Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: K7hsow7Q8eu/PFf10ee58PCdx9oDkfK+QCgxog59Wrc=
Subject key identifier: F2:29:24:FE:31:E2:91:8F:63:D2:22:8B:81:D5:EF:7A:23:C8:59:80
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019874190AF8E5EADB7A701DF5F394773EC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 15A8
Signing time: Mon 04 Aug 2025 08:00:54 +0000
Manifest this update: Mon 04 Aug 2025 08:00:54 +0000
Manifest next update: Tue 05 Aug 2025 08:00:54 +0000
Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: xI5AafebKl3OuaS0aWqcPgM10d06KRjkMyOcQyc1ez8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:19:0a:f8:e5:ea:db:7a:70:1d:f5:f3:94:77:3e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Aug 4 08:00:54 2025 GMT
Not After : Aug 5 08:00:54 2025 GMT
Subject: CN=f22924fe31e2918f63d2228b81d5ef7a23c85980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:cd:a6:f6:86:53:1e:36:b8:ac:04:be:c9:
2c:48:c7:43:d4:6a:98:e5:a0:0b:76:8c:7f:8f:d7:
ae:f3:0a:9a:f3:13:ce:a3:a5:48:4c:e4:b8:90:aa:
bc:68:23:bf:44:35:89:05:b8:87:1a:9d:57:3e:c1:
44:88:a4:fb:05:35:2b:54:49:2c:0d:97:23:97:29:
e3:fc:64:47:7f:57:58:fa:6a:ec:32:80:ed:f3:ff:
7c:ea:9e:f0:82:32:ae:5d:dc:e6:86:78:9e:15:89:
0a:db:66:3b:c9:65:fe:8c:78:7d:d0:ab:95:3a:08:
86:07:70:b2:be:73:77:5e:56:19:0d:3c:96:ec:94:
15:1c:a8:74:85:b3:fc:05:6e:18:79:0b:d7:ae:91:
59:62:da:0c:a8:4f:77:7c:55:a2:35:bc:42:3d:30:
aa:e0:eb:84:9b:4d:86:0f:14:10:21:b2:c0:dc:bb:
68:a7:72:6d:e1:0d:43:bb:98:54:e3:a1:ec:44:ca:
d5:e8:a3:fd:f4:d6:30:9b:9c:42:c5:b7:81:a4:a2:
4c:2d:b6:f3:4a:dd:41:f6:f7:44:34:20:be:a8:b5:
ff:2a:93:96:9d:9b:17:22:6c:79:3c:73:df:5d:98:
1f:9b:0a:51:69:75:47:1a:a2:53:96:12:9b:19:0d:
38:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:29:24:FE:31:E2:91:8F:63:D2:22:8B:81:D5:EF:7A:23:C8:59:80
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:29:dd:6c:0c:d2:54:b2:a6:fd:c8:3f:46:c7:8e:52:c9:e1:
89:da:b0:ab:cb:7f:42:5c:a1:3b:e2:0e:69:eb:ef:c3:6e:31:
e1:a5:61:1b:0c:d9:9e:c8:cc:af:fd:bd:9b:4a:16:84:73:cd:
01:2f:40:c5:31:55:f8:bd:e4:4e:e8:8c:6e:ae:9e:16:3f:71:
ff:44:e4:0d:25:df:0b:a8:a4:a7:8b:eb:07:bf:aa:25:6a:69:
33:63:25:3b:00:5f:01:c4:8c:d1:50:31:56:9d:f9:c7:39:5c:
f5:f7:66:f3:24:d4:95:fb:d1:61:a6:92:3b:81:e6:50:6d:b1:
63:23:05:59:50:2d:a1:f7:6a:90:94:2f:16:72:68:73:d8:75:
6e:ca:30:76:55:df:9e:b5:32:eb:21:65:c2:3a:eb:2a:b9:d5:
d6:f0:3f:43:cf:a3:57:1b:5d:fc:3d:47:29:06:b3:e6:d5:0d:
f5:5d:e0:a3:85:f5:40:43:24:64:5c:b2:90:f8:ae:c1:64:b0:
7c:a0:d3:10:96:3a:32:b8:38:6a:0d:0a:c6:e4:6b:cb:7e:ec:
ee:d0:8e:b2:9c:ed:7a:94:c7:27:a5:a7:5a:11:90:07:d0:34:
58:92:ca:5d:fc:80:e9:be:5d:7a:06:7a:5c:ce:d9:73:45:99:
2a:f5:7e:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GQr45erbenAd9fOUdz7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUwODA0MDgwMDU0WhcNMjUwODA1MDgwMDU0WjAzMTEwLwYDVQQD
EyhmMjI5MjRmZTMxZTI5MThmNjNkMjIyOGI4MWQ1ZWY3YTIzYzg1OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/HNpvaGUx42uKwEvsksSMdD1GqY
5aALdox/j9eu8wqa8xPOo6VITOS4kKq8aCO/RDWJBbiHGp1XPsFEiKT7BTUrVEks
DZcjlynj/GRHf1dY+mrsMoDt8/986p7wgjKuXdzmhnieFYkK22Y7yWX+jHh90KuV
OgiGB3CyvnN3XlYZDTyW7JQVHKh0hbP8BW4YeQvXrpFZYtoMqE93fFWiNbxCPTCq
4OuEm02GDxQQIbLA3Ltop3Jt4Q1Du5hU46HsRMrV6KP99NYwm5xCxbeBpKJMLbbz
St1B9vdENCC+qLX/KpOWnZsXImx5PHPfXZgfmwpRaXVHGqJTlhKbGQ04vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIpJP4x4pGPY9Iii4HV73ojyFmAMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyndbAzS
VLKm/cg/RseOUsnhidqwq8t/QlyhO+IOaevvw24x4aVhGwzZnsjMr/29m0oWhHPN
AS9AxTFV+L3kTuiMbq6eFj9x/0TkDSXfC6ikp4vrB7+qJWppM2MlOwBfAcSM0VAx
Vp35xzlc9fdm8yTUlfvRYaaSO4HmUG2xYyMFWVAtofdqkJQvFnJoc9h1bsowdlXf
nrUy6yFlwjrrKrnV1vA/Q8+jVxtd/D1HKQaz5tUN9V3go4X1QEMkZFyykPiuwWSw
fKDTEJY6Mrg4ag0KxuRry37s7tCOspztepTHJ6WnWhGQB9A0WJLKXfyA6b5degZ6
XM7Zc0WZKvV+jQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:27:22 2025 by rpki-client