Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: zYJFTeGb831MqNk1Vhu3kVGH89MFt7bmBZqSITCSSMA=
Subject key identifier: 71:7A:B6:EC:F6:63:09:B9:11:4F:43:88:88:6B:3D:3D:48:8D:67:4F
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0198428738111A4A5C020523EC97C50D170A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 05CA
Signing time: Fri 25 Jul 2025 17:00:14 +0000
Manifest this update: Fri 25 Jul 2025 17:00:14 +0000
Manifest next update: Sat 26 Jul 2025 17:00:14 +0000
Files and hashes: 1: DKCys4KRYdnrGXDLl1nVf9nVmRA.roa (hash: IaLK2xfRNIne0nZPaZ2/jfh45tolOprh7fcjo3irVI8=)
2: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: QH9Eulqd0LYFJgzI28eoQfipwx8iBtnrRXeQejahxko=)
3: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:42:87:38:11:1a:4a:5c:02:05:23:ec:97:c5:0d:17:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jul 25 17:00:14 2025 GMT
Not After : Jul 26 17:00:14 2025 GMT
Subject: CN=717ab6ecf66309b9114f4388886b3d3d488d674f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:ad:c2:bf:42:ec:fc:52:0a:c3:23:f4:10:
4c:ad:bb:d8:ab:b5:92:24:34:41:81:8e:fa:37:2e:
ed:72:d6:91:ef:8d:25:ef:4a:46:ee:32:3f:15:ab:
ce:37:62:a9:47:18:5c:22:d2:e7:b5:76:42:13:e5:
7f:94:26:ae:6f:b6:f9:29:d5:a2:5b:58:b0:34:51:
64:44:f9:95:fa:0d:7c:53:c0:aa:2e:dd:7f:e5:7b:
6c:a7:8b:51:b4:4d:61:51:cc:5f:6c:6f:f7:08:86:
0f:67:9e:ed:cc:41:e1:72:25:39:8f:2a:28:57:55:
9b:4b:18:bb:62:a2:c5:dc:f9:b2:62:c7:e9:8c:63:
12:9d:bf:0d:c0:d5:23:dc:28:c9:cb:25:11:b8:d8:
c7:3f:7b:a0:71:05:56:56:73:ff:c8:1a:6b:b0:50:
79:9f:98:76:4a:30:03:ef:d9:1b:14:0d:f3:a5:41:
7e:1e:89:d1:7a:e0:78:38:c0:18:ad:58:96:af:3a:
fe:c2:ae:05:bd:89:40:54:a1:4f:24:e9:a9:67:2c:
ca:79:98:8a:9f:c3:24:76:14:59:cc:a7:05:21:54:
59:d9:d3:f5:27:76:fe:07:f4:ab:04:75:1f:72:50:
f3:0d:9a:b6:6d:90:99:68:0a:9b:0a:9b:7c:c2:f1:
39:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:B6:EC:F6:63:09:B9:11:4F:43:88:88:6B:3D:3D:48:8D:67:4F
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:38:5d:0c:4a:48:c4:4a:b9:9b:57:c3:2b:3c:5e:bc:b3:8b:
16:c0:04:a0:12:60:fb:95:a5:5f:a1:34:a3:e0:7b:6e:c5:e1:
01:61:55:08:88:0e:1f:04:5e:46:57:b5:d2:65:cb:b9:f6:e2:
fb:e3:31:fb:fd:73:8f:f7:07:ba:f8:e8:c6:be:57:56:35:70:
35:23:5e:4b:95:e4:f5:6c:f3:f8:eb:4e:17:2c:c2:59:1c:cb:
ce:8b:e2:06:98:99:c9:ad:46:22:8c:d1:ec:af:67:9c:fd:95:
01:2c:02:26:f5:e4:70:a2:9a:a7:be:56:fa:ca:7e:cb:f3:ff:
d7:f9:7a:1d:82:60:7c:94:dc:20:27:c3:4c:f9:91:e9:27:80:
4f:09:0c:de:4f:05:bc:76:f5:20:c3:a8:bd:e4:5b:db:3f:36:
57:e0:87:ba:e2:04:bc:3e:e2:a5:7d:3d:f8:22:5d:e8:ed:3d:
d7:b6:6f:4b:c2:b2:f2:cc:ab:8a:78:0a:df:e9:3a:08:b3:a0:
c1:3a:dd:ae:90:5c:83:00:41:66:cc:9a:cd:7c:51:af:60:89:
7a:fe:49:54:b7:f1:c5:da:14:d2:73:a5:83:dd:bb:05:9f:bb:
0f:d2:8f:cb:5c:79:f5:24:e5:8e:2f:94:8b:9a:97:a0:4e:bc:
b0:d0:c2:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhChzgRGkpcAgUj7JfFDRcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwNzI1MTcwMDE0WhcNMjUwNzI2MTcwMDE0WjAzMTEwLwYDVQQD
Eyg3MTdhYjZlY2Y2NjMwOWI5MTE0ZjQzODg4ODZiM2QzZDQ4OGQ2NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbqtwr9C7PxSCsMj9BBMrbvYq7WS
JDRBgY76Ny7tctaR740l70pG7jI/FavON2KpRxhcItLntXZCE+V/lCaub7b5KdWi
W1iwNFFkRPmV+g18U8CqLt1/5Xtsp4tRtE1hUcxfbG/3CIYPZ57tzEHhciU5jyoo
V1WbSxi7YqLF3PmyYsfpjGMSnb8NwNUj3CjJyyURuNjHP3ugcQVWVnP/yBprsFB5
n5h2SjAD79kbFA3zpUF+HonReuB4OMAYrViWrzr+wq4FvYlAVKFPJOmpZyzKeZiK
n8MkdhRZzKcFIVRZ2dP1J3b+B/SrBHUfclDzDZq2bZCZaAqbCpt8wvE5iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHF6tuz2Ywm5EU9DiIhrPT1IjWdPMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmThdDEpI
xEq5m1fDKzxevLOLFsAEoBJg+5WlX6E0o+B7bsXhAWFVCIgOHwReRle10mXLufbi
++Mx+/1zj/cHuvjoxr5XVjVwNSNeS5Xk9Wzz+OtOFyzCWRzLzoviBpiZya1GIozR
7K9nnP2VASwCJvXkcKKap75W+sp+y/P/1/l6HYJgfJTcICfDTPmR6SeATwkM3k8F
vHb1IMOoveRb2z82V+CHuuIEvD7ipX09+CJd6O0917ZvS8Ky8syringK3+k6CLOg
wTrdrpBcgwBBZsyazXxRr2CJev5JVLfxxdoU0nOlg927BZ+7D9KPy1x59STlji+U
i5qXoE68sNDCLA==
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:54:55 2025 by rpki-client