Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
File: hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft (raw, json)
Hash identifier: tB3RlXsLlK7qtE9cJEhNEPVhj2HghCKWI0+WLxh7K5g=
Subject key identifier: D4:CB:E2:0C:D4:33:62:05:E3:06:7B:4D:8B:9C:7C:EC:32:E1:7F:1E
Authority key identifier: 86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
Certificate issuer: /CN=863841506d026131965057409a1604a5671f0541
Certificate serial: 019873E1ECCBFDA354048271EB0B15B9338E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
Manifest number: 03DF
Signing time: Mon 04 Aug 2025 07:00:42 +0000
Manifest this update: Mon 04 Aug 2025 07:00:42 +0000
Manifest next update: Tue 05 Aug 2025 07:00:42 +0000
Files and hashes: 1: hXap7hNXLEAQarnfnwYswdCAdkQ.roa (hash: bNhK/WdUp/9xvJiGhX97CJWQhZiON1WPJ6uWrAYKvFI=)
2: hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl (hash: dv/+DC84AF+35+QEgJN3pLZWjgW5zcdMHHolORDWhPA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:e1:ec:cb:fd:a3:54:04:82:71:eb:0b:15:b9:33:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=863841506d026131965057409a1604a5671f0541
Validity
Not Before: Aug 4 07:00:42 2025 GMT
Not After : Aug 5 07:00:42 2025 GMT
Subject: CN=d4cbe20cd4336205e3067b4d8b9c7cec32e17f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c9:cb:3a:25:9e:98:5f:d9:90:04:30:f6:6c:
4d:03:67:97:c3:9d:30:78:01:22:2f:14:ff:4a:a5:
7c:57:f3:6c:77:3e:c0:83:d1:74:c2:ea:a0:db:1e:
2f:c1:05:be:cb:db:43:e0:3a:70:b6:3b:a3:9e:6e:
70:0d:b8:d7:1e:82:e2:cb:6b:b4:2f:af:8d:07:c4:
ee:a0:95:e8:1b:c7:af:fc:94:4b:64:fa:5b:16:b7:
db:eb:c2:6c:cb:31:c4:5f:f0:e2:9d:26:b2:cc:ee:
c7:d2:ed:89:90:bd:8f:59:dc:92:92:88:55:f3:d5:
73:31:1a:fe:8c:bb:70:b4:e3:9d:67:2d:0e:89:1d:
84:72:a5:15:7a:e6:ae:e3:1c:8e:45:06:ba:89:36:
34:e1:4a:1b:85:7c:ab:93:28:5d:25:3e:e9:c2:b2:
67:b9:91:17:f8:c5:47:ea:0e:ca:54:06:13:c0:24:
1d:6e:de:10:fd:1a:b8:5f:db:9a:3c:df:9f:62:81:
0e:b8:09:dc:bb:2c:2b:86:05:25:fb:81:0f:e9:79:
32:33:a6:3a:dc:f8:84:ac:df:94:bf:7d:f2:68:be:
d6:b6:68:f5:6f:bd:15:82:25:e5:d5:1a:31:0e:bc:
18:95:3e:98:dd:62:fa:c6:55:11:7f:18:18:84:13:
dc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CB:E2:0C:D4:33:62:05:E3:06:7B:4D:8B:9C:7C:EC:32:E1:7F:1E
X509v3 Authority Key Identifier:
keyid:86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:e6:7f:3a:0c:13:9e:1b:b0:23:1c:dc:81:83:31:75:1a:f1:
55:38:a5:a4:fe:9c:07:5f:e6:89:2c:db:00:fd:ec:5f:b6:14:
0c:cb:49:d7:45:96:b5:2d:f3:dd:9d:6b:b8:08:62:72:b6:c5:
ce:03:5d:62:f9:d6:b2:ef:61:37:d7:bf:98:46:cc:3c:af:08:
55:3b:e1:26:69:ed:9b:39:2a:d4:ee:f0:35:c7:99:aa:4e:67:
6f:3a:3a:b1:48:2a:0f:6d:af:ce:cd:d6:ef:74:4b:a1:71:97:
2c:8d:d8:ca:90:64:fc:c0:3a:70:02:63:0b:d7:03:8c:6c:1f:
48:c9:8c:90:50:2f:e0:27:37:22:77:4e:95:5c:16:c9:91:28:
d5:57:18:a5:3d:5a:7b:f0:e0:11:00:98:05:d8:fc:e2:00:a7:
ca:2e:a3:ad:aa:e9:02:e5:8f:73:ed:d9:84:32:61:69:69:2c:
f9:2e:0e:35:19:86:ca:96:56:f1:de:59:89:a0:c1:6f:0b:4e:
2a:d5:f7:c2:a6:a5:2d:47:83:f7:34:e7:fc:8d:d6:10:ef:0b:
ab:3a:60:0d:78:11:9a:c8:da:1c:ed:98:b7:34:2d:ad:5a:3b:
6c:e3:75:4c:dd:c5:30:90:e2:93:f7:01:39:07:36:d0:24:53:
f1:85:b6:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4ezL/aNUBIJx6wsVuTOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Mzg0MTUwNmQwMjYxMzE5NjUwNTc0MDlhMTYwNGE1Njcx
ZjA1NDEwHhcNMjUwODA0MDcwMDQyWhcNMjUwODA1MDcwMDQyWjAzMTEwLwYDVQQD
EyhkNGNiZTIwY2Q0MzM2MjA1ZTMwNjdiNGQ4YjljN2NlYzMyZTE3ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4snLOiWemF/ZkAQw9mxNA2eXw50w
eAEiLxT/SqV8V/Nsdz7Ag9F0wuqg2x4vwQW+y9tD4Dpwtjujnm5wDbjXHoLiy2u0
L6+NB8TuoJXoG8ev/JRLZPpbFrfb68JsyzHEX/DinSayzO7H0u2JkL2PWdySkohV
89VzMRr+jLtwtOOdZy0OiR2EcqUVeuau4xyORQa6iTY04UobhXyrkyhdJT7pwrJn
uZEX+MVH6g7KVAYTwCQdbt4Q/Rq4X9uaPN+fYoEOuAncuywrhgUl+4EP6XkyM6Y6
3PiErN+Uv33yaL7Wtmj1b70VgiXl1RoxDrwYlT6Y3WL6xlURfxgYhBPccwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTL4gzUM2IF4wZ7TYucfOwy4X8eMB8GA1UdIwQY
MBaAFIY4QVBtAmExllBXQJoWBKVnHwVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2Mt
M2JmYTA1MDkyMDFmLzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2MtM2JmYTA1MDkyMDFm
LzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIeZ/OgwT
nhuwIxzcgYMxdRrxVTilpP6cB1/miSzbAP3sX7YUDMtJ10WWtS3z3Z1ruAhicrbF
zgNdYvnWsu9hN9e/mEbMPK8IVTvhJmntmzkq1O7wNceZqk5nbzo6sUgqD22vzs3W
73RLoXGXLI3YypBk/MA6cAJjC9cDjGwfSMmMkFAv4Cc3IndOlVwWyZEo1VcYpT1a
e/DgEQCYBdj84gCnyi6jrarpAuWPc+3ZhDJhaWks+S4ONRmGypZW8d5ZiaDBbwtO
KtX3wqalLUeD9zTn/I3WEO8LqzpgDXgRmsjaHO2YtzQtrVo7bON1TN3FMJDik/cB
OQc20CRT8YW2kg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:24:24 2025 by rpki-client