Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
File: HQ2zVo5FXz2isidKnVJcrAkxx9U.mft (raw, json)
Hash identifier: w/FJbCkBvZ5DDI2asDlFpRU56BstPosemkG3JlOw/iw=
Subject key identifier: 7C:EA:03:94:3B:A0:61:6E:EF:80:98:E6:E1:A1:AC:32:67:17:8B:4A
Authority key identifier: 1D:0D:B3:56:8E:45:5F:3D:A2:B2:27:4A:9D:52:5C:AC:09:31:C7:D5
Certificate issuer: /CN=1d0db3568e455f3da2b2274a9d525cac0931c7d5
Certificate serial: 019779E6814C05870FBAEFE9E5774F742AE9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
Manifest number: 03D0
Signing time: Mon 16 Jun 2025 18:00:38 +0000
Manifest this update: Mon 16 Jun 2025 18:00:38 +0000
Manifest next update: Tue 17 Jun 2025 18:00:38 +0000
Files and hashes: 1: HQ2zVo5FXz2isidKnVJcrAkxx9U.crl (hash: ZfXulsNrOTgEHyIsffiOSSZEo3IfH2uwyZa7vzTGydg=)
2: yht62Ehavo3uZINByDHEHOjVZVw.roa (hash: mqAvN4VPlszrLeatuKNPPUoNf7NdmTA8jofCmdZ20jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:e6:81:4c:05:87:0f:ba:ef:e9:e5:77:4f:74:2a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0db3568e455f3da2b2274a9d525cac0931c7d5
Validity
Not Before: Jun 16 18:00:38 2025 GMT
Not After : Jun 17 18:00:38 2025 GMT
Subject: CN=7cea03943ba0616eef8098e6e1a1ac3267178b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:56:d5:fb:08:e2:d1:ea:4d:d4:9d:5d:89:c1:
3e:39:cd:98:af:7f:be:23:39:40:67:f2:df:ae:eb:
72:6a:d7:11:89:43:8d:57:ef:24:a7:70:e3:bf:69:
20:da:0f:f4:1a:b0:19:a1:90:89:0d:18:25:00:3f:
00:0e:48:ce:94:1d:b2:68:98:83:93:4a:1f:ff:86:
5d:37:0f:87:0b:a5:ce:c1:7c:45:45:af:76:36:7a:
f5:1b:76:04:2d:df:d4:06:e7:db:25:0c:d3:f5:d7:
e3:c7:44:93:6f:82:f5:41:1c:78:fe:ef:2a:ef:93:
7a:fe:32:c9:27:28:7d:57:84:1c:e4:88:9f:bb:2e:
30:27:82:c2:55:b5:53:3e:e8:85:83:df:98:3e:a6:
36:42:8f:5f:a7:5b:62:31:07:2e:dc:3f:b7:2c:66:
33:8c:65:4c:e4:4c:2a:2c:d7:33:ca:3d:f0:b2:51:
af:c6:12:06:76:e4:8a:b7:3c:d6:7c:92:58:7e:01:
0e:0c:7b:e0:a8:12:55:ca:70:96:4e:5e:bb:69:38:
88:86:e8:b3:e5:cc:ce:e7:8e:db:ef:62:53:8e:8b:
15:ef:90:02:02:9b:47:90:fa:9f:f7:d8:5e:39:49:
9c:de:0e:dc:cc:78:20:e6:b5:7a:39:46:e1:87:8d:
9e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EA:03:94:3B:A0:61:6E:EF:80:98:E6:E1:A1:AC:32:67:17:8B:4A
X509v3 Authority Key Identifier:
keyid:1D:0D:B3:56:8E:45:5F:3D:A2:B2:27:4A:9D:52:5C:AC:09:31:C7:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:19:8c:18:39:0d:14:e9:b3:be:d4:bd:6c:52:23:0f:8c:2f:
dd:f4:35:9f:07:dd:78:de:93:ce:45:e9:98:41:e6:56:ba:b9:
17:fa:65:e5:82:11:8d:9a:a7:fe:3e:ba:d8:93:7b:c6:1e:32:
57:78:82:bb:1a:72:99:1b:3f:4f:b7:28:ab:1c:b3:10:94:eb:
d1:82:22:33:ea:b6:26:0c:64:f3:64:c5:04:9d:e9:25:4d:da:
16:1e:3e:d6:47:35:74:bd:54:b1:fd:0d:63:89:47:a4:73:ef:
89:a4:e9:3c:fc:c3:9a:22:e9:84:ef:6b:73:cb:04:1e:d9:44:
5e:6c:04:bd:45:76:56:3d:00:a5:b1:88:18:0d:cb:57:45:c6:
f1:86:57:dc:a8:55:bd:2d:66:2f:99:a5:44:62:a3:b2:39:14:
fa:18:56:95:24:30:a1:e9:48:c1:81:8e:1b:df:99:01:f4:b0:
47:53:94:a3:49:2f:a1:39:29:b1:c5:47:aa:a9:41:a0:7f:da:
46:74:6e:b7:b9:e6:95:1a:30:64:4e:63:6f:63:4d:34:ed:48:
c7:db:8a:33:23:04:9f:f3:a4:76:f4:9c:f0:72:e6:4f:f4:07:
ac:6f:28:0b:7e:87:0d:ea:bb:be:1b:09:03:23:31:2e:65:b8:
6a:15:a1:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd55oFMBYcPuu/p5XdPdCrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGRiMzU2OGU0NTVmM2RhMmIyMjc0YTlkNTI1Y2FjMDkz
MWM3ZDUwHhcNMjUwNjE2MTgwMDM4WhcNMjUwNjE3MTgwMDM4WjAzMTEwLwYDVQQD
Eyg3Y2VhMDM5NDNiYTA2MTZlZWY4MDk4ZTZlMWExYWMzMjY3MTc4YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1bV+wji0epN1J1dicE+Oc2Yr3++
IzlAZ/LfrutyatcRiUONV+8kp3Djv2kg2g/0GrAZoZCJDRglAD8ADkjOlB2yaJiD
k0of/4ZdNw+HC6XOwXxFRa92Nnr1G3YELd/UBufbJQzT9dfjx0STb4L1QRx4/u8q
75N6/jLJJyh9V4Qc5Iifuy4wJ4LCVbVTPuiFg9+YPqY2Qo9fp1tiMQcu3D+3LGYz
jGVM5EwqLNczyj3wslGvxhIGduSKtzzWfJJYfgEODHvgqBJVynCWTl67aTiIhuiz
5czO547b72JTjosV75ACAptHkPqf99heOUmc3g7czHgg5rV6OUbhh42eqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzqA5Q7oGFu74CY5uGhrDJnF4tKMB8GA1UdIwQY
MBaAFB0Ns1aORV89orInSp1SXKwJMcfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iY2YwOWEtN2M4ZS00ZTIwLTg0NTAt
ZTA4OGFhMGFhOGRkLzEvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iY2YwOWEtN2M4ZS00ZTIwLTg0NTAtZTA4OGFhMGFhOGRk
LzEvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxmMGDkN
FOmzvtS9bFIjD4wv3fQ1nwfdeN6TzkXpmEHmVrq5F/pl5YIRjZqn/j662JN7xh4y
V3iCuxpymRs/T7coqxyzEJTr0YIiM+q2Jgxk82TFBJ3pJU3aFh4+1kc1dL1Usf0N
Y4lHpHPviaTpPPzDmiLphO9rc8sEHtlEXmwEvUV2Vj0ApbGIGA3LV0XG8YZX3KhV
vS1mL5mlRGKjsjkU+hhWlSQwoelIwYGOG9+ZAfSwR1OUo0kvoTkpscVHqqlBoH/a
RnRut7nmlRowZE5jb2NNNO1Ix9uKMyMEn/OkdvSc8HLmT/QHrG8oC36HDeq7vhsJ
AyMxLmW4ahWh5g==
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:06:39 2025 by rpki-client