Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
File: HNq3BST9UTE7hPXY9GNio9jICBQ.mft (raw, json)
Hash identifier: i78unbdKUS5D38rR4j1n6NAvXp+KMP0gOsGV+HrGYIA=
Subject key identifier: F8:38:56:C3:CD:61:77:C5:3B:9D:B5:89:15:D7:DD:9E:E3:B3:D2:6E
Authority key identifier: 1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
Certificate issuer: /CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Certificate serial: 019A4DE1FB4EB844B68E0E700B9A467F1E1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 08:00:46 +0000
Manifest this update: Tue 04 Nov 2025 08:00:46 +0000
Manifest next update: Wed 05 Nov 2025 08:00:46 +0000
Files and hashes: 1: 8H6vwz49R0kM-gbNtDLGiXSOgWE.roa (hash: 7d11KfsVtGX7lu3CgRTWP0J/PhStNQboteNSMa34UZE=)
2: HNq3BST9UTE7hPXY9GNio9jICBQ.crl (hash: MLpEIVjaMA/G2gcUj9n6ZEsmefVp7jxGGZ3j3+h9Q5E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:fb:4e:b8:44:b6:8e:0e:70:0b:9a:46:7f:1e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Validity
Not Before: Nov 4 08:00:46 2025 GMT
Not After : Nov 5 08:00:46 2025 GMT
Subject: CN=f83856c3cd6177c53b9db58915d7dd9ee3b3d26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:a4:05:43:eb:be:cd:d4:c1:ce:01:fd:6e:
b2:2c:72:a9:9d:57:6e:ff:3a:e9:17:ee:7a:21:7b:
ae:6d:3c:1d:2d:14:fb:28:3c:b5:90:c5:c1:f0:1a:
cf:57:ea:7a:c0:31:d3:1f:7c:54:a1:d4:63:d7:91:
3d:52:42:65:39:9a:53:26:64:df:e6:7a:44:53:b1:
1d:f5:e8:5c:3e:26:48:4c:c3:ea:11:14:a0:a1:1e:
6b:ed:bd:b6:b3:7e:4a:4e:02:cf:60:9e:03:cf:0c:
53:2f:5a:ca:aa:18:4c:99:a3:b6:e3:11:f6:df:4c:
10:14:33:50:cb:80:ba:16:f2:bc:01:d4:b5:3c:63:
0c:6d:cd:1c:f5:67:96:e3:0f:92:dc:32:8e:27:34:
04:ad:6b:1a:2e:a4:d9:ea:72:e1:45:9d:68:99:bb:
70:21:79:af:e5:15:24:60:19:98:fe:c2:2e:5f:4f:
9e:05:89:3a:88:e4:5a:17:46:b6:02:c4:aa:97:57:
0a:25:57:03:88:3a:51:16:df:23:e2:d0:f6:c3:5d:
c5:64:50:b9:51:73:99:41:ad:ab:d9:e0:2a:79:4b:
df:2d:29:6b:f6:47:6e:b2:94:2b:44:10:f4:69:49:
c3:bd:a7:0c:6d:bc:d9:ae:ed:d7:8f:73:1e:4a:5b:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:38:56:C3:CD:61:77:C5:3B:9D:B5:89:15:D7:DD:9E:E3:B3:D2:6E
X509v3 Authority Key Identifier:
keyid:1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:d4:ef:c3:cd:c2:5a:61:07:aa:aa:74:1c:00:e0:d3:83:3a:
5f:6c:fd:d8:34:b3:e4:69:34:5f:ec:ef:a2:8d:be:57:fe:90:
68:b2:de:36:d2:6f:03:50:d0:69:46:3d:52:af:49:50:c7:bb:
7b:e0:83:c3:f2:fb:d2:4a:c3:82:97:89:c7:07:fa:db:1c:38:
61:e8:8b:9e:33:57:b3:33:1a:38:ce:16:06:c9:a0:4c:9a:c1:
9a:1e:13:c3:10:6f:ab:c6:eb:8c:56:c7:60:34:9e:a3:32:46:
cb:e2:7c:dd:5c:eb:73:d6:98:da:4e:e3:90:b7:8f:2c:8d:93:
87:1f:ac:c6:e4:f8:2e:bc:cc:5c:93:51:54:f1:4d:74:f8:41:
b3:6c:02:77:5d:a8:70:55:54:be:f6:93:73:f5:b1:c6:0b:ed:
59:8a:60:b1:61:d9:98:4d:dc:1a:5e:dc:e9:3c:75:18:ae:f9:
9a:6b:d3:58:74:64:c5:bb:58:0b:16:05:6e:f7:0b:c6:c9:7a:
6c:10:fb:19:c6:98:ec:c6:4f:e1:74:f7:67:b8:9a:cc:d3:b6:
d4:5f:a4:72:09:16:ce:73:a9:af:de:6f:f6:68:1d:fc:71:24:
ab:67:16:cb:00:14:24:64:f8:ed:92:3d:73:cc:02:1f:94:20:
39:2d:af:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4ftOuES2jg5wC5pGfx4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGFiNzA1MjRmZDUxMzEzYjg0ZjVkOGY0NjM2MmEzZDhj
ODA4MTQwHhcNMjUxMTA0MDgwMDQ2WhcNMjUxMTA1MDgwMDQ2WjAzMTEwLwYDVQQD
EyhmODM4NTZjM2NkNjE3N2M1M2I5ZGI1ODkxNWQ3ZGQ5ZWUzYjNkMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5ekBUPrvs3Uwc4B/W6yLHKpnVdu
/zrpF+56IXuubTwdLRT7KDy1kMXB8BrPV+p6wDHTH3xUodRj15E9UkJlOZpTJmTf
5npEU7Ed9ehcPiZITMPqERSgoR5r7b22s35KTgLPYJ4DzwxTL1rKqhhMmaO24xH2
30wQFDNQy4C6FvK8AdS1PGMMbc0c9WeW4w+S3DKOJzQErWsaLqTZ6nLhRZ1ombtw
IXmv5RUkYBmY/sIuX0+eBYk6iORaF0a2AsSql1cKJVcDiDpRFt8j4tD2w13FZFC5
UXOZQa2r2eAqeUvfLSlr9kduspQrRBD0aUnDvacMbbzZru3Xj3MeSltkpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPg4VsPNYXfFO521iRXX3Z7js9JuMB8GA1UdIwQY
MBaAFBzatwUk/VExO4T12PRjYqPYyAgUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzIt
OTlmNjkzZTQ1MDYxLzEvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzItOTlmNjkzZTQ1MDYx
LzEvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHdTvw83C
WmEHqqp0HADg04M6X2z92DSz5Gk0X+zvoo2+V/6QaLLeNtJvA1DQaUY9Uq9JUMe7
e+CDw/L70krDgpeJxwf62xw4YeiLnjNXszMaOM4WBsmgTJrBmh4TwxBvq8brjFbH
YDSeozJGy+J83Vzrc9aY2k7jkLePLI2Thx+sxuT4LrzMXJNRVPFNdPhBs2wCd12o
cFVUvvaTc/WxxgvtWYpgsWHZmE3cGl7c6Tx1GK75mmvTWHRkxbtYCxYFbvcLxsl6
bBD7GcaY7MZP4XT3Z7iazNO21F+kcgkWznOpr95v9mgd/HEkq2cWywAUJGT47ZI9
c8wCH5QgOS2vKg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:23:32 2025 by rpki-client