Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: UfYskK7ILS2mf3FrCsF89U52fctCoF65X5h+hJMWPwU=
Subject key identifier: 62:06:A7:7E:36:EF:89:D8:4F:1D:44:0B:FC:19:BF:88:0D:70:01:E9
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 01987374922F9439F21DC1379CF11121FE0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: DA
Signing time: Mon 04 Aug 2025 05:01:16 +0000
Manifest this update: Mon 04 Aug 2025 05:01:16 +0000
Manifest next update: Tue 05 Aug 2025 05:01:16 +0000
Files and hashes: 1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=)
2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: IPnM5JRzdN5nYdx+7EJB7iomaIKNx+Tp8NiPORY9G/I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:74:92:2f:94:39:f2:1d:c1:37:9c:f1:11:21:fe:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Aug 4 05:01:16 2025 GMT
Not After : Aug 5 05:01:16 2025 GMT
Subject: CN=6206a77e36ef89d84f1d440bfc19bf880d7001e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:b7:7c:cc:26:3e:3a:de:f3:2b:cd:4e:d4:
62:14:98:95:60:64:db:75:98:21:53:4d:2b:92:f6:
d4:4d:85:29:eb:38:33:92:ef:c0:44:0a:f3:a8:49:
73:06:ef:dc:69:71:57:51:eb:cd:74:57:8c:f2:2d:
b0:34:ba:11:4d:88:6f:d8:26:71:00:d3:2e:57:c6:
12:57:64:6b:8c:9e:56:95:7f:ee:83:41:f4:fe:6c:
76:9c:6e:91:9b:8d:5b:b1:10:b8:87:68:af:02:a3:
51:79:e2:1f:fa:43:de:78:81:4d:68:fa:82:53:dc:
7e:93:61:d0:f0:e6:a3:6a:66:51:54:ef:7a:9f:3b:
0b:40:a7:fe:01:89:85:db:d2:8d:c4:51:9c:c5:33:
50:30:91:d1:66:bb:31:c1:30:89:91:b6:75:5c:05:
9b:66:d4:c2:a8:ce:4f:b5:6e:9e:28:ca:ab:3e:b4:
fd:18:4c:bd:13:cf:6e:eb:d9:79:17:1a:d9:eb:7a:
a4:6b:47:3b:7a:b1:49:d8:df:a0:8a:a1:e4:bd:60:
5d:e5:10:71:ad:5e:87:63:c0:ad:a0:c8:16:05:93:
52:7d:05:e5:ca:39:e9:84:39:f4:85:6b:82:3a:27:
6d:d1:3e:ff:45:0f:a2:7f:d5:7b:8d:40:46:65:2c:
40:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:06:A7:7E:36:EF:89:D8:4F:1D:44:0B:FC:19:BF:88:0D:70:01:E9
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:45:b1:3e:fb:99:c8:38:c6:1c:4d:6f:27:82:ed:d7:f6:94:
ac:cb:c8:35:a2:34:68:26:f4:6b:2c:a0:13:bd:0b:22:59:0c:
b0:41:29:a2:52:6a:d7:26:ee:a4:35:91:5b:d8:07:af:5b:3a:
03:3d:92:aa:1e:b3:84:d0:07:4a:95:af:c4:ff:cd:ae:7e:1f:
e5:38:bd:0e:e0:cb:93:a9:a9:df:49:35:a7:47:a2:ed:b4:39:
b3:52:c9:28:81:d9:c7:eb:a5:a1:dd:43:c2:0e:74:41:1d:51:
59:2b:25:13:58:49:32:62:04:27:8e:14:66:98:34:20:61:8e:
48:66:1b:04:ef:b2:0f:90:83:17:5e:bc:ca:1e:39:61:fa:c2:
76:6e:4e:37:e6:13:2a:a3:6f:68:8f:08:22:4d:c7:b7:a2:fe:
7f:9f:c7:56:cc:d3:5f:1b:5f:dd:74:a2:83:cb:57:de:69:2c:
4f:61:e2:e3:64:c5:57:53:a6:af:86:64:b5:11:c9:27:9a:ef:
a3:4f:9d:56:62:b2:d9:e3:fb:30:4d:50:42:43:98:4f:b6:20:
15:08:6c:a0:7c:7e:8f:e1:dc:26:d9:ac:ce:c7:c2:60:5b:fd:
6d:9e:bb:bd:c6:14:cf:ff:e6:01:f3:b2:68:a5:aa:2f:7d:26:
9a:cc:1c:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdJIvlDnyHcE3nPERIf4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjUwODA0MDUwMTE2WhcNMjUwODA1MDUwMTE2WjAzMTEwLwYDVQQD
Eyg2MjA2YTc3ZTM2ZWY4OWQ4NGYxZDQ0MGJmYzE5YmY4ODBkNzAwMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTK3fMwmPjre8yvNTtRiFJiVYGTb
dZghU00rkvbUTYUp6zgzku/ARArzqElzBu/caXFXUevNdFeM8i2wNLoRTYhv2CZx
ANMuV8YSV2RrjJ5WlX/ug0H0/mx2nG6Rm41bsRC4h2ivAqNReeIf+kPeeIFNaPqC
U9x+k2HQ8OajamZRVO96nzsLQKf+AYmF29KNxFGcxTNQMJHRZrsxwTCJkbZ1XAWb
ZtTCqM5PtW6eKMqrPrT9GEy9E89u69l5FxrZ63qka0c7erFJ2N+giqHkvWBd5RBx
rV6HY8CtoMgWBZNSfQXlyjnphDn0hWuCOidt0T7/RQ+if9V7jUBGZSxAgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGIGp34274nYTx1EC/wZv4gNcAHpMB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakWxPvuZ
yDjGHE1vJ4Lt1/aUrMvINaI0aCb0ayygE70LIlkMsEEpolJq1ybupDWRW9gHr1s6
Az2Sqh6zhNAHSpWvxP/Nrn4f5Ti9DuDLk6mp30k1p0ei7bQ5s1LJKIHZx+ulod1D
wg50QR1RWSslE1hJMmIEJ44UZpg0IGGOSGYbBO+yD5CDF168yh45YfrCdm5ON+YT
KqNvaI8IIk3Ht6L+f5/HVszTXxtf3XSig8tX3mksT2Hi42TFV1Omr4ZktRHJJ5rv
o0+dVmKy2eP7ME1QQkOYT7YgFQhsoHx+j+HcJtmszsfCYFv9bZ67vcYUz//mAfOy
aKWqL30mmswcKg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:09:15 2025 by rpki-client