Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File: hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier: ZgVQwEVlyep7BlTYHin31M/DMvGNhaNhY6CeAKD7rR0=
Subject key identifier: 17:40:14:75:A9:03:4F:CE:0D:1A:04:19:68:56:13:28:11:54:16:51
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer: /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial: 01978AA3A8649BD673935AFAE37D8BB3819E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number: 15A2
Signing time: Fri 20 Jun 2025 00:01:10 +0000
Manifest this update: Fri 20 Jun 2025 00:01:10 +0000
Manifest next update: Sat 21 Jun 2025 00:01:10 +0000
Files and hashes: 1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: tkn2HrXZvFknzXO0g3Pn06K6WgyAWs/I0Df14oVWNIE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 19:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8a:a3:a8:64:9b:d6:73:93:5a:fa:e3:7d:8b:b3:81:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
Validity
Not Before: Jun 20 00:01:10 2025 GMT
Not After : Jun 21 00:01:10 2025 GMT
Subject: CN=17401475a9034fce0d1a04196856132811541651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:14:ad:55:94:2c:70:0e:75:49:6e:78:8f:2b:
75:63:28:f2:2f:be:e6:3e:b6:82:9f:59:8a:a9:d6:
3f:30:42:9f:71:31:c9:5f:01:53:a9:fa:19:43:b0:
e8:3e:7f:ec:66:fe:2b:ec:e3:ac:bc:10:0e:49:f7:
48:aa:78:08:f6:23:74:6f:30:fc:f7:fe:68:cd:d6:
a3:33:c6:0e:d7:4c:40:b0:7c:14:fc:f9:bf:c3:ad:
73:fb:34:90:ec:21:bd:31:5e:f3:4d:51:b2:37:50:
ac:cd:35:d1:81:01:16:99:a1:f1:32:af:eb:16:a9:
6f:82:54:07:72:7f:34:00:cb:a0:82:85:b6:5e:9f:
7d:c7:17:7a:cf:af:3c:9c:e3:d3:bb:70:f4:da:ab:
19:c5:52:dd:ae:66:c2:50:f4:18:5c:e7:31:38:5f:
08:da:92:ad:ca:19:4c:ca:b8:e4:59:94:4f:0c:2c:
e0:93:f0:bf:f5:86:ca:8d:45:77:50:71:1a:30:3c:
ce:58:ac:08:71:61:3d:46:d3:9e:37:a5:34:c5:18:
5d:8e:2f:29:0d:82:18:2a:57:ba:7b:92:75:d4:16:
11:14:85:67:39:3e:76:93:60:28:b6:d9:c4:73:9b:
d8:44:bf:e0:7e:00:5a:aa:d4:9a:0f:bb:d9:04:b5:
78:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:40:14:75:A9:03:4F:CE:0D:1A:04:19:68:56:13:28:11:54:16:51
X509v3 Authority Key Identifier:
keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:76:91:b0:a1:ee:a9:a1:4e:a9:28:8a:79:d5:e4:35:27:30:
a4:dd:4e:00:d0:74:9c:1f:ca:43:69:d1:a7:a0:9f:34:f1:7b:
89:a2:7b:2d:45:e3:e0:93:11:2d:fe:1c:2f:fc:74:cc:bb:da:
c2:bf:d9:22:e8:28:a5:1c:9f:77:e8:43:41:1c:47:4e:f1:59:
3b:f4:c0:51:8d:32:00:58:80:a2:b0:2d:df:79:fd:72:6a:9f:
e8:61:1d:d0:87:e4:9f:12:23:f9:e1:43:16:5e:1d:3a:a4:47:
73:f8:b1:15:74:0a:17:9c:8c:44:7b:a8:dd:df:7d:ad:18:fd:
a2:1e:78:fe:0f:85:f9:00:16:1d:c3:d6:9a:72:1d:77:88:0e:
a3:00:66:93:0b:13:85:e8:97:fb:1c:14:15:79:ad:55:c3:94:
af:c2:34:86:34:d8:ed:27:32:38:5f:ed:27:8b:ce:8b:94:2c:
d9:23:80:ab:b0:9a:7c:d9:8e:71:3f:ff:cb:dd:99:28:dd:23:
e8:b0:cb:97:59:f1:d3:89:1b:3b:1d:05:a0:94:c7:f8:c5:b7:
d3:71:9a:d7:2e:ef:5f:2c:2b:01:d6:f5:8a:61:76:fb:68:29:
f6:2f:ae:50:76:99:31:39:76:fe:7b:fb:9b:71:e1:90:6b:3e:
28:ab:c2:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeKo6hkm9Zzk1r6432Ls4GeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUwNjIwMDAwMTEwWhcNMjUwNjIxMDAwMTEwWjAzMTEwLwYDVQQD
EygxNzQwMTQ3NWE5MDM0ZmNlMGQxYTA0MTk2ODU2MTMyODExNTQxNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxStVZQscA51SW54jyt1YyjyL77m
PraCn1mKqdY/MEKfcTHJXwFTqfoZQ7DoPn/sZv4r7OOsvBAOSfdIqngI9iN0bzD8
9/5ozdajM8YO10xAsHwU/Pm/w61z+zSQ7CG9MV7zTVGyN1CszTXRgQEWmaHxMq/r
FqlvglQHcn80AMuggoW2Xp99xxd6z688nOPTu3D02qsZxVLdrmbCUPQYXOcxOF8I
2pKtyhlMyrjkWZRPDCzgk/C/9YbKjUV3UHEaMDzOWKwIcWE9RtOeN6U0xRhdji8p
DYIYKle6e5J11BYRFIVnOT52k2AottnEc5vYRL/gfgBaqtSaD7vZBLV4lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdAFHWpA0/ODRoEGWhWEygRVBZRMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe3aRsKHu
qaFOqSiKedXkNScwpN1OANB0nB/KQ2nRp6CfNPF7iaJ7LUXj4JMRLf4cL/x0zLva
wr/ZIugopRyfd+hDQRxHTvFZO/TAUY0yAFiAorAt33n9cmqf6GEd0IfknxIj+eFD
Fl4dOqRHc/ixFXQKF5yMRHuo3d99rRj9oh54/g+F+QAWHcPWmnIdd4gOowBmkwsT
heiX+xwUFXmtVcOUr8I0hjTY7ScyOF/tJ4vOi5Qs2SOAq7CafNmOcT//y92ZKN0j
6LDLl1nx04kbOx0FoJTH+MW303Ga1y7vXywrAdb1imF2+2gp9i+uUHaZMTl2/nv7
m3HhkGs+KKvCIQ==
-----END CERTIFICATE-----
Generated at Fri Jun 20 04:58:16 2025 by rpki-client