Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier: 3EF0Ub9wsXUOfZCdakYU5K+8ESRSyiZzFwbPonERrHU=
Subject key identifier: 69:0B:C1:3D:BA:AA:BC:34:2B:6A:4E:3B:BC:9D:C9:23:A1:44:80:44
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer: /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial: 019A4F9977AB091640FE52477F2C9742507B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 16:00:48 +0000
Manifest this update: Tue 04 Nov 2025 16:00:48 +0000
Manifest next update: Wed 05 Nov 2025 16:00:48 +0000
Files and hashes: 1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: eXy0+yuMteOuQ7S6HqBVVomxg8Vz+fQSWM/DSyveqgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:77:ab:09:16:40:fe:52:47:7f:2c:97:42:50:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
Validity
Not Before: Nov 4 16:00:48 2025 GMT
Not After : Nov 5 16:00:48 2025 GMT
Subject: CN=690bc13dbaaabc342b6a4e3bbc9dc923a1448044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:81:14:62:ab:24:36:fb:6d:d1:73:e3:96:
ce:8e:e8:a1:23:c3:e3:1f:e5:ae:e0:5a:c3:a1:af:
d4:8a:b0:ab:dd:b7:b4:04:2b:3d:02:5c:66:60:89:
d4:b8:1b:53:a5:a1:93:91:cd:1a:d4:2f:fb:2d:dd:
e0:b0:f2:2b:e9:f0:6f:9f:3a:a3:34:14:ed:6c:39:
79:92:4b:1f:e6:58:c8:8f:36:8a:86:c0:d1:c7:32:
44:46:02:ea:c4:8d:45:ce:f9:93:de:83:0c:43:97:
d5:22:9c:62:fc:36:6a:42:a9:33:a1:08:3b:7b:9e:
ca:30:c1:7d:19:61:56:b5:ef:90:87:f5:2a:aa:58:
29:c1:f8:6a:e7:15:45:0b:fd:c9:b8:c4:0a:ec:fc:
b1:c4:70:d7:07:57:51:b4:80:43:e1:fb:f8:eb:5e:
0c:be:30:d5:fa:d7:ca:4c:7c:54:d0:1b:7e:3f:16:
7b:97:91:8e:9b:59:cf:ce:5f:59:3d:01:22:e3:c8:
cf:b1:af:53:b0:4c:a9:07:d1:6b:45:6e:2c:4f:bf:
99:00:ba:1d:cf:4d:af:f8:b7:29:fc:64:e9:7c:ca:
64:38:58:9c:18:a6:4b:43:5e:d0:7c:12:76:15:eb:
08:cd:96:11:f5:9d:aa:3b:22:a3:7a:4e:53:0b:32:
24:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0B:C1:3D:BA:AA:BC:34:2B:6A:4E:3B:BC:9D:C9:23:A1:44:80:44
X509v3 Authority Key Identifier:
keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:8b:7f:60:8b:00:e9:a3:12:2e:35:5d:29:be:08:30:c5:61:
ea:56:5d:27:41:92:88:44:a5:42:8e:51:85:05:db:93:65:66:
3c:5c:85:5a:e0:c2:c1:be:4a:96:34:93:d9:1a:7e:c4:45:1f:
68:e4:00:ed:40:1f:00:b7:b9:bd:92:51:03:e9:0d:04:c3:90:
99:93:0f:ff:9a:0e:62:ed:f1:01:f1:80:c1:c9:a3:44:a9:f8:
94:6b:87:ff:ce:27:82:3a:cf:c3:c1:85:ed:9d:1b:80:55:59:
4c:5b:02:65:63:bf:95:f5:af:2a:80:f4:1d:ac:02:dc:a6:4b:
74:3d:88:b4:68:e3:29:40:f2:b3:b8:42:4d:4c:7e:34:ac:b7:
8a:c2:e3:c6:8d:ee:e9:10:08:98:93:58:51:6d:1b:61:43:41:
bf:1c:f7:f1:8d:b5:f5:2f:e2:60:57:6d:0e:d4:76:a4:e6:60:
81:da:9c:69:2f:d4:95:fe:cd:a3:64:18:8d:07:d8:4c:fa:e6:
3e:07:6e:fe:1f:4f:54:5c:9c:8e:03:03:0b:54:2c:3f:2d:ce:
82:e8:ea:de:c9:62:48:1b:58:85:35:6b:d8:f4:82:66:03:44:
6b:89:3f:ea:5a:b3:b3:e7:44:2b:f1:e7:65:3a:1c:2b:03:c2:
7b:70:ba:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmXerCRZA/lJHfyyXQlB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjUxMTA0MTYwMDQ4WhcNMjUxMTA1MTYwMDQ4WjAzMTEwLwYDVQQD
Eyg2OTBiYzEzZGJhYWFiYzM0MmI2YTRlM2JiYzlkYzkyM2ExNDQ4MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZuBFGKrJDb7bdFz45bOjuihI8Pj
H+Wu4FrDoa/UirCr3be0BCs9AlxmYInUuBtTpaGTkc0a1C/7Ld3gsPIr6fBvnzqj
NBTtbDl5kksf5ljIjzaKhsDRxzJERgLqxI1FzvmT3oMMQ5fVIpxi/DZqQqkzoQg7
e57KMMF9GWFWte+Qh/Uqqlgpwfhq5xVFC/3JuMQK7PyxxHDXB1dRtIBD4fv4614M
vjDV+tfKTHxU0Bt+PxZ7l5GOm1nPzl9ZPQEi48jPsa9TsEypB9FrRW4sT7+ZALod
z02v+Lcp/GTpfMpkOFicGKZLQ17QfBJ2FesIzZYR9Z2qOyKjek5TCzIkBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkLwT26qrw0K2pOO7ydySOhRIBEMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4t/YIsA
6aMSLjVdKb4IMMVh6lZdJ0GSiESlQo5RhQXbk2VmPFyFWuDCwb5KljST2Rp+xEUf
aOQA7UAfALe5vZJRA+kNBMOQmZMP/5oOYu3xAfGAwcmjRKn4lGuH/84ngjrPw8GF
7Z0bgFVZTFsCZWO/lfWvKoD0HawC3KZLdD2ItGjjKUDys7hCTUx+NKy3isLjxo3u
6RAImJNYUW0bYUNBvxz38Y219S/iYFdtDtR2pOZggdqcaS/Ulf7No2QYjQfYTPrm
Pgdu/h9PVFycjgMDC1QsPy3Ogujq3sliSBtYhTVr2PSCZgNEa4k/6lqzs+dEK/Hn
ZTocKwPCe3C6iw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:50:55 2025 by rpki-client