Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: wNzUHiPQ3/g3LD9pZ3ouER1SCma4hbfKNo/R99J+G40=
Subject key identifier: EE:BF:72:50:EB:F6:16:45:9D:D7:75:1F:A3:44:8C:E0:B9:B9:68:62
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 019A4EF59B30029B56BF6F159B72ABC38BDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 14BA
Signing time: Tue 04 Nov 2025 13:01:50 +0000
Manifest this update: Tue 04 Nov 2025 13:01:50 +0000
Manifest next update: Wed 05 Nov 2025 13:01:50 +0000
Files and hashes: 1: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: CCaXy6T4IEWGWIfMsunSmoDhwtKHsKJpTmrQlvbjlUE=)
2: jHj1kA03qC8i8hguuEC8ASnj4XQ.roa (hash: 6J5ezyoc/LI46xWXhW/cUUltYyOZg4CBJG0jaVAl1nQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:9b:30:02:9b:56:bf:6f:15:9b:72:ab:c3:8b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: Nov 4 13:01:50 2025 GMT
Not After : Nov 5 13:01:50 2025 GMT
Subject: CN=eebf7250ebf616459dd7751fa3448ce0b9b96862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:50:02:18:05:9f:07:7a:bd:93:95:b0:00:0c:
06:f2:7e:cc:12:5b:ff:f4:75:5c:ea:d1:02:a8:85:
83:93:d6:d3:9c:c7:fe:09:8a:b2:08:8f:1d:05:96:
1e:1e:2e:e4:19:d8:c5:c7:35:cf:00:bb:88:f0:50:
3e:63:54:7a:a1:c8:8c:36:f2:5d:5c:f6:c9:f7:e1:
8c:b9:d7:36:52:3f:e2:32:22:48:37:8d:c3:67:ba:
3f:15:16:09:b3:81:13:17:23:81:ea:04:e7:8d:52:
44:54:64:37:12:9f:60:ee:2b:ff:57:b7:c0:bb:d2:
aa:0f:1e:2a:68:8e:37:d2:85:8a:16:f9:fd:83:8b:
28:a5:6b:99:85:26:e5:38:df:68:6d:97:1b:60:e5:
db:67:62:24:89:1e:c4:5f:5c:c6:29:0c:f7:76:b5:
4f:1b:70:7f:48:b0:62:bd:9f:49:d5:70:a1:af:cc:
c8:55:3e:3a:d6:bb:89:b5:f2:e5:7c:19:07:c9:39:
42:9f:db:55:1a:3c:fe:21:77:53:59:e2:d1:a8:d1:
7a:63:d8:7d:3c:77:17:6b:32:6e:d5:36:90:3d:0e:
01:79:90:10:a5:41:b8:3a:3f:b2:b8:7c:a6:7f:d7:
0c:4f:85:23:29:29:d3:b3:bf:cc:d2:cf:ea:06:c7:
7d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BF:72:50:EB:F6:16:45:9D:D7:75:1F:A3:44:8C:E0:B9:B9:68:62
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:72:53:73:42:9a:81:9c:5f:eb:80:cf:47:e8:3b:a7:e6:77:
24:01:93:75:aa:8a:94:97:e0:ba:01:1d:79:bc:e4:e8:b9:e5:
11:87:d1:d6:3b:e0:82:4e:3e:a8:9e:a1:d9:21:dd:8d:19:58:
d0:31:62:2f:a3:33:fe:96:f7:47:82:ae:88:b5:57:68:1c:bf:
a2:f5:52:b3:a6:8c:c0:41:f3:2a:83:8c:94:3b:74:a4:95:ae:
82:d2:2e:e9:80:1b:34:61:f9:e2:1a:4b:cb:39:4d:09:c9:46:
42:56:c8:2f:b0:2a:45:65:37:07:4a:87:9f:4a:d1:91:59:cb:
af:48:fd:6e:45:86:50:9d:d4:f3:fa:fd:fc:74:83:71:d8:78:
25:d0:8a:61:e0:ee:87:1f:ef:52:2c:f1:e3:23:0d:a7:ff:d9:
d6:fa:05:f1:3c:e8:d6:6f:84:5b:f5:e3:ff:a0:e9:8b:66:c1:
8f:2e:98:fd:c0:58:55:ad:4f:78:2f:9b:b5:14:49:37:48:62:
46:f0:8c:1e:2d:5d:ee:12:ae:31:b8:1a:f4:c5:c9:b9:51:ff:
dd:df:7a:48:0c:be:82:ac:10:e2:22:04:94:8c:ab:47:2a:29:
9f:18:6f:82:c1:37:8a:d5:10:f0:77:ae:11:59:a4:f6:ca:7e:
c7:70:2b:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ZswAptWv28Vm3Krw4vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjUxMTA0MTMwMTUwWhcNMjUxMTA1MTMwMTUwWjAzMTEwLwYDVQQD
EyhlZWJmNzI1MGViZjYxNjQ1OWRkNzc1MWZhMzQ0OGNlMGI5Yjk2ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1ACGAWfB3q9k5WwAAwG8n7MElv/
9HVc6tECqIWDk9bTnMf+CYqyCI8dBZYeHi7kGdjFxzXPALuI8FA+Y1R6ociMNvJd
XPbJ9+GMudc2Uj/iMiJIN43DZ7o/FRYJs4ETFyOB6gTnjVJEVGQ3Ep9g7iv/V7fA
u9KqDx4qaI430oWKFvn9g4sopWuZhSblON9obZcbYOXbZ2IkiR7EX1zGKQz3drVP
G3B/SLBivZ9J1XChr8zIVT461ruJtfLlfBkHyTlCn9tVGjz+IXdTWeLRqNF6Y9h9
PHcXazJu1TaQPQ4BeZAQpUG4Oj+yuHymf9cMT4UjKSnTs7/M0s/qBsd9CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6/clDr9hZFndd1H6NEjOC5uWhiMB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYXJTc0Ka
gZxf64DPR+g7p+Z3JAGTdaqKlJfgugEdebzk6LnlEYfR1jvggk4+qJ6h2SHdjRlY
0DFiL6Mz/pb3R4KuiLVXaBy/ovVSs6aMwEHzKoOMlDt0pJWugtIu6YAbNGH54hpL
yzlNCclGQlbIL7AqRWU3B0qHn0rRkVnLr0j9bkWGUJ3U8/r9/HSDcdh4JdCKYeDu
hx/vUizx4yMNp//Z1voF8Tzo1m+EW/Xj/6Dpi2bBjy6Y/cBYVa1PeC+btRRJN0hi
RvCMHi1d7hKuMbga9MXJuVH/3d96SAy+gqwQ4iIElIyrRyopnxhvgsE3itUQ8Heu
EVmk9sp+x3Ar0g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:09:34 2025 by rpki-client