Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: azruIaHCi/C0vSi+E+D664URMMF8KY1WV/DCMe6KO90=
Subject key identifier: D3:14:D3:50:94:D1:FA:0B:3C:4F:54:80:2E:B3:FA:95:AA:7C:EA:30
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 0198529F614001A456B7925E8B494D461FC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 160A
Signing time: Mon 28 Jul 2025 20:00:33 +0000
Manifest this update: Mon 28 Jul 2025 20:00:33 +0000
Manifest next update: Tue 29 Jul 2025 20:00:33 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: DKC+iZgB/e2x2r/+DmtY9xeu+3gNd7vt33kHJdEjo9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 20:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:52:9f:61:40:01:a4:56:b7:92:5e:8b:49:4d:46:1f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Jul 28 20:00:33 2025 GMT
Not After : Jul 29 20:00:33 2025 GMT
Subject: CN=d314d35094d1fa0b3c4f54802eb3fa95aa7cea30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a9:de:87:00:9e:88:cd:3f:3d:a5:bb:1e:37:
65:a5:1e:aa:bf:1e:1f:53:80:51:11:1c:11:c8:5e:
ef:7f:c0:1a:56:f9:e3:33:cf:13:55:9b:f3:5f:86:
11:39:15:30:41:6e:da:60:6e:38:17:f1:ad:fb:39:
b0:cb:d7:af:48:1a:7e:31:a3:1e:ac:71:a3:60:f9:
88:2b:16:f5:22:dc:7e:7a:7a:b5:fd:36:a1:de:77:
35:61:37:4b:a3:45:8b:fe:2c:93:13:88:55:9d:77:
1f:9b:4b:f2:5e:28:77:fc:7a:dd:4e:39:ab:29:b5:
69:84:30:72:2a:bb:90:d7:91:d8:14:2f:7d:90:ec:
42:d2:5b:e5:a2:24:15:a3:e0:4c:93:ed:76:b6:b8:
3f:b5:a2:b7:93:6f:9b:c5:04:ab:66:65:0c:2f:78:
99:9d:32:cd:94:fd:6a:95:eb:52:28:45:64:5f:d9:
42:14:26:a8:78:fb:9b:57:b0:d9:13:d5:84:df:f2:
f2:72:d4:25:12:6d:87:65:c9:39:0b:38:08:82:ed:
03:34:eb:68:9a:08:20:b1:08:89:f2:a8:06:f9:19:
a4:fa:f0:85:b7:37:56:5c:fd:66:fe:72:5e:2d:b2:
11:5c:e6:91:19:92:46:fa:c9:a5:50:20:27:69:41:
82:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:14:D3:50:94:D1:FA:0B:3C:4F:54:80:2E:B3:FA:95:AA:7C:EA:30
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:56:48:af:c0:e6:7d:80:5d:34:6c:da:d6:2d:52:38:95:18:
65:45:96:8b:79:28:33:21:e1:fd:69:c2:37:48:89:d3:a3:6c:
ca:e6:07:be:21:51:73:93:67:5f:99:63:bc:74:bd:99:55:3f:
dc:e7:1c:3e:0a:0c:2c:c5:66:ee:6d:02:6c:c9:69:73:40:fa:
61:21:c4:24:20:d4:2d:4a:09:fd:50:d1:3c:19:9d:24:02:6a:
8e:e6:cb:1a:45:a5:af:14:48:18:27:1f:25:43:c4:00:34:07:
0b:88:c0:04:60:4b:e1:e6:15:93:73:2e:da:f9:77:7a:79:8f:
62:fa:4d:f8:d6:42:08:07:7a:0d:1a:6b:da:1d:a5:f8:b8:e6:
11:56:db:ce:78:d5:aa:16:dd:8d:d3:ac:f4:92:a4:9b:3f:7a:
df:62:3a:d2:32:7e:31:f5:52:23:e5:e0:1a:10:ef:c0:64:c2:
2b:32:75:9b:a3:54:f7:3a:46:47:77:ea:37:a2:e0:69:4d:bd:
a6:ca:6b:f3:a7:33:d6:47:2d:bc:d6:97:cb:fb:c1:05:9c:44:
b0:3a:50:2b:55:82:fc:b8:ed:50:72:07:5d:45:82:d0:6e:ef:
83:2f:50:59:3d:d0:21:be:b7:1b:10:01:21:e8:3c:6e:58:0e:
1c:59:bc:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSn2FAAaRWt5Jei0lNRh/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwNzI4MjAwMDMzWhcNMjUwNzI5MjAwMDMzWjAzMTEwLwYDVQQD
EyhkMzE0ZDM1MDk0ZDFmYTBiM2M0ZjU0ODAyZWIzZmE5NWFhN2NlYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6nehwCeiM0/PaW7HjdlpR6qvx4f
U4BRERwRyF7vf8AaVvnjM88TVZvzX4YRORUwQW7aYG44F/Gt+zmwy9evSBp+MaMe
rHGjYPmIKxb1Itx+enq1/Tah3nc1YTdLo0WL/iyTE4hVnXcfm0vyXih3/HrdTjmr
KbVphDByKruQ15HYFC99kOxC0lvloiQVo+BMk+12trg/taK3k2+bxQSrZmUML3iZ
nTLNlP1qletSKEVkX9lCFCaoePubV7DZE9WE3/LyctQlEm2HZck5CzgIgu0DNOto
mgggsQiJ8qgG+Rmk+vCFtzdWXP1m/nJeLbIRXOaRGZJG+smlUCAnaUGCaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMU01CU0foLPE9UgC6z+pWqfOowMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlVZIr8Dm
fYBdNGza1i1SOJUYZUWWi3koMyHh/WnCN0iJ06NsyuYHviFRc5NnX5ljvHS9mVU/
3OccPgoMLMVm7m0CbMlpc0D6YSHEJCDULUoJ/VDRPBmdJAJqjubLGkWlrxRIGCcf
JUPEADQHC4jABGBL4eYVk3Mu2vl3enmPYvpN+NZCCAd6DRpr2h2l+LjmEVbbznjV
qhbdjdOs9JKkmz9632I60jJ+MfVSI+XgGhDvwGTCKzJ1m6NU9zpGR3fqN6LgaU29
pspr86cz1kctvNaXy/vBBZxEsDpQK1WC/LjtUHIHXUWC0G7vgy9QWT3QIb63GxAB
Ieg8blgOHFm8dg==
-----END CERTIFICATE-----
Generated at Tue Jul 29 03:24:03 2025 by rpki-client