Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: Q8yn7OGBR/FsiHHduGMyCQpCmYH0YxSRuIHoishgKPA=
Subject key identifier: B9:FF:D4:FC:55:82:EC:61:76:DF:9A:77:D8:77:8B:55:09:A8:C4:61
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 01987CE57FEDF8EDE171889AA7180AC1B557
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 15AC
Signing time: Wed 06 Aug 2025 01:01:11 +0000
Manifest this update: Wed 06 Aug 2025 01:01:11 +0000
Manifest next update: Thu 07 Aug 2025 01:01:11 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: 4HxzB9QCYtUnIlfX1dhZnqwGFQtM132pYsqDRHw81JQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:e5:7f:ed:f8:ed:e1:71:88:9a:a7:18:0a:c1:b5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Aug 6 01:01:11 2025 GMT
Not After : Aug 7 01:01:11 2025 GMT
Subject: CN=b9ffd4fc5582ec6176df9a77d8778b5509a8c461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3c:7b:f0:b4:ec:e8:10:e0:92:b1:b7:71:21:
bc:49:ca:4c:6f:9e:45:44:cc:25:6c:89:2d:c7:33:
ef:3a:59:50:9f:a9:3c:2a:bd:d9:c9:a1:08:26:55:
73:a7:62:02:4b:28:d3:b4:bf:ad:2a:54:08:ba:96:
4f:2b:c3:77:3b:1e:7c:00:03:6a:13:be:54:83:bc:
43:97:17:d6:6f:b0:c3:9c:a4:6a:db:2e:c2:6e:80:
5a:54:a9:46:f8:73:36:33:e0:6a:4c:4a:ba:2b:17:
18:58:76:c0:f8:43:17:3c:32:65:e4:8b:fa:77:73:
af:ca:52:49:03:10:45:30:cf:27:cb:78:b6:9b:b4:
69:69:9a:79:ab:c7:97:bb:93:47:f2:7f:62:1f:c6:
77:6f:c9:6b:b9:de:ac:b8:56:ed:6f:a7:57:dc:38:
87:f7:18:98:11:c9:8e:7f:e3:af:e8:96:4e:4e:eb:
36:19:91:a0:77:ee:50:cf:39:b3:29:9d:ee:37:75:
c7:ff:72:14:e6:d4:16:5e:28:40:7f:6f:5e:d7:8e:
d5:9d:0d:f0:48:58:1f:2c:f6:11:de:3b:3b:a1:45:
c1:f8:7c:b3:38:47:87:77:94:5d:65:26:67:40:bd:
f0:23:10:51:2e:c4:e1:81:8e:0e:6d:83:36:ee:f0:
b6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:D4:FC:55:82:EC:61:76:DF:9A:77:D8:77:8B:55:09:A8:C4:61
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:e2:43:1f:14:28:61:fe:97:ba:3c:b3:06:21:4f:29:cd:0d:
82:a2:69:42:dc:ac:74:63:03:ce:c9:e1:58:bb:60:1a:6d:69:
e5:b2:d0:28:7f:43:72:e3:fb:7d:59:76:87:2c:9d:5c:a5:0a:
12:6c:2d:bc:5f:67:71:a0:bc:53:da:15:b8:b1:27:61:dd:3e:
bc:de:39:7f:5c:0b:49:10:f3:fa:89:e9:e0:29:cb:e1:31:0a:
9e:6b:48:01:aa:d6:a5:77:a7:03:b9:8c:be:92:a3:d8:60:91:
2c:24:f1:4a:0d:2b:cc:12:5e:d7:c1:14:62:7c:10:d2:07:54:
9b:3f:32:d9:cf:2f:d8:a2:fc:37:e3:8d:94:3c:00:58:97:21:
7b:14:5e:fb:e4:cc:25:c3:5e:62:c9:39:22:b9:9d:2f:76:fd:
5b:46:07:df:6f:32:0f:27:e2:14:29:4b:ec:c8:02:1d:f8:2f:
fb:62:ec:37:a7:1a:b2:76:a8:3c:b2:37:57:6e:c1:19:72:67:
99:29:c6:42:d9:ae:0e:82:2e:7c:17:33:6f:e0:92:bb:aa:b7:
d1:20:e5:17:f8:b7:82:a4:48:69:6d:17:11:16:4c:25:91:71:
b4:3b:f1:6f:5c:28:11:94:f8:20:11:13:de:f9:94:dc:2f:35:
a2:40:db:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh85X/t+O3hcYiapxgKwbVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUwODA2MDEwMTExWhcNMjUwODA3MDEwMTExWjAzMTEwLwYDVQQD
EyhiOWZmZDRmYzU1ODJlYzYxNzZkZjlhNzdkODc3OGI1NTA5YThjNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Tx78LTs6BDgkrG3cSG8ScpMb55F
RMwlbIktxzPvOllQn6k8Kr3ZyaEIJlVzp2ICSyjTtL+tKlQIupZPK8N3Ox58AANq
E75Ug7xDlxfWb7DDnKRq2y7CboBaVKlG+HM2M+BqTEq6KxcYWHbA+EMXPDJl5Iv6
d3OvylJJAxBFMM8ny3i2m7RpaZp5q8eXu5NH8n9iH8Z3b8lrud6suFbtb6dX3DiH
9xiYEcmOf+Ov6JZOTus2GZGgd+5QzzmzKZ3uN3XH/3IU5tQWXihAf29e147VnQ3w
SFgfLPYR3js7oUXB+HyzOEeHd5RdZSZnQL3wIxBRLsThgY4ObYM27vC2AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLn/1PxVguxhdt+ad9h3i1UJqMRhMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOJDHxQo
Yf6XujyzBiFPKc0NgqJpQtysdGMDzsnhWLtgGm1p5bLQKH9DcuP7fVl2hyydXKUK
EmwtvF9ncaC8U9oVuLEnYd0+vN45f1wLSRDz+onp4CnL4TEKnmtIAarWpXenA7mM
vpKj2GCRLCTxSg0rzBJe18EUYnwQ0gdUmz8y2c8v2KL8N+ONlDwAWJchexRe++TM
JcNeYsk5IrmdL3b9W0YH328yDyfiFClL7MgCHfgv+2LsN6casnaoPLI3V27BGXJn
mSnGQtmuDoIufBczb+CSu6q30SDlF/i3gqRIaW0XERZMJZFxtDvxb1woEZT4IBET
3vmU3C81okDbwg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 03:59:57 2025 by rpki-client