Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json)
Hash identifier: AkcDcp99VXfXgURQ0M75dZkvr7a6MdBpAHLQheJBtuA=
Subject key identifier: 67:47:70:57:F3:49:6C:7F:A6:E1:C1:C2:6F:A5:A6:36:67:36:43:DF
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 01976D3D888EBD51CA80D436F5B31369D294
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
Manifest number: 1592
Signing time: Sat 14 Jun 2025 07:00:38 +0000
Manifest this update: Sat 14 Jun 2025 07:00:38 +0000
Manifest next update: Sun 15 Jun 2025 07:00:38 +0000
Files and hashes: 1: 3MF6BuznJ4OfS1C5J5sFom719Ag.roa (hash: SgA1M+YF5PTZbvqD1BRuBpZXk3sFWrE/PgQsVhuZ/S4=)
2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: 43vpunCK/5/qw+rZYMQja1IJ+x7XbxbXhQsv2fQXFhU=)
3: pFxtApTW54EbBHD0oDAnh4jDG3E.roa (hash: gJNAVWKEII1RjZzGIybSB1Nkau8KmzUZnx0gYczpW88=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:3d:88:8e:bd:51:ca:80:d4:36:f5:b3:13:69:d2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Jun 14 07:00:38 2025 GMT
Not After : Jun 15 07:00:38 2025 GMT
Subject: CN=67477057f3496c7fa6e1c1c26fa5a636673643df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:43:4e:96:c5:1a:01:72:e0:f2:fc:34:86:6d:
de:41:72:ac:98:1e:7a:eb:bd:e0:15:67:97:33:bd:
21:79:f0:54:59:8e:94:d4:6b:90:58:6c:20:cc:04:
56:aa:a4:88:47:a4:aa:38:f8:dc:6f:40:49:fc:a2:
a8:0c:5f:f3:21:79:a3:f0:4d:65:c1:9c:ed:d5:b7:
36:65:ba:18:ac:e0:91:73:ce:56:f9:12:fc:a0:df:
83:64:19:7e:a5:cb:2e:59:15:73:94:d9:ed:9f:82:
a7:52:1e:28:61:47:e1:3e:63:1e:7c:82:e4:25:51:
33:72:23:59:e9:7a:65:75:47:50:9e:2f:2f:d8:4b:
f2:b4:6e:b2:fb:d3:e0:e5:db:6c:ae:94:f2:a2:83:
0b:de:b0:2b:89:33:60:61:a4:23:68:c3:95:16:a0:
68:d0:d8:77:66:d2:fc:81:f8:97:03:09:d7:8e:4f:
7b:b4:80:c9:e7:c7:7b:6b:b7:a0:84:2c:d8:2a:18:
4d:0c:8d:0b:de:8c:c1:af:b7:1c:e5:a0:3a:3a:7e:
70:8d:40:78:71:ae:4c:d1:07:1c:7a:7f:2b:08:d7:
a9:34:8e:04:c0:05:59:d7:2a:4d:b4:02:be:ea:83:
c8:fc:5c:76:a5:c6:d2:08:37:cd:45:a8:51:ca:6d:
94:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:47:70:57:F3:49:6C:7F:A6:E1:C1:C2:6F:A5:A6:36:67:36:43:DF
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:aa:e1:3b:84:9b:67:4b:6a:78:d7:2b:0c:94:6c:13:94:2a:
fa:65:49:08:67:3d:28:81:d5:95:e9:d0:cf:47:ab:86:c3:53:
f9:14:cf:63:23:2f:50:b0:36:5e:4a:a9:b1:61:75:1a:d5:9d:
7d:73:7d:23:b1:2d:de:bd:e0:7d:db:29:28:42:9c:0d:8e:b9:
bc:c2:3e:20:53:91:d9:91:9c:82:11:26:36:47:53:9a:be:f3:
f4:2f:dd:65:02:45:60:d7:b5:fa:63:8e:6f:49:72:02:a4:4d:
f4:8a:54:3e:be:f2:68:16:c6:2b:35:82:f6:2b:1f:59:25:c7:
4d:96:e2:ff:e3:5f:1f:97:4e:48:a9:2c:8a:71:e5:a8:08:29:
06:06:e1:c1:4c:d5:57:b7:fb:0b:96:6f:52:36:0e:52:6e:be:
a4:a0:76:bf:77:70:d6:d6:92:2d:52:28:e2:43:1c:ad:bd:36:
ef:09:22:a5:05:b8:68:e5:d7:2f:a4:6f:6d:40:38:ee:ec:f7:
8a:81:63:00:7b:26:0f:e0:23:1f:64:89:3a:84:b2:32:3e:f4:
c6:5d:d7:77:dd:9c:6a:d8:e5:2a:3c:49:96:99:2a:57:f0:de:
3b:dc:21:e0:aa:ae:83:36:27:c9:80:83:d3:c2:59:ad:95:bb:
e1:b2:ba:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPYiOvVHKgNQ29bMTadKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjUwNjE0MDcwMDM4WhcNMjUwNjE1MDcwMDM4WjAzMTEwLwYDVQQD
Eyg2NzQ3NzA1N2YzNDk2YzdmYTZlMWMxYzI2ZmE1YTYzNjY3MzY0M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkNOlsUaAXLg8vw0hm3eQXKsmB56
673gFWeXM70hefBUWY6U1GuQWGwgzARWqqSIR6SqOPjcb0BJ/KKoDF/zIXmj8E1l
wZzt1bc2ZboYrOCRc85W+RL8oN+DZBl+pcsuWRVzlNntn4KnUh4oYUfhPmMefILk
JVEzciNZ6XpldUdQni8v2EvytG6y+9Pg5dtsrpTyooML3rAriTNgYaQjaMOVFqBo
0Nh3ZtL8gfiXAwnXjk97tIDJ58d7a7eghCzYKhhNDI0L3ozBr7cc5aA6On5wjUB4
ca5M0Qccen8rCNepNI4EwAVZ1ypNtAK+6oPI/Fx2pcbSCDfNRahRym2UqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdHcFfzSWx/puHBwm+lpjZnNkPfMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsKrhO4Sb
Z0tqeNcrDJRsE5Qq+mVJCGc9KIHVlenQz0erhsNT+RTPYyMvULA2XkqpsWF1GtWd
fXN9I7Et3r3gfdspKEKcDY65vMI+IFOR2ZGcghEmNkdTmr7z9C/dZQJFYNe1+mOO
b0lyAqRN9IpUPr7yaBbGKzWC9isfWSXHTZbi/+NfH5dOSKksinHlqAgpBgbhwUzV
V7f7C5ZvUjYOUm6+pKB2v3dw1taSLVIo4kMcrb027wkipQW4aOXXL6RvbUA47uz3
ioFjAHsmD+AjH2SJOoSyMj70xl3Xd92catjlKjxJlpkqV/DeO9wh4KqugzYnyYCD
08JZrZW74bK6Yg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:39:15 2025 by rpki-client