Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
File: HjXAaowG1d1k_nawkKPh4qSZbcg.mft (raw, json)
Hash identifier: jiqPqfzdL8Qq2dkmTVhdxRjPWodFfnLnBvCmLL3xFjU=
Subject key identifier: 6D:0B:C9:28:CC:43:68:05:44:97:71:15:0C:78:FC:4F:11:6C:A3:0C
Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Certificate serial: 019A4E1873D778DCF62F2391B52A0A9A96D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 09:00:16 +0000
Manifest this update: Tue 04 Nov 2025 09:00:16 +0000
Manifest next update: Wed 05 Nov 2025 09:00:16 +0000
Files and hashes: 1: HjXAaowG1d1k_nawkKPh4qSZbcg.crl (hash: h8cnPCEPAZMzuX1o1JltUabL9gYnxQKyye2nVSuX4kg=)
2: R12AgdneGd4IinauuD2IQCzaNdo.roa (hash: 0Vf4DfoprRpqIbS3viTk0elhBi8JnCMTTU8OHnzZBdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:73:d7:78:dc:f6:2f:23:91:b5:2a:0a:9a:96:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Validity
Not Before: Nov 4 09:00:16 2025 GMT
Not After : Nov 5 09:00:16 2025 GMT
Subject: CN=6d0bc928cc436805449771150c78fc4f116ca30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:e8:63:ed:90:df:04:46:59:56:64:d7:81:
98:60:8f:c5:b8:c5:07:4e:21:5b:8a:01:7d:ce:68:
bf:e6:4b:f1:e0:4e:3f:3c:c7:9b:2c:a9:2b:c9:2f:
19:91:58:42:08:39:14:64:1e:34:82:95:ae:e1:e6:
7e:31:b9:77:1c:e6:76:d4:28:1d:c7:a5:3d:10:6b:
99:29:10:00:e2:7d:25:65:62:fc:21:d9:5a:6d:8f:
06:cf:34:df:1a:8d:44:a4:33:86:45:1b:0b:7b:73:
fd:95:9f:b7:89:c7:6c:58:a0:37:24:19:47:9c:fe:
5c:16:dd:1c:17:88:ac:14:25:8e:85:cc:5c:e5:bf:
af:00:f0:5a:6f:a4:2c:98:6e:fc:5f:87:5c:9b:3b:
c3:4a:e8:01:45:5e:75:94:b4:a2:8b:3e:15:a7:70:
94:2e:37:62:d3:78:09:91:6a:f0:e2:bc:11:df:a6:
d6:0e:cf:8c:d0:7e:0c:bb:9f:93:08:5e:5c:f2:ec:
bc:39:25:77:17:c8:74:2b:8b:4f:ca:42:44:76:66:
d5:4e:78:a0:20:59:73:f8:b8:11:b4:f7:f0:9e:2f:
7a:a8:fc:a4:21:2c:b7:b4:f6:10:74:c0:43:55:cf:
cb:48:7c:6c:a5:c0:3e:f9:15:59:e3:1d:f4:99:42:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0B:C9:28:CC:43:68:05:44:97:71:15:0C:78:FC:4F:11:6C:A3:0C
X509v3 Authority Key Identifier:
keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:06:19:69:8c:5a:21:da:c7:3c:e5:8c:02:d8:26:4a:55:7b:
05:fd:b7:17:2f:47:31:bd:be:07:56:d0:aa:74:e5:89:b9:16:
5e:7e:5f:91:df:37:fc:56:1c:5b:e2:f9:8f:91:83:be:11:53:
3f:c1:d4:77:d3:5e:69:ca:80:a4:94:c9:75:3b:2b:df:f4:fb:
c0:15:91:3f:a2:4f:13:6f:a7:95:3d:3a:6a:1e:cd:32:3e:bb:
af:d3:d7:ee:6f:64:66:46:7f:e6:06:d5:05:36:44:af:90:ee:
e4:b2:db:b4:2b:d7:93:7d:e7:73:57:97:38:e4:f6:66:18:c8:
40:1d:7b:1d:ac:58:c3:66:57:67:a0:eb:50:d3:49:8e:74:c8:
76:02:5f:cd:34:0a:1a:50:e8:f7:11:ff:96:47:a4:e7:cd:d6:
87:95:fa:c7:c3:a2:be:52:e2:28:98:65:de:c9:15:89:ee:0c:
4a:27:39:d6:46:27:6f:95:3b:f0:de:5a:a3:97:95:01:23:fe:
b6:e7:99:bc:8a:52:d8:b7:ba:78:a3:e0:b3:f2:54:3e:19:82:
db:84:fa:01:31:ca:ae:fb:f0:8c:76:46:7d:c1:99:1f:78:0e:
d6:da:07:67:71:27:b7:b2:31:06:44:d6:a1:54:2d:f2:f6:29:
2b:e1:da:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGHPXeNz2LyORtSoKmpbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5
OTZkYzgwHhcNMjUxMTA0MDkwMDE2WhcNMjUxMTA1MDkwMDE2WjAzMTEwLwYDVQQD
Eyg2ZDBiYzkyOGNjNDM2ODA1NDQ5NzcxMTUwYzc4ZmM0ZjExNmNhMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrXoY+2Q3wRGWVZk14GYYI/FuMUH
TiFbigF9zmi/5kvx4E4/PMebLKkryS8ZkVhCCDkUZB40gpWu4eZ+Mbl3HOZ21Cgd
x6U9EGuZKRAA4n0lZWL8IdlabY8GzzTfGo1EpDOGRRsLe3P9lZ+3icdsWKA3JBlH
nP5cFt0cF4isFCWOhcxc5b+vAPBab6QsmG78X4dcmzvDSugBRV51lLSiiz4Vp3CU
Ljdi03gJkWrw4rwR36bWDs+M0H4Mu5+TCF5c8uy8OSV3F8h0K4tPykJEdmbVTnig
IFlz+LgRtPfwni96qPykISy3tPYQdMBDVc/LSHxspcA++RVZ4x30mUJyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0LySjMQ2gFRJdxFQx4/E8RbKMMMB8GA1UdIwQY
MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt
OWI1ZDc2YTk0OWY0LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0
LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATQYZaYxa
IdrHPOWMAtgmSlV7Bf23Fy9HMb2+B1bQqnTlibkWXn5fkd83/FYcW+L5j5GDvhFT
P8HUd9NeacqApJTJdTsr3/T7wBWRP6JPE2+nlT06ah7NMj67r9PX7m9kZkZ/5gbV
BTZEr5Du5LLbtCvXk33nc1eXOOT2ZhjIQB17HaxYw2ZXZ6DrUNNJjnTIdgJfzTQK
GlDo9xH/lkek583Wh5X6x8OivlLiKJhl3skVie4MSic51kYnb5U78N5ao5eVASP+
tueZvIpS2Le6eKPgs/JUPhmC24T6ATHKrvvwjHZGfcGZH3gO1toHZ3Ent7IxBkTW
oVQt8vYpK+Ha5g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:06:06 2025 by rpki-client