Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: XTQsQ6fSfjTihsM2ztyf4nElCIoslVA/8rDyKJv89zQ=
Subject key identifier: 33:43:CA:54:34:8E:EB:6A:F8:84:B1:3D:E0:F3:75:CE:5D:DF:D5:88
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 01983E3D2A6503D2C3CE14004120460FE0A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 11A7
Signing time: Thu 24 Jul 2025 21:00:52 +0000
Manifest this update: Thu 24 Jul 2025 21:00:52 +0000
Manifest next update: Fri 25 Jul 2025 21:00:52 +0000
Files and hashes: 1: EgrdXaLN-vc8C2zZS8RN3DywvDo.roa (hash: hzm54PDUPW3onP/qtSLZRsQOvKv3wuQ4riGx7IRQcQA=)
2: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: Y6K9nO3x9xyBRNgLmmQrN4xYkNrIUzFtX+WD6FjQyYU=)
3: rAaiXMvO9i5snovqluPbyo_QCN0.roa (hash: pt3vDzVbNzSpy4PSZ8+XX3gpZBn6uEG/ZRILx9TbDQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3e:3d:2a:65:03:d2:c3:ce:14:00:41:20:46:0f:e0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Jul 24 21:00:52 2025 GMT
Not After : Jul 25 21:00:52 2025 GMT
Subject: CN=3343ca54348eeb6af884b13de0f375ce5ddfd588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:d0:34:54:7d:90:63:9f:21:83:e8:8f:ea:
f3:47:e5:5d:5a:20:72:10:af:18:46:04:3a:48:22:
50:9b:ec:ff:f9:cc:95:c5:61:6f:45:31:d0:28:a4:
7a:f5:fe:13:2d:a3:5f:cd:d9:69:fa:c4:ef:16:d6:
b1:62:3e:46:6a:c6:f2:2a:80:9f:10:57:29:24:bc:
d9:8a:1a:fc:d0:09:f5:d3:51:5d:89:71:44:5b:16:
4d:c5:e3:97:b7:6d:04:3e:e2:79:93:32:e5:91:49:
aa:59:32:64:eb:1c:a7:8e:63:b7:89:8c:cf:b8:c9:
7f:9e:35:9c:2b:52:41:2b:88:aa:96:ae:3b:72:d0:
79:98:d4:33:d4:d7:60:50:dc:fa:6d:7f:29:51:89:
06:61:00:13:91:68:fd:28:75:3a:45:b4:dc:a7:02:
c8:55:f6:27:85:7f:ac:97:52:02:58:dd:ae:dd:ee:
2f:d9:58:2b:35:5a:5c:e1:8a:b9:1c:0c:11:26:86:
1d:75:47:df:5e:1e:83:fa:07:04:b0:8c:df:f1:f7:
41:2c:93:4e:db:4a:71:08:87:93:f4:86:b6:bb:d0:
da:65:d7:eb:5e:98:bd:83:66:ad:ac:cd:4c:7c:ff:
25:a5:1e:a1:ba:41:8a:0b:95:d9:e3:89:5a:24:82:
a3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:43:CA:54:34:8E:EB:6A:F8:84:B1:3D:E0:F3:75:CE:5D:DF:D5:88
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:a7:8d:67:27:c4:98:c1:44:16:95:27:9d:88:f4:0f:44:71:
20:57:c0:e8:00:88:d0:3e:0b:8d:30:07:5e:ac:ce:95:6e:24:
4d:b6:5c:f7:d5:72:0d:12:c9:5c:3b:b2:ec:a9:f0:37:fd:e5:
f4:cc:d5:67:ef:88:0d:b7:15:44:ee:61:31:d2:d0:00:d2:15:
e0:53:0b:ce:c8:8d:51:b3:78:1d:02:86:0b:5e:a4:2f:2a:28:
82:19:6d:96:14:4d:f3:22:37:4c:17:99:11:02:08:7e:fc:90:
c0:61:4e:97:1d:c7:d6:4c:ea:1d:a2:cb:6e:b6:c2:4e:95:86:
4f:7c:40:f3:93:2f:44:e7:de:90:9c:d4:cb:25:ad:5e:82:ef:
1e:37:0d:6c:7c:f7:9c:d3:e4:71:1e:ad:51:8e:50:5b:bc:bf:
3c:41:eb:09:d3:ca:ea:c2:7f:ae:61:cb:f1:74:45:18:fe:82:
e0:26:72:56:07:2a:dd:b6:ed:0b:cb:95:4b:80:84:a7:26:0a:
41:1d:ca:8b:ff:4d:ac:58:76:4e:de:c1:59:e9:26:ad:f9:19:
bb:5c:22:b4:31:3d:26:7d:50:1c:43:a1:2b:e1:2c:7f:a7:2d:
f0:72:09:12:63:8b:b8:ec:29:ea:dc:33:8e:a0:53:f9:9b:ce:
8f:5a:bb:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZg+PSplA9LDzhQAQSBGD+CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjUwNzI0MjEwMDUyWhcNMjUwNzI1MjEwMDUyWjAzMTEwLwYDVQQD
EygzMzQzY2E1NDM0OGVlYjZhZjg4NGIxM2RlMGYzNzVjZTVkZGZkNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhvQNFR9kGOfIYPoj+rzR+VdWiBy
EK8YRgQ6SCJQm+z/+cyVxWFvRTHQKKR69f4TLaNfzdlp+sTvFtaxYj5GasbyKoCf
EFcpJLzZihr80An101FdiXFEWxZNxeOXt20EPuJ5kzLlkUmqWTJk6xynjmO3iYzP
uMl/njWcK1JBK4iqlq47ctB5mNQz1NdgUNz6bX8pUYkGYQATkWj9KHU6RbTcpwLI
VfYnhX+sl1ICWN2u3e4v2VgrNVpc4Yq5HAwRJoYddUffXh6D+gcEsIzf8fdBLJNO
20pxCIeT9Ia2u9DaZdfrXpi9g2atrM1MfP8lpR6hukGKC5XZ44laJIKjIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNDylQ0jutq+ISxPeDzdc5d39WIMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaeNZyfE
mMFEFpUnnYj0D0RxIFfA6ACI0D4LjTAHXqzOlW4kTbZc99VyDRLJXDuy7KnwN/3l
9MzVZ++IDbcVRO5hMdLQANIV4FMLzsiNUbN4HQKGC16kLyooghltlhRN8yI3TBeZ
EQIIfvyQwGFOlx3H1kzqHaLLbrbCTpWGT3xA85MvROfekJzUyyWtXoLvHjcNbHz3
nNPkcR6tUY5QW7y/PEHrCdPK6sJ/rmHL8XRFGP6C4CZyVgcq3bbtC8uVS4CEpyYK
QR3Ki/9NrFh2Tt7BWekmrfkZu1witDE9Jn1QHEOhK+Esf6ct8HIJEmOLuOwp6twz
jqBT+ZvOj1q7Pg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:15:58 2025 by rpki-client