Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json)
Hash identifier: PGNFqKgvMGi1Mv3O5i+fCFdTLGV+tnJ5WDGTgu+q/ps=
Subject key identifier: 3E:81:F3:2B:13:A7:BF:34:E2:42:D1:30:CE:E8:C3:C8:6E:EB:1F:EC
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 019873E3B0DAE20C5782AE0E2D2EBFA68EB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
Manifest number: 161A
Signing time: Mon 04 Aug 2025 07:02:38 +0000
Manifest this update: Mon 04 Aug 2025 07:02:38 +0000
Manifest next update: Tue 05 Aug 2025 07:02:38 +0000
Files and hashes: 1: 3MF6BuznJ4OfS1C5J5sFom719Ag.roa (hash: SgA1M+YF5PTZbvqD1BRuBpZXk3sFWrE/PgQsVhuZ/S4=)
2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: C11sR6JzIpE6dFMJoHdj1rAxs/vqiUH9OLNoq3wkqAw=)
3: pFxtApTW54EbBHD0oDAnh4jDG3E.roa (hash: gJNAVWKEII1RjZzGIybSB1Nkau8KmzUZnx0gYczpW88=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e3:b0:da:e2:0c:57:82:ae:0e:2d:2e:bf:a6:8e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Aug 4 07:02:38 2025 GMT
Not After : Aug 5 07:02:38 2025 GMT
Subject: CN=3e81f32b13a7bf34e242d130cee8c3c86eeb1fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:8c:ac:4d:ce:46:6f:8a:13:6d:7c:58:7c:
f1:01:b0:99:42:47:a4:09:6c:4e:2c:7b:79:b9:b3:
e2:c2:7e:8f:aa:93:5f:63:ba:bb:62:82:2f:31:d5:
fd:d8:9d:90:11:c4:e1:8d:02:94:aa:73:71:4f:bd:
eb:fe:1c:06:5e:23:89:92:66:64:1d:c3:30:23:ad:
a9:53:88:49:d0:68:82:26:7c:b6:e4:c1:0a:4c:2f:
f7:ed:13:f8:df:6c:de:fe:e2:ff:26:85:2d:5b:1f:
8f:5f:d9:09:b4:f4:6e:a6:03:eb:c2:f2:8a:df:9d:
2e:4b:9c:72:83:66:a0:6b:ad:9b:25:87:6f:9f:5b:
23:77:82:79:cd:6b:05:7a:d1:e9:20:75:ac:4f:43:
2d:c8:af:05:fb:49:9b:fa:46:d3:08:51:37:51:81:
42:41:37:4f:11:39:87:48:d6:15:d2:0e:a1:7f:3b:
6c:4f:9c:14:b0:47:5d:4d:c7:e3:d9:8f:09:8c:62:
82:9a:ef:99:2f:29:18:a5:e7:51:74:e0:2c:0f:d2:
e9:ee:35:0e:8b:75:4e:00:53:b8:65:43:8e:53:5b:
5e:47:a9:08:15:09:7e:8d:93:21:ac:87:f4:ab:e7:
a7:fc:b1:34:e1:28:0c:32:42:16:48:8c:4b:81:a4:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:81:F3:2B:13:A7:BF:34:E2:42:D1:30:CE:E8:C3:C8:6E:EB:1F:EC
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:ec:70:1d:c1:30:7c:c8:3f:f6:a7:5f:78:22:90:f4:6b:f9:
7b:42:cd:f4:eb:ce:93:49:75:43:76:da:65:bc:9d:11:8a:40:
49:ea:a9:4a:2e:96:b5:bd:b8:73:5e:ff:f7:60:31:be:28:6b:
a9:03:c9:69:52:c1:0d:57:be:d5:10:bd:29:3b:b7:b1:41:ff:
61:7c:ca:9e:dd:50:dd:44:d9:f6:f2:a3:53:22:ca:4f:88:6e:
94:9b:ff:8d:71:16:74:42:20:bb:10:83:29:3e:b2:9c:05:6c:
23:d5:de:33:98:c8:f1:7f:a0:5d:9a:cb:e6:6e:a8:4d:45:8e:
9c:36:a6:95:81:52:dc:e8:95:3c:8c:e8:79:a8:e3:91:3e:e0:
35:b5:a4:9d:7c:5d:c4:de:1e:e7:55:6f:ba:a1:45:68:74:63:
f1:90:9f:29:2b:50:3f:1d:3b:0b:92:77:e6:09:73:d6:b0:ce:
19:31:99:d6:ca:08:6b:55:34:86:b7:8b:6c:68:c6:66:9f:bd:
ce:72:96:ad:6e:0f:fc:53:ef:7d:7e:fe:a1:0a:8b:03:5e:83:
f6:72:d9:68:66:c7:fc:af:be:d2:47:87:dd:7c:fb:e0:83:04:
e7:e8:e1:cc:1e:73:c4:36:13:cf:a7:f5:ce:43:a7:bc:d6:42:
98:a6:47:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz47Da4gxXgq4OLS6/po6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjUwODA0MDcwMjM4WhcNMjUwODA1MDcwMjM4WjAzMTEwLwYDVQQD
EygzZTgxZjMyYjEzYTdiZjM0ZTI0MmQxMzBjZWU4YzNjODZlZWIxZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtyMrE3ORm+KE218WHzxAbCZQkek
CWxOLHt5ubPiwn6PqpNfY7q7YoIvMdX92J2QEcThjQKUqnNxT73r/hwGXiOJkmZk
HcMwI62pU4hJ0GiCJny25MEKTC/37RP432ze/uL/JoUtWx+PX9kJtPRupgPrwvKK
350uS5xyg2aga62bJYdvn1sjd4J5zWsFetHpIHWsT0MtyK8F+0mb+kbTCFE3UYFC
QTdPETmHSNYV0g6hfztsT5wUsEddTcfj2Y8JjGKCmu+ZLykYpedRdOAsD9Lp7jUO
i3VOAFO4ZUOOU1teR6kIFQl+jZMhrIf0q+en/LE04SgMMkIWSIxLgaRliQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6B8ysTp7804kLRMM7ow8hu6x/sMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPexwHcEw
fMg/9qdfeCKQ9Gv5e0LN9OvOk0l1Q3baZbydEYpASeqpSi6Wtb24c17/92Axvihr
qQPJaVLBDVe+1RC9KTu3sUH/YXzKnt1Q3UTZ9vKjUyLKT4hulJv/jXEWdEIguxCD
KT6ynAVsI9XeM5jI8X+gXZrL5m6oTUWOnDamlYFS3OiVPIzoeajjkT7gNbWknXxd
xN4e51VvuqFFaHRj8ZCfKStQPx07C5J35glz1rDOGTGZ1soIa1U0hreLbGjGZp+9
znKWrW4P/FPvfX7+oQqLA16D9nLZaGbH/K++0keH3Xz74IME5+jhzB5zxDYTz6f1
zkOnvNZCmKZHvA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:17:47 2025 by rpki-client