Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
File: hyELNM4ALjCgpU-r-ivKxG36cig.mft (raw, json)
Hash identifier: flo2I34xrtkqjKlbIeElaE79UTCbUbjOCBpNFt0RsWE=
Subject key identifier: 3D:92:E9:18:C8:AA:A1:11:F8:CA:C7:38:B5:85:90:EB:7E:1D:DB:83
Authority key identifier: 87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
Certificate issuer: /CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Certificate serial: 01987562D0CF0224347FF9CB92FB095C9A21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
Manifest number: 0436
Signing time: Mon 04 Aug 2025 14:01:06 +0000
Manifest this update: Mon 04 Aug 2025 14:01:06 +0000
Manifest next update: Tue 05 Aug 2025 14:01:06 +0000
Files and hashes: 1: Oi0Mexif2IU5YWgRrWRDGcE4Aw4.roa (hash: hcI8ATUfRYduE8yCuLSr8RsjKUn++KtzCI3lWbIhr1A=)
2: RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa (hash: YH3jUp9Z5jmgiTgvLayfiplIuhfqDKTG69/LcYMXnX0=)
3: hyELNM4ALjCgpU-r-ivKxG36cig.crl (hash: EtFcHX4YPMl8RpMX5/fmDGwbu+WQWpTKjqUNrB3yrb8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:62:d0:cf:02:24:34:7f:f9:cb:92:fb:09:5c:9a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Validity
Not Before: Aug 4 14:01:06 2025 GMT
Not After : Aug 5 14:01:06 2025 GMT
Subject: CN=3d92e918c8aaa111f8cac738b58590eb7e1ddb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4d:8e:42:d2:a7:2d:c0:85:34:d2:fe:1b:c9:
b8:ef:cf:6f:60:4c:bd:59:69:46:ae:bf:c8:d3:57:
dd:f5:73:02:a1:14:63:12:19:d4:d9:1c:ca:e7:f3:
8e:f7:d3:7a:cf:0e:8c:aa:de:af:3c:cb:e8:43:32:
4b:bc:fd:39:6a:74:e0:c4:52:49:9f:d2:a3:9b:28:
6b:e1:5a:dc:1c:8f:f5:86:2e:ef:43:05:62:aa:d0:
31:b1:c5:9b:cf:c9:18:83:13:fd:e2:75:a6:c4:46:
a1:64:a7:ca:4f:e7:09:42:6d:38:a8:f8:38:92:d5:
74:a6:65:5e:77:26:9f:5c:2a:97:3e:34:6d:ce:44:
cf:24:83:50:00:a4:ae:ec:61:93:2a:23:b7:ea:4a:
db:3e:f1:cb:2f:31:3e:ae:84:cf:ba:b3:48:9f:36:
37:19:56:27:40:b6:1c:59:0b:cf:f7:be:7c:ed:c9:
28:ff:31:41:91:a0:12:0d:55:56:1f:48:93:05:8c:
95:67:5c:7a:7d:0b:73:e2:f1:53:65:da:82:b9:64:
a6:76:ef:48:9c:a9:f8:f6:7c:29:80:da:d0:b7:86:
85:c2:43:07:a0:25:84:ba:82:e1:66:8c:b2:1e:a2:
47:0c:6b:20:41:91:95:8b:dc:29:cc:a7:0c:e7:16:
36:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:92:E9:18:C8:AA:A1:11:F8:CA:C7:38:B5:85:90:EB:7E:1D:DB:83
X509v3 Authority Key Identifier:
keyid:87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:14:ce:cb:8d:5c:35:ea:7f:b7:ce:ed:f0:2a:c1:14:d7:df:
b7:e8:90:53:54:68:22:45:5a:9e:da:36:2f:2e:d2:b4:2c:3a:
3f:68:4c:dd:8a:a6:22:17:b9:13:5d:a6:99:ac:3a:53:20:b8:
be:a8:f6:42:c5:e5:f1:6a:23:25:f4:bd:e5:82:ca:46:2b:10:
8b:c8:b8:21:f9:76:76:19:69:d4:fd:30:67:66:24:65:33:8f:
33:fd:53:ff:e5:d5:0f:4a:b8:3a:8d:0d:c5:94:b2:bd:88:0e:
9c:df:37:8f:e9:13:77:c8:66:0a:6f:2d:9a:73:f6:c8:a1:82:
f3:e7:af:a0:a2:ce:c1:a7:a8:16:c3:ef:7b:89:a3:48:7f:78:
86:af:11:2c:00:11:7e:65:18:bd:71:ac:09:c4:12:3b:15:70:
af:b3:ed:3d:dc:30:c1:7f:6d:2c:85:a7:fc:1d:9a:ff:11:22:
72:53:29:ff:17:a8:22:55:a1:cd:4d:90:33:10:c6:66:b2:52:
ce:6a:9b:4b:33:4e:72:fb:18:15:e9:2e:82:18:ce:8b:06:03:
83:64:eb:d5:ca:d7:d4:42:6c:fa:3d:dd:e7:92:b9:65:37:0e:
56:12:53:c1:75:ac:8b:c2:88:3d:2f:55:29:50:b5:43:e1:e6:
f0:f0:74:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1YtDPAiQ0f/nLkvsJXJohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjEwYjM0Y2UwMDJlMzBhMGE1NGZhYmZhMmJjYWM0NmRm
YTcyMjgwHhcNMjUwODA0MTQwMTA2WhcNMjUwODA1MTQwMTA2WjAzMTEwLwYDVQQD
EygzZDkyZTkxOGM4YWFhMTExZjhjYWM3MzhiNTg1OTBlYjdlMWRkYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk2OQtKnLcCFNNL+G8m4789vYEy9
WWlGrr/I01fd9XMCoRRjEhnU2RzK5/OO99N6zw6Mqt6vPMvoQzJLvP05anTgxFJJ
n9Kjmyhr4VrcHI/1hi7vQwViqtAxscWbz8kYgxP94nWmxEahZKfKT+cJQm04qPg4
ktV0pmVedyafXCqXPjRtzkTPJINQAKSu7GGTKiO36krbPvHLLzE+roTPurNInzY3
GVYnQLYcWQvP97587cko/zFBkaASDVVWH0iTBYyVZ1x6fQtz4vFTZdqCuWSmdu9I
nKn49nwpgNrQt4aFwkMHoCWEuoLhZoyyHqJHDGsgQZGVi9wpzKcM5xY2CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2S6RjIqqER+MrHOLWFkOt+HduDMB8GA1UdIwQY
MBaAFIchCzTOAC4woKVPq/orysRt+nIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAt
MzY2OWQxYjU2OWQ2LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAtMzY2OWQxYjU2OWQ2
LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBTOy41c
Nep/t87t8CrBFNfft+iQU1RoIkVanto2Ly7StCw6P2hM3YqmIhe5E12mmaw6UyC4
vqj2QsXl8WojJfS95YLKRisQi8i4Ifl2dhlp1P0wZ2YkZTOPM/1T/+XVD0q4Oo0N
xZSyvYgOnN83j+kTd8hmCm8tmnP2yKGC8+evoKLOwaeoFsPve4mjSH94hq8RLAAR
fmUYvXGsCcQSOxVwr7PtPdwwwX9tLIWn/B2a/xEiclMp/xeoIlWhzU2QMxDGZrJS
zmqbSzNOcvsYFekughjOiwYDg2Tr1crX1EJs+j3d55K5ZTcOVhJTwXWsi8KIPS9V
KVC1Q+Hm8PB0Lw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:36:19 2025 by rpki-client