Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
File: hEoXkcsH8dhhI8Y9w63P11TbEBs.mft (raw, json)
Hash identifier: t3Vg2KmNI/fpExljFbo9L7bStxVboa9pG7KhW3++KTo=
Subject key identifier: A7:18:3F:B1:26:28:98:F8:6E:D7:B6:5D:56:12:5B:9C:F5:74:62:71
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 0199221F4780F7272C00BB705AB5D4F0B2ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
Manifest number: 0A82
Signing time: Sun 07 Sep 2025 03:01:39 +0000
Manifest this update: Sun 07 Sep 2025 03:01:39 +0000
Manifest next update: Mon 08 Sep 2025 03:01:39 +0000
Files and hashes: 1: Ihp0VP8oRNeTGrBSGwpts6D1JhE.roa (hash: Qldf3LszJ2g2XwaE6LEoxPc+aR59tijRa50IN/mT6PY=)
2: gi2zaUr2ngLXfM8NV7jNPdt_PFI.roa (hash: pPPLz9b8ntu+6vKYV+GHcDLfS03p/6Pt+aGjIk5ADdw=)
3: hEoXkcsH8dhhI8Y9w63P11TbEBs.crl (hash: 5inL2gt6HBe9cJ5ma4hB4jKd6hAxDkARXvJ1R/lvBJU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1f:47:80:f7:27:2c:00:bb:70:5a:b5:d4:f0:b2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Sep 7 03:01:39 2025 GMT
Not After : Sep 8 03:01:39 2025 GMT
Subject: CN=a7183fb1262898f86ed7b65d56125b9cf5746271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:86:e2:8d:51:46:d8:2c:e0:b8:11:85:57:
33:7c:6a:9d:9e:85:42:17:47:f6:06:5a:75:86:7e:
32:62:7e:60:74:d9:2b:65:d2:3f:d6:cb:fb:94:ca:
8f:5e:91:a9:84:4b:d8:4c:df:39:64:fb:e8:74:5b:
1e:9e:cd:fd:89:6d:c2:46:cc:f8:a2:9b:e6:ed:01:
d8:fa:54:ce:95:b8:58:b6:a7:13:f5:f7:d5:25:cb:
c1:3c:ac:6f:a1:a7:cd:1b:41:12:db:1e:64:bc:fd:
e2:d8:b5:39:9d:eb:ac:52:fe:6a:99:17:96:36:a7:
22:b0:b5:3e:95:c9:e5:e1:5e:be:fd:bb:79:e1:73:
74:dd:ad:a4:45:9a:ba:41:9c:f2:e3:60:48:08:b1:
64:13:11:59:d5:e7:54:da:9a:4e:2b:55:66:43:ec:
96:e5:3c:fa:47:13:2e:30:84:e1:d2:24:38:4b:22:
12:62:26:63:7e:4c:f8:69:97:7a:42:6a:b5:4b:00:
ca:a4:b7:70:f1:05:5a:69:8f:48:12:52:e3:fd:23:
33:af:dc:fa:94:0d:43:a5:2c:a0:eb:72:32:1a:2c:
c7:1b:11:f4:84:e9:79:36:76:24:29:cd:be:ab:e7:
0f:16:22:a9:30:88:16:46:a3:aa:19:bf:65:d3:2c:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:18:3F:B1:26:28:98:F8:6E:D7:B6:5D:56:12:5B:9C:F5:74:62:71
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:d9:20:22:d5:64:8c:9d:4f:34:9b:fa:62:b7:a9:99:d4:7f:
f1:7d:a8:a2:c7:29:7b:ae:b0:8c:08:01:d6:56:5b:c3:b6:09:
17:43:a5:d8:84:89:ca:fa:d9:a7:86:0f:14:d5:bc:12:42:72:
6b:e4:b5:43:de:a5:eb:8d:20:d5:ba:83:fb:6f:82:e2:b6:14:
a7:3f:d4:82:58:ce:32:72:2a:40:4d:3f:a6:82:0c:60:10:7e:
ea:bd:6c:5f:33:02:66:e2:68:9e:32:b2:d8:97:23:89:fc:ce:
f1:ea:f0:66:7e:e9:05:98:6c:27:dd:67:6f:87:40:21:09:5b:
e3:73:20:03:ad:21:e6:0a:1c:84:70:e8:c0:be:95:ab:de:b9:
d3:76:e1:e4:7d:17:ed:16:cb:68:1a:4e:6d:11:6f:09:14:f5:
db:1b:7f:73:d1:7b:1a:39:43:ca:e2:76:d5:f1:d7:15:ff:97:
77:30:29:e9:02:ec:8d:8f:55:ce:92:9f:da:03:bb:25:24:ec:
9f:16:fc:17:1a:56:e0:44:df:5d:f7:da:9f:53:03:17:70:56:
94:9c:a3:42:f9:85:76:76:66:6b:5f:0f:48:88:09:df:68:b5:
0a:ce:4e:a4:7a:18:84:62:0d:82:86:1d:27:b4:ba:7d:99:f2:
1a:22:45:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiH0eA9ycsALtwWrXU8LLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjUwOTA3MDMwMTM5WhcNMjUwOTA4MDMwMTM5WjAzMTEwLwYDVQQD
EyhhNzE4M2ZiMTI2Mjg5OGY4NmVkN2I2NWQ1NjEyNWI5Y2Y1NzQ2MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8+G4o1RRtgs4LgRhVczfGqdnoVC
F0f2Blp1hn4yYn5gdNkrZdI/1sv7lMqPXpGphEvYTN85ZPvodFsens39iW3CRsz4
opvm7QHY+lTOlbhYtqcT9ffVJcvBPKxvoafNG0ES2x5kvP3i2LU5neusUv5qmReW
NqcisLU+lcnl4V6+/bt54XN03a2kRZq6QZzy42BICLFkExFZ1edU2ppOK1VmQ+yW
5Tz6RxMuMITh0iQ4SyISYiZjfkz4aZd6Qmq1SwDKpLdw8QVaaY9IElLj/SMzr9z6
lA1DpSyg63IyGizHGxH0hOl5NnYkKc2+q+cPFiKpMIgWRqOqGb9l0yzKIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKcYP7EmKJj4bte2XVYSW5z1dGJxMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddkgItVk
jJ1PNJv6YrepmdR/8X2ooscpe66wjAgB1lZbw7YJF0Ol2ISJyvrZp4YPFNW8EkJy
a+S1Q96l640g1bqD+2+C4rYUpz/UgljOMnIqQE0/poIMYBB+6r1sXzMCZuJonjKy
2JcjifzO8erwZn7pBZhsJ91nb4dAIQlb43MgA60h5gochHDowL6Vq96503bh5H0X
7RbLaBpObRFvCRT12xt/c9F7GjlDyuJ21fHXFf+XdzAp6QLsjY9VzpKf2gO7JSTs
nxb8FxpW4ETfXffan1MDF3BWlJyjQvmFdnZma18PSIgJ32i1Cs5OpHoYhGINgoYd
J7S6fZnyGiJF/Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:31:23 2025 by rpki-client