:54:d9:ac:7d:90:be:f5:4c:61:88:ad:f5:4c:90:
71:2b:6a:eb:66:61:ad:43:9e:95:38:45:06:04:a0:9c:e6:29:
0e:c5:1a:52:86:b8:f0:a3:d5:07:1c:47:e8:d1:47:23:a4:fa:
1b:75:1a:86:9e:f8:b7:9c:78:ac:2c:af:29:2b:98:56:94:a0:
c9:73:71:72:2d:8f:bb:a2:31:8f:45:59:b7:24:7f:2c:4d:e8:
fd:02:a3:17:03:6d:2d:8a:fb:d6:e5:49:b7:db:ed:b8:09:63:
b4:30:86:ba:5a:da:5f:7a:46:93:f5:37:bb:b5:73:54:37:92:
54:3e:6e:a0:33:f7:8d:4e:5d:92:0c:42:f4:9d:8d:0d:09:97:
3a:26:b9:6c:3b:cd:ea:ca:0f:da:a4:74:59:0c:2e:df:12:65:
ff:ef:5c:91:8f:78:cf:92:35:bc:04:67:26:2c:4e:a3:be:83:
2a:4c:55:4e:c3:17:8f:86:83:28:d3:e3:2a:04:92:9b:cd:cc:
ac:d6:5c:20:da:14:9a:2f:41:cb:d7:b1:af:c4:28:2c:af:ae:
25:5a:b0:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9ib9NVLODuvErY1p6T3SgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjUwODA2MDQwMDM2WhcNMjUwODA3MDQwMDM2WjAzMTEwLwYDVQQD
EygxN2UxMjJhODAxNzQ4ODg3ZGNkMjRkYzAyODViOTNhY2RkNGE4NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAODNJVJflKeOg8wxwDysKLr5sSK
/los/ahtBMB5911r1aGG9PFxlBb4aaDRcv+KijSi25grMUF+IzHKA3iafTs9mNKK
RYm5q4w0L2+GIxGtso91y8H3r8NPxBXa/ecyjlR3fON85VkgF0VrCN7aStdB58Sg
sIVV3KSdgZiPQhqwr/KR8aAk9a15rbo7XToeutiFv+NrpqvF/ezKGiObE9iARL0z
KsR7d8NVb9qdyQIqRYBFTU1CAvrYqhhgic1zDo0NgPmlvDJNUisogO0OLwgeljS1
WO2HPJLb9JnhhVvKU6z35UqWc8W2oCmXq2UCzCF6PvOgvZjLQoDbNSPW4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfhIqgBdIiH3NJNwChbk6zdSoQBMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTaUSmqi
f8M3Vel1r55LvV/qaqoSxjXROEo0oYWn0qYqhHPGOdbyV1TZrH2QvvVMYYit9UyQ
cStq62ZhrUOelThFBgSgnOYpDsUaUoa48KPVBxxH6NFHI6T6G3Uahp74t5x4rCyv
KSuYVpSgyXNxci2Pu6Ixj0VZtyR/LE3o/QKjFwNtLYr71uVJt9vtuAljtDCGulra
X3pGk/U3u7VzVDeSVD5uoDP3jU5dkgxC9J2NDQmXOia5bDvN6soP2qR0WQwu3xJl
/+9ckY94z5I1vARnJixOo76DKkxVTsMXj4aDKNPjKgSSm83MrNZcINoUmi9By9ex
r8QoLK+uJVqwQg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:12:32 2025 by rpki-client