Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json)
Hash identifier: glVkrC7VVjoqOMNBsKXx8R4qrWuU9HlGybg7cjC+xgs=
Subject key identifier: 1C:D7:9A:5A:E7:42:45:E9:AD:2E:2B:C1:85:34:CF:DC:53:55:08:74
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 019938DE350988B5100846810E12E3856031
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
Manifest number: 0F8B
Signing time: Thu 11 Sep 2025 13:01:50 +0000
Manifest this update: Thu 11 Sep 2025 13:01:50 +0000
Manifest next update: Fri 12 Sep 2025 13:01:50 +0000
Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=)
2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: 3cEosmRoPoDP9RCkPR8O0sBVWwV9YhJnolghCEpLcQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 13:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:de:35:09:88:b5:10:08:46:81:0e:12:e3:85:60:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Sep 11 13:01:50 2025 GMT
Not After : Sep 12 13:01:50 2025 GMT
Subject: CN=1cd79a5ae74245e9ad2e2bc18534cfdc53550874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:ac:5d:1e:1a:17:a1:14:ef:a4:d5:c6:9c:
de:ed:a5:b4:6d:f7:60:fa:6d:6d:2e:86:ae:49:12:
60:40:41:df:20:96:f4:95:a2:33:2d:a8:b8:3c:a4:
15:d8:66:ed:2c:bf:4f:1a:2a:2e:2a:6c:11:df:51:
93:f4:71:9a:fc:29:2e:01:7a:11:43:39:57:97:9a:
1c:9e:1a:38:e7:74:68:09:c2:e4:64:e9:72:a4:77:
82:9e:dc:13:14:64:c2:70:8d:59:83:ad:38:de:c4:
95:c6:72:fc:83:f4:f8:58:2e:1f:dc:4a:43:c5:93:
bf:46:76:db:c3:b1:7c:7e:b3:8c:35:b2:1c:bf:7c:
51:f2:09:82:ef:c0:25:a0:dc:16:15:ab:57:bc:1e:
ae:3c:d8:e6:c7:d8:52:f1:18:63:da:a2:b9:e1:08:
0b:b8:3b:ea:88:5e:c6:b5:31:13:0c:9c:61:80:9e:
71:70:36:1f:92:72:13:aa:6a:4e:73:cb:98:8d:58:
d4:eb:2f:a3:11:eb:81:fc:37:35:99:da:e7:d4:6a:
69:42:26:84:36:7e:9e:f9:78:14:0f:4c:a4:41:24:
b2:db:5d:64:d2:da:73:74:99:c3:d0:4e:bc:1e:ef:
5f:04:bf:f9:65:5f:1a:7e:15:e6:b9:d0:6f:5c:93:
92:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D7:9A:5A:E7:42:45:E9:AD:2E:2B:C1:85:34:CF:DC:53:55:08:74
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:1e:fa:88:8a:37:7a:09:19:60:7a:29:bc:51:64:f0:a3:73:
da:99:bf:77:3d:4a:b6:74:63:74:48:8d:56:0f:d7:d3:9a:a8:
cc:b1:e2:d9:f3:40:1d:67:6f:9a:3c:2d:97:7d:30:7e:94:93:
2a:ad:9d:25:d4:ba:ff:d5:6c:87:e0:44:ae:b2:14:1b:73:5e:
f5:94:0d:2e:7f:1f:14:79:55:f8:12:85:a5:63:c8:37:c3:cc:
c2:90:c8:52:7e:b2:90:39:fb:f0:98:54:f1:2e:7d:93:6d:3d:
d3:6b:19:34:4d:cf:58:7a:7f:46:df:17:06:25:ad:c3:48:12:
e3:a6:49:a6:b7:d7:a4:3d:49:f9:5d:6b:69:19:00:c2:02:e8:
7d:bc:f7:04:0d:21:7a:3f:22:42:e2:0c:67:4e:d2:38:2d:9e:
b0:f8:f2:20:28:e4:03:9a:3a:95:7f:ee:aa:4b:2e:04:31:5e:
72:57:fc:d2:33:27:c6:35:a4:ef:47:7a:45:a0:ab:6a:09:56:
2f:85:c7:7c:30:da:40:45:e7:88:42:ba:58:dd:72:3c:64:d9:
b7:7e:4d:bb:a9:e1:00:82:c6:a7:35:50:1a:e1:27:f2:e2:30:
34:4a:66:39:c2:ae:80:32:2d:ab:ea:56:6c:49:f7:33:eb:7e:
00:2e:c5:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk43jUJiLUQCEaBDhLjhWAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjUwOTExMTMwMTUwWhcNMjUwOTEyMTMwMTUwWjAzMTEwLwYDVQQD
EygxY2Q3OWE1YWU3NDI0NWU5YWQyZTJiYzE4NTM0Y2ZkYzUzNTUwODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmKsXR4aF6EU76TVxpze7aW0bfdg
+m1tLoauSRJgQEHfIJb0laIzLai4PKQV2GbtLL9PGiouKmwR31GT9HGa/CkuAXoR
QzlXl5ocnho453RoCcLkZOlypHeCntwTFGTCcI1Zg6043sSVxnL8g/T4WC4f3EpD
xZO/Rnbbw7F8frOMNbIcv3xR8gmC78AloNwWFatXvB6uPNjmx9hS8Rhj2qK54QgL
uDvqiF7GtTETDJxhgJ5xcDYfknITqmpOc8uYjVjU6y+jEeuB/Dc1mdrn1GppQiaE
Nn6e+XgUD0ykQSSy211k0tpzdJnD0E68Hu9fBL/5ZV8afhXmudBvXJOSqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzXmlrnQkXprS4rwYU0z9xTVQh0MB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiR76iIo3
egkZYHopvFFk8KNz2pm/dz1KtnRjdEiNVg/X05qozLHi2fNAHWdvmjwtl30wfpST
Kq2dJdS6/9Vsh+BErrIUG3Ne9ZQNLn8fFHlV+BKFpWPIN8PMwpDIUn6ykDn78JhU
8S59k20902sZNE3PWHp/Rt8XBiWtw0gS46ZJprfXpD1J+V1raRkAwgLofbz3BA0h
ej8iQuIMZ07SOC2esPjyICjkA5o6lX/uqksuBDFeclf80jMnxjWk70d6RaCraglW
L4XHfDDaQEXniEK6WN1yPGTZt35Nu6nhAILGpzVQGuEn8uIwNEpmOcKugDItq+pW
bEn3M+t+AC7FLQ==
-----END CERTIFICATE-----
Generated at Thu Sep 11 16:26:11 2025 by rpki-client