Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: zx3YKKJlxJ3syh0v0SqbQ7YRmbpEz/GMv2JkUAgM19c=
Subject key identifier: 7C:55:9B:E0:60:26:07:A0:A2:92:74:76:34:36:8C:B5:6A:B1:DE:11
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 019849D2EE7AE5CE643E111B9ECFAA7071FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1602
Signing time: Sun 27 Jul 2025 03:00:16 +0000
Manifest this update: Sun 27 Jul 2025 03:00:16 +0000
Manifest next update: Mon 28 Jul 2025 03:00:16 +0000
Files and hashes: 1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: hMSViTC1fVyWe6MXi1RCEUxgTEHpPd5zdKv06xZhf2M=)
2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 03:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:49:d2:ee:7a:e5:ce:64:3e:11:1b:9e:cf:aa:70:71:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jul 27 03:00:16 2025 GMT
Not After : Jul 28 03:00:16 2025 GMT
Subject: CN=7c559be0602607a0a292747634368cb56ab1de11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:36:58:db:45:49:e3:32:49:3d:f2:3c:c9:
55:7c:d7:fd:08:d7:19:e0:e1:4b:22:c2:f2:37:10:
f9:d9:ca:d4:0d:95:7d:d3:9e:da:9e:07:f9:47:70:
e0:ba:81:b3:d1:99:8f:57:a5:5e:92:c2:ca:af:1f:
d2:a6:44:3e:b2:cd:ce:f0:64:b1:05:a1:cd:f7:b7:
8d:38:8f:20:46:a4:32:33:1d:2b:f3:66:78:28:57:
9b:a4:c0:89:aa:aa:bc:df:45:2e:e2:06:49:51:23:
16:0b:5b:aa:fb:b9:76:8b:b0:42:ac:e0:3d:6e:e7:
98:23:2f:ee:9f:b9:fc:9a:44:23:43:6f:9e:99:99:
f7:33:20:ea:a6:95:68:67:89:f0:5b:fc:46:08:30:
4f:66:ae:9b:51:30:34:23:e5:26:a4:ef:a5:99:9b:
21:4c:77:ea:d5:1d:2b:e0:61:93:db:ca:d3:e6:d4:
1f:09:c7:be:7c:3f:d8:83:9f:c5:cf:f5:b1:fc:f9:
16:8f:9a:7d:9b:fc:12:69:c2:21:c2:3e:43:d8:2f:
06:b7:b4:fa:90:1e:e3:a1:6e:fe:58:cb:62:e7:93:
ea:91:68:f0:77:2f:75:8c:1f:b1:84:1a:7a:c5:84:
e4:13:5d:3c:82:6f:50:18:a1:d6:6f:8f:ff:92:bd:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:55:9B:E0:60:26:07:A0:A2:92:74:76:34:36:8C:B5:6A:B1:DE:11
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:dd:90:cb:13:ed:a5:ad:9b:12:7c:96:26:d4:71:2f:f5:a3:
e3:bd:30:5f:9d:c9:7c:6c:6c:ee:a2:80:bc:e1:ef:4c:4c:42:
14:e7:f2:8b:88:aa:40:a9:5b:7b:07:57:67:56:99:72:17:b8:
8f:f2:35:5c:5a:e6:07:22:cc:32:f9:f5:0e:8e:f8:cc:a7:98:
fd:e3:25:36:e3:4b:8e:c5:bb:11:39:43:ed:78:cc:56:24:cf:
73:cb:f5:6d:bd:b5:0c:a0:4a:c0:40:88:9e:15:e1:e7:d4:69:
70:fa:80:57:96:4a:73:a8:0e:ba:8b:10:cd:ba:cd:fd:d5:c1:
77:ce:4b:0f:45:92:b8:b8:69:1d:b7:58:84:2e:99:6a:8a:11:
9b:e5:25:86:63:7d:be:c8:2c:3d:a1:b0:01:2e:6b:a1:33:70:
6d:7c:9f:9c:f2:5f:d9:00:18:2f:8f:6f:84:43:3a:0c:42:4e:
b2:f6:4c:2f:37:de:cc:09:b4:c6:af:dd:2b:b8:97:2b:78:ce:
9f:6f:bc:d6:bb:d1:95:ac:54:4a:3e:eb:9d:52:d0:bb:34:ad:
c0:2d:82:43:8e:9b:97:23:0f:3d:9e:00:7a:f0:76:f5:89:06:
c7:61:00:17:f7:55:d2:87:83:b4:b0:7c:b4:61:d0:38:78:eb:
f1:eb:50:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ0u565c5kPhEbns+qcHH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUwNzI3MDMwMDE2WhcNMjUwNzI4MDMwMDE2WjAzMTEwLwYDVQQD
Eyg3YzU1OWJlMDYwMjYwN2EwYTI5Mjc0NzYzNDM2OGNiNTZhYjFkZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHM2WNtFSeMyST3yPMlVfNf9CNcZ
4OFLIsLyNxD52crUDZV9057angf5R3DguoGz0ZmPV6VeksLKrx/SpkQ+ss3O8GSx
BaHN97eNOI8gRqQyMx0r82Z4KFebpMCJqqq830Uu4gZJUSMWC1uq+7l2i7BCrOA9
bueYIy/un7n8mkQjQ2+emZn3MyDqppVoZ4nwW/xGCDBPZq6bUTA0I+UmpO+lmZsh
THfq1R0r4GGT28rT5tQfCce+fD/Yg5/Fz/Wx/PkWj5p9m/wSacIhwj5D2C8Gt7T6
kB7joW7+WMti55PqkWjwdy91jB+xhBp6xYTkE108gm9QGKHWb4//kr0nowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxVm+BgJgegopJ0djQ2jLVqsd4RMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ92QyxPt
pa2bEnyWJtRxL/Wj470wX53JfGxs7qKAvOHvTExCFOfyi4iqQKlbewdXZ1aZche4
j/I1XFrmByLMMvn1Do74zKeY/eMlNuNLjsW7ETlD7XjMViTPc8v1bb21DKBKwECI
nhXh59RpcPqAV5ZKc6gOuosQzbrN/dXBd85LD0WSuLhpHbdYhC6ZaooRm+UlhmN9
vsgsPaGwAS5roTNwbXyfnPJf2QAYL49vhEM6DEJOsvZMLzfezAm0xq/dK7iXK3jO
n2+81rvRlaxUSj7rnVLQuzStwC2CQ46blyMPPZ4AevB29YkGx2EAF/dV0oeDtLB8
tGHQOHjr8etQpw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:39:19 2025 by rpki-client