Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json)
Hash identifier: 9godd0Mkf6sbrTgsQw+4NzimNLKefnGI6zAyFGRQBJI=
Subject key identifier: 10:0F:1D:8B:11:3D:5B:BF:42:4B:8B:70:95:77:70:17:52:91:3C:51
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 01978D362606E3122C709FB9085DA9759841
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
Manifest number: 10A0
Signing time: Fri 20 Jun 2025 12:00:25 +0000
Manifest this update: Fri 20 Jun 2025 12:00:25 +0000
Manifest next update: Sat 21 Jun 2025 12:00:25 +0000
Files and hashes: 1: ZjB1G19DDx_6Q5oScLG5jMaC8XA.roa (hash: 7/c0oLP47xBtzbpIYR3dJCRfL58YizRnGJk+IU5Vsgc=)
2: bckQXnbwfKXBuJ2fgXGJ6V-6Qfk.roa (hash: v7e6EIu7w13jemXrMUjQBx6+ZKi093MMCQO7o8uB3rY=)
3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: VoNAH79FiCn3rN23NXlUM7200jlXEfT7HSxSc5lPLk4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Jun 2025 12:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:36:26:06:e3:12:2c:70:9f:b9:08:5d:a9:75:98:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Jun 20 12:00:25 2025 GMT
Not After : Jun 21 12:00:25 2025 GMT
Subject: CN=100f1d8b113d5bbf424b8b709577701752913c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:ed:b1:8b:ae:3f:a2:13:d9:71:66:78:7d:
87:d4:43:d6:0d:80:41:b9:95:59:cf:a1:fd:1a:1f:
db:3b:83:72:97:79:30:b9:1f:55:99:11:92:43:db:
39:2d:3f:af:13:07:17:68:8e:5e:fd:a1:91:e3:ee:
63:bd:6c:cd:32:53:9f:8a:d5:38:5e:25:a1:4f:52:
c6:26:b6:f9:8f:27:10:9a:33:75:e7:41:63:02:29:
60:9e:c2:84:85:22:c3:c5:c7:70:85:ad:eb:18:10:
40:fc:c8:0c:3a:b9:b6:73:ec:9c:48:20:9a:d8:87:
b0:6c:bc:9a:6f:c6:8a:09:ea:45:64:27:ec:09:0f:
d1:4b:df:15:73:44:a9:8d:0d:22:25:f2:3d:16:02:
b1:91:ff:1f:b8:70:04:07:38:8c:62:91:66:d0:ee:
17:72:c4:4f:05:c9:2c:f5:ec:0b:da:20:9a:29:b5:
05:02:85:49:b9:2a:b1:51:e2:a8:ab:56:74:3c:50:
59:fb:6d:ea:c6:fe:a2:84:f1:b9:78:71:a3:eb:50:
6c:13:6e:45:e0:c2:4e:8f:05:50:1c:9d:5c:96:c7:
78:dc:99:20:2f:e0:86:90:ad:ae:88:18:96:34:c7:
5f:5b:12:06:40:52:12:7b:1a:77:75:8a:d7:48:76:
bf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0F:1D:8B:11:3D:5B:BF:42:4B:8B:70:95:77:70:17:52:91:3C:51
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:c0:98:fc:49:06:e8:dc:33:37:cd:58:52:6e:b6:db:b6:c8:
2d:62:89:43:1f:f1:aa:5c:db:7b:d8:64:01:9c:8c:2f:5e:83:
8a:11:54:23:c3:cd:8e:5b:2d:d0:c2:11:9c:05:b1:f2:e3:8f:
ae:99:0e:a4:eb:39:e5:7a:99:b2:e0:d6:ae:94:b8:64:88:fa:
a6:c2:08:84:8c:7a:a6:c8:db:5b:e1:0b:70:fb:73:bd:95:86:
f7:79:96:d6:c6:80:ee:06:f2:d9:17:43:d9:da:34:0c:cb:6a:
bc:1d:e3:43:47:9c:63:2e:dc:9e:8d:77:84:e7:fa:33:58:52:
69:f8:61:4a:5f:20:ca:63:8b:51:96:00:40:90:46:a7:02:47:
20:fe:87:ea:4e:69:fe:63:7a:03:f5:b9:f3:51:e6:97:08:70:
1e:34:cc:79:8f:95:e2:41:f0:76:a3:a5:a2:20:d0:43:a3:b7:
90:5e:ce:27:91:0f:df:e1:3c:75:3c:ef:99:b4:3d:4d:08:30:
04:44:8a:97:24:03:58:32:91:a1:d0:bf:aa:06:ec:d2:38:b9:
e5:23:25:e2:86:b8:51:c0:4b:58:bc:4a:8c:26:29:a4:85:5a:
8b:f6:e5:ba:85:d7:a9:c8:c5:2c:47:8a:63:d3:ed:e0:de:26:
8b:81:5d:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeNNiYG4xIscJ+5CF2pdZhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjUwNjIwMTIwMDI1WhcNMjUwNjIxMTIwMDI1WjAzMTEwLwYDVQQD
EygxMDBmMWQ4YjExM2Q1YmJmNDI0YjhiNzA5NTc3NzAxNzUyOTEzYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDHtsYuuP6IT2XFmeH2H1EPWDYBB
uZVZz6H9Gh/bO4Nyl3kwuR9VmRGSQ9s5LT+vEwcXaI5e/aGR4+5jvWzNMlOfitU4
XiWhT1LGJrb5jycQmjN150FjAilgnsKEhSLDxcdwha3rGBBA/MgMOrm2c+ycSCCa
2IewbLyab8aKCepFZCfsCQ/RS98Vc0SpjQ0iJfI9FgKxkf8fuHAEBziMYpFm0O4X
csRPBcks9ewL2iCaKbUFAoVJuSqxUeKoq1Z0PFBZ+23qxv6ihPG5eHGj61BsE25F
4MJOjwVQHJ1clsd43JkgL+CGkK2uiBiWNMdfWxIGQFISexp3dYrXSHa/vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAPHYsRPVu/QkuLcJV3cBdSkTxRMB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMCY/EkG
6NwzN81YUm6227bILWKJQx/xqlzbe9hkAZyML16DihFUI8PNjlst0MIRnAWx8uOP
rpkOpOs55XqZsuDWrpS4ZIj6psIIhIx6psjbW+ELcPtzvZWG93mW1saA7gby2RdD
2do0DMtqvB3jQ0ecYy7cno13hOf6M1hSafhhSl8gymOLUZYAQJBGpwJHIP6H6k5p
/mN6A/W581HmlwhwHjTMeY+V4kHwdqOloiDQQ6O3kF7OJ5EP3+E8dTzvmbQ9TQgw
BESKlyQDWDKRodC/qgbs0ji55SMl4oa4UcBLWLxKjCYppIVai/bluoXXqcjFLEeK
Y9Pt4N4mi4FdSA==
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:51:29 2025 by rpki-client