Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
File: hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json)
Hash identifier: 9NQmZUiCqI1NUChE0cwr8lVREo/Tq/NwBsEsi25XZZI=
Subject key identifier: 12:5F:5D:80:F7:79:65:AB:31:08:31:8D:25:1B:E5:D9:AF:D6:B6:B8
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Certificate issuer: /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial: 01974CD69040B8C40B090AD7A5E86237A0A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
Manifest number: 157D
Signing time: Sun 08 Jun 2025 00:00:19 +0000
Manifest this update: Sun 08 Jun 2025 00:00:19 +0000
Manifest next update: Mon 09 Jun 2025 00:00:19 +0000
Files and hashes: 1: 6b_z1nYhros0lFsJJ-v5kZEUQbE.roa (hash: lcqP5Znx2EuUXx9SjdDPzhxT49PtsEmnOX0/yWwCL10=)
2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: XuOPxgPKk9RvT3VcLnutBAa3AlJYVVzQqcM8yXc6ZQk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 00:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4c:d6:90:40:b8:c4:0b:09:0a:d7:a5:e8:62:37:a0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Validity
Not Before: Jun 8 00:00:19 2025 GMT
Not After : Jun 9 00:00:19 2025 GMT
Subject: CN=125f5d80f77965ab3108318d251be5d9afd6b6b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9b:4a:ee:98:7f:ec:10:3f:02:c0:15:70:d7:
8a:d5:fa:59:11:47:d5:20:12:e9:75:bc:05:41:61:
2d:bf:a7:27:15:1c:78:53:5d:28:af:31:67:ed:84:
49:83:b7:d6:68:39:6a:92:12:0b:e0:40:94:66:12:
c1:2e:ed:e2:94:3c:7d:93:10:79:f2:f3:21:cc:7e:
0f:d2:c5:a6:d5:6b:a7:90:31:90:e3:52:b0:da:b0:
0a:c0:7c:86:38:37:fd:0a:d2:3e:9d:51:e7:0f:4c:
61:6c:85:b8:27:c1:94:ce:ec:53:7d:40:ed:97:b2:
7e:54:1d:73:cf:29:37:ec:4f:1e:da:77:d5:4a:46:
9c:51:60:d0:d3:06:38:18:52:db:ed:4b:62:2d:f2:
65:6e:08:91:5e:39:75:70:78:ac:9d:64:94:76:d1:
1e:b8:a3:46:f0:22:4c:6c:4f:6a:3b:5d:89:18:c0:
d5:34:64:3f:09:39:63:d7:a5:b4:11:7a:77:21:c8:
bb:fb:ba:fe:ee:2c:8a:74:b4:18:37:3c:0e:37:2f:
2c:e8:bf:3f:8e:14:33:37:c6:78:23:6c:58:b6:0c:
1d:ac:69:1a:76:2f:75:1c:d7:04:be:c3:78:0f:a7:
e0:ef:91:ba:67:a7:0a:b3:7a:2a:27:ba:56:75:02:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5F:5D:80:F7:79:65:AB:31:08:31:8D:25:1B:E5:D9:AF:D6:B6:B8
X509v3 Authority Key Identifier:
keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:36:37:02:2a:1f:b5:14:d4:bf:e7:a5:a5:a7:49:e2:cc:06:
eb:15:47:3a:54:45:a6:8d:44:7a:02:08:d5:1b:1f:74:15:6c:
58:b8:1c:4d:66:7d:f3:a4:36:7b:62:c4:2c:55:d4:82:78:0f:
c5:5a:81:cc:4e:d5:41:af:ff:18:c5:bb:0f:54:e4:48:ff:e1:
dc:3b:75:91:ab:18:ce:d8:b7:d8:28:4c:15:0f:7f:33:10:b9:
3d:36:72:47:b0:52:49:4a:f3:d1:67:5e:e1:3b:5b:92:de:b4:
b8:71:73:d3:19:b6:fd:9d:49:a4:9a:ee:86:f2:bb:2c:0c:e1:
2e:a8:6f:6e:f0:a6:6a:33:36:aa:6a:14:6b:37:65:f2:5f:8f:
44:56:27:c5:4c:67:80:81:3f:0c:2c:6d:8d:3c:10:49:02:3d:
85:26:01:48:a0:82:e7:f7:21:76:4a:f9:6c:40:05:14:9a:99:
4b:d9:a6:e7:28:8f:8a:85:30:be:e1:c9:fb:30:d5:4f:9c:d8:
05:b4:dc:cb:ca:38:cb:b1:4d:86:11:9c:4e:13:f1:15:6c:89:
40:df:b5:f6:93:71:1c:0b:9a:23:54:37:e9:e8:c1:fe:35:47:
16:34:f6:bb:49:08:30:10:9d:89:2a:38:7f:bd:a2:53:f8:3a:
31:92:5c:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1pBAuMQLCQrXpehiN6CoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjUwNjA4MDAwMDE5WhcNMjUwNjA5MDAwMDE5WjAzMTEwLwYDVQQD
EygxMjVmNWQ4MGY3Nzk2NWFiMzEwODMxOGQyNTFiZTVkOWFmZDZiNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZtK7ph/7BA/AsAVcNeK1fpZEUfV
IBLpdbwFQWEtv6cnFRx4U10orzFn7YRJg7fWaDlqkhIL4ECUZhLBLu3ilDx9kxB5
8vMhzH4P0sWm1WunkDGQ41Kw2rAKwHyGODf9CtI+nVHnD0xhbIW4J8GUzuxTfUDt
l7J+VB1zzyk37E8e2nfVSkacUWDQ0wY4GFLb7UtiLfJlbgiRXjl1cHisnWSUdtEe
uKNG8CJMbE9qO12JGMDVNGQ/CTlj16W0EXp3Ici7+7r+7iyKdLQYNzwONy8s6L8/
jhQzN8Z4I2xYtgwdrGkadi91HNcEvsN4D6fg75G6Z6cKs3oqJ7pWdQLlAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJfXYD3eWWrMQgxjSUb5dmv1ra4MB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZzY3Aiof
tRTUv+elpadJ4swG6xVHOlRFpo1EegII1RsfdBVsWLgcTWZ986Q2e2LELFXUgngP
xVqBzE7VQa//GMW7D1TkSP/h3Dt1kasYzti32ChMFQ9/MxC5PTZyR7BSSUrz0Wde
4Ttbkt60uHFz0xm2/Z1JpJruhvK7LAzhLqhvbvCmajM2qmoUazdl8l+PRFYnxUxn
gIE/DCxtjTwQSQI9hSYBSKCC5/chdkr5bEAFFJqZS9mm5yiPioUwvuHJ+zDVT5zY
BbTcy8o4y7FNhhGcThPxFWyJQN+19pNxHAuaI1Q36ejB/jVHFjT2u0kIMBCdiSo4
f72iU/g6MZJclQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:33:36 2025 by rpki-client