Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json)
Hash identifier: AmLwDSE7ikEl+5nxlA1JbnCu2KGXx4iXcQC+oPl9QPM=
Subject key identifier: 3A:A2:69:B0:0F:59:63:DB:76:AB:65:0B:F6:72:8A:9F:55:E7:B3:73
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 01988FFE3DD3B37AB67BBFECAC15F8687D14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
Manifest number: 1126
Signing time: Sat 09 Aug 2025 18:01:00 +0000
Manifest this update: Sat 09 Aug 2025 18:01:00 +0000
Manifest next update: Sun 10 Aug 2025 18:01:00 +0000
Files and hashes: 1: ZjB1G19DDx_6Q5oScLG5jMaC8XA.roa (hash: 7/c0oLP47xBtzbpIYR3dJCRfL58YizRnGJk+IU5Vsgc=)
2: bckQXnbwfKXBuJ2fgXGJ6V-6Qfk.roa (hash: v7e6EIu7w13jemXrMUjQBx6+ZKi093MMCQO7o8uB3rY=)
3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: FWVvPYjKMSoLoTtwNSqLNOGjZh9IKH1rOczHOF3LaTE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:fe:3d:d3:b3:7a:b6:7b:bf:ec:ac:15:f8:68:7d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Aug 9 18:01:00 2025 GMT
Not After : Aug 10 18:01:00 2025 GMT
Subject: CN=3aa269b00f5963db76ab650bf6728a9f55e7b373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:45:5b:0e:11:85:40:09:1b:c1:74:9b:7d:
e2:f7:de:38:44:a1:95:57:9f:8f:70:bf:f9:ec:7b:
45:10:3e:96:26:ba:c0:ff:d0:6b:1c:88:9a:2f:fb:
9a:2e:cd:22:17:ee:a1:ca:f7:2d:c4:5f:78:71:2c:
c7:ef:17:51:34:c5:2a:fd:a5:de:eb:3d:84:c8:83:
1d:78:b6:0a:ef:0b:b9:10:84:49:b0:77:27:42:58:
bf:a5:3f:bc:6b:f4:66:db:b4:cf:c0:e8:ff:b8:b1:
12:38:6f:75:b1:75:36:91:be:d2:2b:27:68:5b:69:
1d:5f:94:6e:bb:0f:80:6d:d3:22:66:1f:33:cb:b9:
4e:20:70:28:99:4f:7f:b2:0a:51:38:7d:81:c2:01:
14:dc:82:48:38:cc:6d:bc:d5:90:ad:86:7d:69:68:
23:6f:2e:4a:68:ff:b8:d6:b8:86:bd:13:3c:f0:11:
2d:34:52:bf:48:0f:ff:65:ad:5c:7d:dc:07:a9:96:
d0:f0:fa:ed:58:a9:79:6b:38:1f:5f:97:29:19:ee:
14:75:69:9b:f6:3a:d4:03:a8:9e:4b:81:2c:3c:d5:
53:f9:7d:04:75:22:56:66:72:57:52:aa:aa:4b:18:
ad:1d:29:3d:f9:57:3e:62:bd:d9:87:27:17:85:41:
26:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A2:69:B0:0F:59:63:DB:76:AB:65:0B:F6:72:8A:9F:55:E7:B3:73
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:6f:17:4d:4b:90:d5:31:8d:12:dc:23:4a:37:03:d4:f1:6c:
49:a7:1a:bb:50:c7:c8:b9:37:b9:08:00:e0:c5:d6:cb:1d:6e:
63:c3:cf:ba:47:5a:c8:da:df:fb:7c:f6:e5:ef:48:bc:76:60:
6b:3c:58:68:65:32:3d:aa:53:08:9d:90:1a:65:9a:aa:bf:af:
74:2d:71:57:eb:40:dc:dc:61:ac:96:38:c7:8a:46:26:06:d3:
9f:c5:74:85:a1:e5:48:e6:b7:69:76:3d:cd:df:02:c5:a4:b1:
a0:48:98:ce:4a:86:03:bc:ca:fd:48:e4:84:db:b3:c7:f4:93:
29:fa:42:a1:34:57:1a:95:04:ee:3e:e1:32:27:89:cc:ee:36:
fe:8f:15:41:55:e4:41:c8:c8:51:92:19:ec:10:da:7b:c9:0f:
69:de:55:45:86:95:ce:cf:78:4d:3b:9b:75:c8:73:7e:4b:be:
58:9d:f0:c2:56:21:92:2a:20:86:a3:2d:6f:d6:75:f7:a5:bc:
c5:12:ee:9a:c9:77:2c:6b:d6:7a:69:c6:ff:53:40:c7:e3:83:
c8:1d:8a:dc:21:a0:32:70:73:3f:29:61:0e:3b:e5:0e:73:02:
43:1e:f8:57:ce:61:79:f7:81:e6:2d:5d:68:19:15:f6:4b:69:
6f:22:7b:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiP/j3Ts3q2e7/srBX4aH0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjUwODA5MTgwMTAwWhcNMjUwODEwMTgwMTAwWjAzMTEwLwYDVQQD
EygzYWEyNjliMDBmNTk2M2RiNzZhYjY1MGJmNjcyOGE5ZjU1ZTdiMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQBFWw4RhUAJG8F0m33i9944RKGV
V5+PcL/57HtFED6WJrrA/9BrHIiaL/uaLs0iF+6hyvctxF94cSzH7xdRNMUq/aXe
6z2EyIMdeLYK7wu5EIRJsHcnQli/pT+8a/Rm27TPwOj/uLESOG91sXU2kb7SKydo
W2kdX5Ruuw+AbdMiZh8zy7lOIHAomU9/sgpROH2BwgEU3IJIOMxtvNWQrYZ9aWgj
by5KaP+41riGvRM88BEtNFK/SA//Za1cfdwHqZbQ8PrtWKl5azgfX5cpGe4UdWmb
9jrUA6ieS4EsPNVT+X0EdSJWZnJXUqqqSxitHSk9+Vc+Yr3ZhycXhUEm7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqiabAPWWPbdqtlC/Zyip9V57NzMB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGW8XTUuQ
1TGNEtwjSjcD1PFsSacau1DHyLk3uQgA4MXWyx1uY8PPukdayNrf+3z25e9IvHZg
azxYaGUyPapTCJ2QGmWaqr+vdC1xV+tA3NxhrJY4x4pGJgbTn8V0haHlSOa3aXY9
zd8CxaSxoEiYzkqGA7zK/UjkhNuzx/STKfpCoTRXGpUE7j7hMieJzO42/o8VQVXk
QcjIUZIZ7BDae8kPad5VRYaVzs94TTubdchzfku+WJ3wwlYhkioghqMtb9Z196W8
xRLumsl3LGvWemnG/1NAx+ODyB2K3CGgMnBzPylhDjvlDnMCQx74V85hefeB5i1d
aBkV9ktpbyJ74A==
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:55:45 2025 by rpki-client