Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: ToigYS1njsiiTB1COEoBYCCjyQWIOr+4CzIUcNEAhbk=
Subject key identifier: 40:8A:2B:4C:0E:E9:17:52:B0:30:F1:23:64:96:F7:79:9A:93:4C:0B
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 0197733F7B0226A80497C68C91FC7D24A0C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 1523
Signing time: Sun 15 Jun 2025 11:00:29 +0000
Manifest this update: Sun 15 Jun 2025 11:00:29 +0000
Manifest next update: Mon 16 Jun 2025 11:00:29 +0000
Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: xoyIzu3hEyCjQVkext3SGmXVCtoEWkBBtm9TS9DhWA0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:3f:7b:02:26:a8:04:97:c6:8c:91:fc:7d:24:a0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Jun 15 11:00:29 2025 GMT
Not After : Jun 16 11:00:29 2025 GMT
Subject: CN=408a2b4c0ee91752b030f1236496f7799a934c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:95:b5:a1:4b:7c:5b:0b:03:78:3f:c5:d5:f9:
37:a7:65:d9:61:64:3e:e4:4b:a8:ce:8b:69:af:b4:
0a:17:33:3a:66:ae:41:05:ee:e6:cf:15:5c:9e:b1:
02:9a:31:ea:ec:bb:3f:d1:9c:cc:6d:06:36:70:88:
d5:43:93:92:22:a0:c6:58:2c:20:0f:48:af:d8:3b:
1a:7b:ea:e9:28:fe:82:1c:65:de:ce:c7:1e:4b:21:
7e:60:9f:99:5b:81:27:03:85:10:a8:6d:55:dd:55:
51:8c:30:a8:cc:a9:37:a1:24:7d:11:28:42:1a:d7:
d0:d1:f9:4a:67:c4:a8:c9:7d:89:a1:47:9d:e2:0d:
50:2f:04:47:3f:a7:f4:e8:50:d2:c8:89:94:0a:62:
af:4e:8d:9d:b0:4c:8d:fe:c4:91:e0:69:7a:a6:0b:
81:9e:c4:fb:a5:82:d5:6f:dd:7e:af:36:46:e6:c8:
37:0e:8f:1e:bc:34:1f:f0:3a:5c:b3:8d:df:79:0d:
70:34:20:f5:6b:b4:c2:55:af:11:94:25:e3:41:39:
aa:b3:f8:05:f3:4c:45:19:13:58:2c:2e:54:ea:0b:
78:fa:37:60:aa:81:b9:ad:f2:66:40:3b:8a:09:f3:
f9:7b:5a:f9:14:5c:de:19:8d:29:63:73:ab:7b:64:
19:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:2B:4C:0E:E9:17:52:B0:30:F1:23:64:96:F7:79:9A:93:4C:0B
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:e4:a1:72:7f:4e:94:35:16:d5:c0:69:26:17:68:fd:57:52:
b3:eb:9e:2d:c4:bb:a8:e9:dd:20:eb:23:0f:b0:ca:22:86:78:
36:12:5c:25:e6:83:ef:0c:ad:38:09:41:22:db:7c:6f:25:ad:
42:62:d9:bf:61:51:f0:82:8e:90:35:48:f9:d0:6f:57:10:10:
01:f0:51:91:21:65:9d:79:81:f6:a0:58:d1:31:50:2e:59:b9:
c9:0f:d7:0a:d9:8c:4e:e3:b3:8c:32:cb:bd:7b:ee:51:b5:1d:
66:2e:a2:74:6c:00:11:6e:a0:f0:35:75:f0:9a:8b:71:08:f7:
7a:a5:3f:80:ca:65:07:4a:ac:0b:09:f5:03:93:c6:0c:84:84:
f6:12:eb:13:fa:29:d0:fe:6b:6f:2d:5e:01:22:ce:3c:1e:32:
78:90:1d:ab:8e:3c:2b:3b:d6:d1:a2:ee:b6:2a:fb:c0:ef:ab:
db:ff:a7:ab:2f:15:60:71:74:11:aa:38:1e:01:1d:0c:9f:30:
93:a9:3c:3e:29:c3:2f:77:da:06:12:bb:c2:15:cf:9d:10:47:
20:8e:a8:89:22:2e:b7:7c:80:87:bf:18:84:e0:bf:e4:02:92:
33:45:fb:5d:3b:0f:51:44:17:de:88:65:f7:0c:cc:48:a1:d2:
c4:65:7c:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzP3sCJqgEl8aMkfx9JKDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUwNjE1MTEwMDI5WhcNMjUwNjE2MTEwMDI5WjAzMTEwLwYDVQQD
Eyg0MDhhMmI0YzBlZTkxNzUyYjAzMGYxMjM2NDk2Zjc3OTlhOTM0YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JW1oUt8WwsDeD/F1fk3p2XZYWQ+
5Euozotpr7QKFzM6Zq5BBe7mzxVcnrECmjHq7Ls/0ZzMbQY2cIjVQ5OSIqDGWCwg
D0iv2Dsae+rpKP6CHGXezsceSyF+YJ+ZW4EnA4UQqG1V3VVRjDCozKk3oSR9EShC
GtfQ0flKZ8SoyX2JoUed4g1QLwRHP6f06FDSyImUCmKvTo2dsEyN/sSR4Gl6pguB
nsT7pYLVb91+rzZG5sg3Do8evDQf8Dpcs43feQ1wNCD1a7TCVa8RlCXjQTmqs/gF
80xFGRNYLC5U6gt4+jdgqoG5rfJmQDuKCfP5e1r5FFzeGY0pY3Ore2QZjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECKK0wO6RdSsDDxI2SW93mak0wLMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXeShcn9O
lDUW1cBpJhdo/VdSs+ueLcS7qOndIOsjD7DKIoZ4NhJcJeaD7wytOAlBItt8byWt
QmLZv2FR8IKOkDVI+dBvVxAQAfBRkSFlnXmB9qBY0TFQLlm5yQ/XCtmMTuOzjDLL
vXvuUbUdZi6idGwAEW6g8DV18JqLcQj3eqU/gMplB0qsCwn1A5PGDISE9hLrE/op
0P5rby1eASLOPB4yeJAdq448KzvW0aLutir7wO+r2/+nqy8VYHF0Eao4HgEdDJ8w
k6k8PinDL3faBhK7whXPnRBHII6oiSIut3yAh78YhOC/5AKSM0X7XTsPUUQX3ohl
9wzMSKHSxGV8Ng==
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:51:54 2025 by rpki-client