
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: cX81b8+I2NS2AxWaDO2eQti97yr6eZ0r+0p592FDU54=
Subject key identifier: 85:6C:44:D8:A1:C4:B6:31:D3:01:55:7B:0F:85:A1:B6:A3:78:2D:EC
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 0198879F6AE260C155930066E237694DB415
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1622
Signing time: Fri 08 Aug 2025 03:00:28 +0000
Manifest this update: Fri 08 Aug 2025 03:00:28 +0000
Manifest next update: Sat 09 Aug 2025 03:00:28 +0000
Files and hashes: 1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: kYVVrF73cZvvq2Y596Rh4R7GNAgssWA9WnwIHzAIY8E=)
2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:87:9f:6a:e2:60:c1:55:93:00:66:e2:37:69:4d:b4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Aug 8 03:00:28 2025 GMT
Not After : Aug 9 03:00:28 2025 GMT
Subject: CN=856c44d8a1c4b631d301557b0f85a1b6a3782dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:83:de:e9:c1:bf:c2:6a:4d:3c:ba:40:32:
5c:ac:ec:3a:f2:41:7b:69:ce:5d:85:75:8a:35:ef:
3a:3c:9f:e8:e0:3d:4e:98:ea:8b:f9:9f:8a:e2:35:
53:e6:46:ab:72:cc:8d:df:ab:41:0a:0c:8b:54:6d:
a4:66:78:e8:b8:3d:41:b1:c5:13:36:d9:f9:42:c1:
f5:31:93:3c:49:43:3a:04:58:2d:44:9d:89:ac:8c:
d2:6b:0c:ed:63:f0:a7:f3:88:8a:bf:04:f8:f1:09:
ea:00:38:7d:0f:85:74:15:27:73:f4:e8:16:27:93:
9e:b7:de:39:cb:93:67:1a:c0:b2:40:5c:aa:9d:56:
74:cf:b6:97:63:ff:1a:17:80:b2:97:37:66:b1:a7:
13:57:cc:36:49:f6:40:79:db:81:31:be:41:6d:d3:
5c:56:bb:a8:da:63:98:be:ee:37:08:ea:33:6a:a8:
15:f0:f8:8b:6a:2e:bb:b7:fb:8c:0b:f3:c2:b3:e9:
11:f6:f8:a5:99:04:75:e2:ef:11:91:91:aa:ca:17:
b4:b9:cf:3b:07:8f:f2:51:6a:ab:0e:93:a1:80:7a:
5d:9b:e3:07:01:3c:83:2a:1f:2d:c9:65:73:a5:3c:
24:aa:bb:10:63:c2:c9:29:46:d2:68:f9:91:dc:82:
13:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6C:44:D8:A1:C4:B6:31:D3:01:55:7B:0F:85:A1:B6:A3:78:2D:EC
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:52:d7:6a:f5:fc:a8:75:07:26:6c:e6:b2:57:73:a1:08:76:
07:b2:3c:67:92:6c:ba:ed:a5:6a:14:59:be:ae:25:89:4e:91:
ef:32:2d:4e:f0:be:33:b3:21:7c:01:85:ef:8a:37:8e:1a:bd:
d7:8b:e4:22:0b:ee:4f:7e:c0:c0:b5:9d:40:3a:3f:e0:5d:28:
95:7e:15:09:39:9e:26:57:5e:de:42:2f:25:da:e1:49:d5:5c:
52:af:6d:d9:94:fb:19:78:fc:5f:77:14:db:ed:14:09:3d:04:
4f:b8:a9:01:9e:55:c4:c5:bb:0e:ec:8d:05:11:80:3e:4b:b8:
f3:20:fc:72:16:69:fe:0d:04:e3:85:0d:8e:99:93:ab:2e:b7:
ba:68:08:fc:1d:ed:41:fb:cd:0e:52:cc:ef:9e:1d:9a:e0:39:
fe:33:fd:af:b1:21:84:b9:80:33:29:2e:eb:6d:76:b2:ac:f3:
83:a6:47:9c:92:18:1d:33:41:3a:c9:3c:a4:36:c1:ca:d0:09:
89:aa:4e:4a:c8:f2:20:a7:1f:09:5d:01:44:01:6a:4d:ce:80:
c5:48:0d:26:74:e9:f6:87:fc:80:e1:29:d2:5c:52:e8:d9:b5:
c8:dd:9b:20:29:a4:eb:dc:bb:2c:e3:1d:37:8a:3d:f3:2f:cb:
cc:17:c2:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiHn2riYMFVkwBm4jdpTbQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUwODA4MDMwMDI4WhcNMjUwODA5MDMwMDI4WjAzMTEwLwYDVQQD
Eyg4NTZjNDRkOGExYzRiNjMxZDMwMTU1N2IwZjg1YTFiNmEzNzgyZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApraD3unBv8JqTTy6QDJcrOw68kF7
ac5dhXWKNe86PJ/o4D1OmOqL+Z+K4jVT5karcsyN36tBCgyLVG2kZnjouD1BscUT
Ntn5QsH1MZM8SUM6BFgtRJ2JrIzSawztY/Cn84iKvwT48QnqADh9D4V0FSdz9OgW
J5Oet945y5NnGsCyQFyqnVZ0z7aXY/8aF4CylzdmsacTV8w2SfZAeduBMb5BbdNc
Vruo2mOYvu43COozaqgV8PiLai67t/uMC/PCs+kR9vilmQR14u8RkZGqyhe0uc87
B4/yUWqrDpOhgHpdm+MHATyDKh8tyWVzpTwkqrsQY8LJKUbSaPmR3IIT6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVsRNihxLYx0wFVew+FobajeC3sMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAflLXavX8
qHUHJmzmsldzoQh2B7I8Z5Jsuu2lahRZvq4liU6R7zItTvC+M7MhfAGF74o3jhq9
14vkIgvuT37AwLWdQDo/4F0olX4VCTmeJlde3kIvJdrhSdVcUq9t2ZT7GXj8X3cU
2+0UCT0ET7ipAZ5VxMW7DuyNBRGAPku48yD8chZp/g0E44UNjpmTqy63umgI/B3t
QfvNDlLM754dmuA5/jP9r7EhhLmAMyku6212sqzzg6ZHnJIYHTNBOsk8pDbBytAJ
iapOSsjyIKcfCV0BRAFqTc6AxUgNJnTp9of8gOEp0lxS6Nm1yN2bICmk69y7LOMd
N4o98y/LzBfCDA==
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:02:07 2025 by rpki-client