Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: mlD3ls0ZRqoHJbS5+LxL3dDJkqhnrtiTrzvJvmRwJMA=
Subject key identifier: 14:93:10:74:F1:76:AE:C6:4A:76:DA:FB:09:C1:68:79:90:C7:D7:B8
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 0197789D28B7D37BF29FD7EBA56B749F7B54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 111B
Signing time: Mon 16 Jun 2025 12:00:54 +0000
Manifest this update: Mon 16 Jun 2025 12:00:54 +0000
Manifest next update: Tue 17 Jun 2025 12:00:54 +0000
Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=)
2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: B7Gxp3eIm9Xd14Uw9OUd9jayZ35Q6qST0TTokuqf+AI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:9d:28:b7:d3:7b:f2:9f:d7:eb:a5:6b:74:9f:7b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Jun 16 12:00:54 2025 GMT
Not After : Jun 17 12:00:54 2025 GMT
Subject: CN=14931074f176aec64a76dafb09c1687990c7d7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:c9:ea:3a:cb:7c:9a:0e:31:4c:da:3e:39:
aa:ff:a0:82:11:68:0c:40:49:10:29:5c:90:96:46:
cb:e8:b2:f2:b2:97:13:db:c4:94:7f:17:93:8b:d5:
23:bb:7b:8f:e5:42:5d:fa:2d:05:21:53:ff:87:00:
43:fc:ea:86:56:d3:c8:b2:7c:2a:21:db:04:5e:29:
58:ef:20:45:88:24:03:85:ca:1d:bb:a9:00:08:90:
d6:e4:c9:f9:b0:eb:46:39:d2:b6:c9:99:ff:92:43:
f7:e6:8b:8f:86:59:2d:9a:be:d0:f3:79:2f:92:9a:
a1:a8:23:30:79:4d:b4:31:35:1c:f8:f5:1b:f3:14:
41:9e:9c:a5:83:2f:f0:59:3a:4e:17:42:5a:dc:96:
5c:c7:0a:cf:94:a8:a8:56:bb:ed:6a:6b:16:ef:06:
8d:3b:51:d4:7f:42:38:86:67:44:99:8d:fb:8b:dc:
81:4f:85:1e:51:e6:51:fa:32:62:28:d4:75:95:23:
92:cd:eb:ed:84:82:af:5c:8a:c8:e6:5d:67:a6:d8:
11:b4:f3:82:81:c2:8a:cb:38:e5:13:55:54:9d:89:
60:f7:6b:59:31:00:34:6b:6e:1c:1f:2a:10:14:9a:
b5:a6:97:77:72:3d:f2:d9:c5:64:80:5d:68:3b:22:
b1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:93:10:74:F1:76:AE:C6:4A:76:DA:FB:09:C1:68:79:90:C7:D7:B8
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:c7:7c:20:10:45:b0:f5:12:39:7a:6d:2f:7a:a3:c6:5c:d5:
c6:10:a8:69:d3:f8:80:79:bc:62:bb:0c:c6:78:1b:57:c0:a8:
1e:24:e7:4e:d6:19:28:46:64:19:46:be:37:48:54:23:fe:a6:
ab:17:78:c4:10:2b:98:57:88:0e:98:a3:a7:64:6b:03:02:7f:
11:7e:a4:ae:c6:0d:5a:48:cb:1a:dc:a8:2d:e6:fb:80:6b:ce:
15:67:fc:df:6c:7c:97:4b:d1:fb:0d:13:02:83:07:e7:76:f3:
1a:38:a8:3b:5b:5c:62:e3:39:00:db:14:ab:c6:a7:d9:c6:55:
e8:15:a0:76:bd:0c:f8:ae:17:ce:0e:ac:37:8d:33:3a:46:83:
92:f8:25:f9:5c:ba:a8:0a:13:21:2f:2a:69:cd:46:80:a0:07:
f1:79:30:00:7d:84:15:26:0d:cc:33:42:47:24:a9:05:4f:97:
43:8f:36:1a:84:93:f6:c9:b0:27:e9:74:b9:71:dc:40:67:eb:
5b:bc:c2:3e:20:29:47:e7:4d:a6:9c:78:c1:a3:3a:08:28:43:
fe:73:b2:30:d0:c2:d2:83:49:67:42:19:5e:30:28:18:ad:7a:
36:fe:3e:eb:0a:77:3f:b7:d9:a1:a9:8c:3b:0a:aa:1a:75:ae:
19:d6:60:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd4nSi303vyn9frpWt0n3tUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjUwNjE2MTIwMDU0WhcNMjUwNjE3MTIwMDU0WjAzMTEwLwYDVQQD
EygxNDkzMTA3NGYxNzZhZWM2NGE3NmRhZmIwOWMxNjg3OTkwYzdkN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPjJ6jrLfJoOMUzaPjmq/6CCEWgM
QEkQKVyQlkbL6LLyspcT28SUfxeTi9Uju3uP5UJd+i0FIVP/hwBD/OqGVtPIsnwq
IdsEXilY7yBFiCQDhcodu6kACJDW5Mn5sOtGOdK2yZn/kkP35ouPhlktmr7Q83kv
kpqhqCMweU20MTUc+PUb8xRBnpylgy/wWTpOF0Ja3JZcxwrPlKioVrvtamsW7waN
O1HUf0I4hmdEmY37i9yBT4UeUeZR+jJiKNR1lSOSzevthIKvXIrI5l1nptgRtPOC
gcKKyzjlE1VUnYlg92tZMQA0a24cHyoQFJq1ppd3cj3y2cVkgF1oOyKxdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSTEHTxdq7GSnba+wnBaHmQx9e4MB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsd8IBBF
sPUSOXptL3qjxlzVxhCoadP4gHm8YrsMxngbV8CoHiTnTtYZKEZkGUa+N0hUI/6m
qxd4xBArmFeIDpijp2RrAwJ/EX6krsYNWkjLGtyoLeb7gGvOFWf832x8l0vR+w0T
AoMH53bzGjioO1tcYuM5ANsUq8an2cZV6BWgdr0M+K4Xzg6sN40zOkaDkvgl+Vy6
qAoTIS8qac1GgKAH8XkwAH2EFSYNzDNCRySpBU+XQ482GoST9smwJ+l0uXHcQGfr
W7zCPiApR+dNppx4waM6CChD/nOyMNDC0oNJZ0IZXjAoGK16Nv4+6wp3P7fZoamM
OwqqGnWuGdZgiA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:03:13 2025 by rpki-client