Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: rLeocv8vrNYGgvW4u6rwtD1sV4gYTNeFCj8Run5mV+Y=
Subject key identifier: 68:D8:C0:62:EE:BD:65:59:58:9F:FF:25:6C:35:F2:B5:38:2D:43:0E
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 01988E0F5F3E16BB397F0AE1FCCDEFC5DACE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 1628
Signing time: Sat 09 Aug 2025 09:00:28 +0000
Manifest this update: Sat 09 Aug 2025 09:00:28 +0000
Manifest next update: Sun 10 Aug 2025 09:00:28 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: Ko0JYz9QOa+pYHEPQsKpXt21vCB59eGbUtwykEwyJ8w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8e:0f:5f:3e:16:bb:39:7f:0a:e1:fc:cd:ef:c5:da:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Aug 9 09:00:28 2025 GMT
Not After : Aug 10 09:00:28 2025 GMT
Subject: CN=68d8c062eebd6559589fff256c35f2b5382d430e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a1:81:1a:96:d3:e9:14:6d:95:a9:62:4d:a8:
c7:0e:49:e4:64:e8:39:b4:05:f8:ee:2c:b3:8f:7a:
3f:50:39:67:fc:0f:2b:dd:73:82:73:ce:eb:fe:d5:
fa:00:7f:a7:02:b6:1b:ad:2f:f8:b2:50:14:71:9c:
c8:9e:4a:ae:58:6f:ae:36:1c:ed:bc:c0:ee:69:a4:
5c:da:aa:fd:89:a6:db:65:d8:21:75:6e:b0:61:a9:
d1:d7:8a:09:2e:c2:53:b8:47:57:db:c1:50:90:ae:
a7:75:a4:c6:11:6f:0f:9a:81:4b:40:a8:57:7c:75:
31:c5:36:4b:3a:1a:2a:37:7a:18:41:20:bf:0c:35:
d0:d6:88:dd:76:13:95:03:9a:ea:8d:01:30:f3:40:
66:ab:bf:47:5e:01:87:20:e6:85:b7:cb:61:dd:6f:
bb:3a:2c:7f:a1:cf:f9:d8:20:b0:0c:de:88:d5:7e:
7d:70:a2:a5:2f:73:12:51:da:e1:6d:5f:b8:05:f9:
48:c3:21:f6:a7:f9:2b:82:87:57:73:a8:83:38:0d:
c8:78:00:68:74:13:33:26:97:45:8a:f0:3d:18:16:
e2:d9:62:25:c1:60:58:42:1e:0c:8d:32:fb:cd:e1:
27:07:71:c6:98:48:01:71:ff:11:dd:2e:8d:db:b1:
2f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D8:C0:62:EE:BD:65:59:58:9F:FF:25:6C:35:F2:B5:38:2D:43:0E
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:d4:b9:fb:d6:2d:aa:d4:b2:9e:60:96:1d:36:18:c4:98:82:
da:db:9d:3e:12:9c:af:aa:eb:10:12:0d:58:ac:39:bf:bf:de:
ea:e1:8f:8c:ec:65:32:06:a4:c2:7e:38:8d:79:52:55:24:61:
59:4d:7c:95:5e:e4:5f:dd:8b:40:a7:91:95:d0:86:1c:9e:3e:
2c:20:dc:4b:9c:78:f0:56:a6:27:ae:ee:b9:d4:d1:e9:7e:3c:
8d:e8:ea:d3:1c:0d:16:9f:62:89:e3:1e:4d:81:f4:62:b3:b9:
0a:56:a7:a4:26:4b:76:28:7c:da:26:1f:a6:ea:2a:d1:b6:57:
47:54:ce:a0:6d:8d:80:21:08:35:d3:e4:d5:bf:6a:17:89:e5:
6a:c3:8e:9f:17:13:4e:e1:ca:fc:bd:d2:2f:57:b4:19:51:31:
d3:82:13:f1:f2:d3:aa:6d:2d:2a:e9:2c:2b:d3:92:6f:07:23:
f2:97:9a:e4:09:62:c0:dd:89:c1:d3:11:7b:60:d2:e5:88:bd:
2a:dd:6b:60:3e:7a:f2:72:cb:b1:96:18:b7:ef:f6:2f:3d:3c:
67:8a:ca:6f:6d:94:3d:15:30:af:d2:68:69:89:d3:dc:58:1a:
b4:d7:07:77:2a:64:ca:3a:87:7c:c4:61:20:db:56:a5:c5:78:
b5:c4:46:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiOD18+Frs5fwrh/M3vxdrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwODA5MDkwMDI4WhcNMjUwODEwMDkwMDI4WjAzMTEwLwYDVQQD
Eyg2OGQ4YzA2MmVlYmQ2NTU5NTg5ZmZmMjU2YzM1ZjJiNTM4MmQ0MzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqGBGpbT6RRtlaliTajHDknkZOg5
tAX47iyzj3o/UDln/A8r3XOCc87r/tX6AH+nArYbrS/4slAUcZzInkquWG+uNhzt
vMDuaaRc2qr9iabbZdghdW6wYanR14oJLsJTuEdX28FQkK6ndaTGEW8PmoFLQKhX
fHUxxTZLOhoqN3oYQSC/DDXQ1ojddhOVA5rqjQEw80Bmq79HXgGHIOaFt8th3W+7
Oix/oc/52CCwDN6I1X59cKKlL3MSUdrhbV+4BflIwyH2p/krgodXc6iDOA3IeABo
dBMzJpdFivA9GBbi2WIlwWBYQh4MjTL7zeEnB3HGmEgBcf8R3S6N27Ev7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjYwGLuvWVZWJ//JWw18rU4LUMOMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9S5+9Yt
qtSynmCWHTYYxJiC2tudPhKcr6rrEBINWKw5v7/e6uGPjOxlMgakwn44jXlSVSRh
WU18lV7kX92LQKeRldCGHJ4+LCDcS5x48FamJ67uudTR6X48jejq0xwNFp9iieMe
TYH0YrO5ClanpCZLdih82iYfpuoq0bZXR1TOoG2NgCEINdPk1b9qF4nlasOOnxcT
TuHK/L3SL1e0GVEx04IT8fLTqm0tKuksK9OSbwcj8pea5AliwN2JwdMRe2DS5Yi9
Kt1rYD568nLLsZYYt+/2Lz08Z4rKb22UPRUwr9JoaYnT3FgatNcHdypkyjqHfMRh
INtWpcV4tcRGFg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:30:27 2025 by rpki-client