
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: 5FToB1V7o5Mu7uUF3wBN0a+2c9Fy6Dh00+n56N4aXbw=
Subject key identifier: 10:34:5A:25:B0:45:B6:98:21:AE:E6:41:E9:72:30:DC:01:42:4F:80
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 0197654D22BA3F279CFB80E30F8787839231
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 108A
Signing time: Thu 12 Jun 2025 18:00:43 +0000
Manifest this update: Thu 12 Jun 2025 18:00:43 +0000
Manifest next update: Fri 13 Jun 2025 18:00:43 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: lrsMKsR6vU8mn/xfi6TpC3kljvYbAOZOEQocAPUspfA=)
2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:4d:22:ba:3f:27:9c:fb:80:e3:0f:87:87:83:92:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Jun 12 18:00:43 2025 GMT
Not After : Jun 13 18:00:43 2025 GMT
Subject: CN=10345a25b045b69821aee641e97230dc01424f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:77:87:12:32:a5:4e:4f:dc:f8:09:75:d0:
3f:ad:36:d2:86:77:74:bb:c5:dd:60:e4:97:1b:48:
26:7b:92:18:0f:7c:3d:c4:55:79:68:f7:f0:ad:b8:
f9:cd:6a:9f:d8:b8:4a:73:23:65:65:8c:64:08:20:
26:7a:ce:b0:04:a2:f6:42:47:b3:32:a0:ce:2b:9a:
67:df:81:a9:12:d3:37:53:f9:9f:1d:e2:bd:fe:ad:
fe:c5:95:c6:3a:09:0b:46:f1:8c:58:e9:1b:b8:44:
e1:d7:06:0c:71:17:f7:b5:69:5c:d4:76:b7:e3:08:
e7:64:1c:66:c6:4c:4d:0e:e2:36:38:33:5b:73:2b:
2a:f2:5c:e1:97:60:e8:1c:89:4c:5c:86:6b:b9:da:
12:1a:2a:2b:31:52:ba:62:d8:f6:19:e5:04:19:a4:
25:53:40:8e:d2:62:f3:f0:09:e0:1f:c7:d7:30:f2:
17:22:91:69:38:86:e6:7c:40:ac:7f:9c:aa:5f:e1:
85:6c:89:82:22:82:d0:4f:06:00:ee:9a:19:9a:e5:
f8:2b:8e:1c:5c:0e:36:f0:aa:96:8b:5a:e1:8c:30:
39:39:d8:bf:a6:9d:67:89:67:85:73:4c:0b:12:d8:
ca:5b:4f:38:0a:b5:6e:17:c2:9c:64:ba:40:27:8f:
d2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:34:5A:25:B0:45:B6:98:21:AE:E6:41:E9:72:30:DC:01:42:4F:80
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:78:31:83:5d:b4:0f:7c:43:3b:ae:81:55:91:38:bd:f8:e0:
54:75:88:1e:5a:d0:da:94:5a:85:08:f3:e2:7b:4c:3b:cd:2a:
3b:23:0b:69:ee:27:e9:3a:2f:78:f9:6d:13:a9:85:0c:7e:92:
b1:69:fa:95:a5:e7:6d:38:6b:0d:91:83:f6:00:27:a4:64:04:
2d:40:71:95:94:d2:94:08:43:bc:ef:9e:47:91:71:76:dc:61:
4a:90:d9:59:5f:d1:e5:58:14:b4:cd:20:11:05:6c:1a:e3:3e:
e7:62:7c:1c:53:9a:df:b9:44:c8:59:03:ac:4e:20:25:7b:32:
2b:3f:19:da:e7:ab:e6:45:52:91:fe:89:7f:17:2a:42:d0:53:
2b:b4:f3:b5:09:97:b3:ab:5f:26:bd:e3:bb:60:9d:c3:e9:3e:
eb:c8:b8:6b:83:46:02:b7:2d:50:45:a9:b5:62:a5:66:db:d1:
80:69:e8:d8:32:5f:c4:7b:7a:d7:8c:c9:f6:65:e6:fb:f6:94:
34:65:a3:22:17:e1:c8:15:7f:bd:dd:b7:5e:a2:c5:b6:45:80:
9d:1f:5c:90:4e:43:61:a5:67:fd:97:f8:b6:62:20:b7:84:b2:
0d:9d:4d:9c:a2:74:a4:e8:c8:31:c8:0f:1b:ac:83:4f:55:61:
77:10:48:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTSK6Pyec+4DjD4eHg5IxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUwNjEyMTgwMDQzWhcNMjUwNjEzMTgwMDQzWjAzMTEwLwYDVQQD
EygxMDM0NWEyNWIwNDViNjk4MjFhZWU2NDFlOTcyMzBkYzAxNDI0ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdp3hxIypU5P3PgJddA/rTbShnd0
u8XdYOSXG0gme5IYD3w9xFV5aPfwrbj5zWqf2LhKcyNlZYxkCCAmes6wBKL2Qkez
MqDOK5pn34GpEtM3U/mfHeK9/q3+xZXGOgkLRvGMWOkbuETh1wYMcRf3tWlc1Ha3
4wjnZBxmxkxNDuI2ODNbcysq8lzhl2DoHIlMXIZrudoSGiorMVK6Ytj2GeUEGaQl
U0CO0mLz8AngH8fXMPIXIpFpOIbmfECsf5yqX+GFbImCIoLQTwYA7poZmuX4K44c
XA428KqWi1rhjDA5Odi/pp1niWeFc0wLEtjKW084CrVuF8KcZLpAJ4/SJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBA0WiWwRbaYIa7mQelyMNwBQk+AMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoXgxg120
D3xDO66BVZE4vfjgVHWIHlrQ2pRahQjz4ntMO80qOyMLae4n6TovePltE6mFDH6S
sWn6laXnbThrDZGD9gAnpGQELUBxlZTSlAhDvO+eR5FxdtxhSpDZWV/R5VgUtM0g
EQVsGuM+52J8HFOa37lEyFkDrE4gJXsyKz8Z2uer5kVSkf6JfxcqQtBTK7TztQmX
s6tfJr3ju2Cdw+k+68i4a4NGArctUEWptWKlZtvRgGno2DJfxHt614zJ9mXm+/aU
NGWjIhfhyBV/vd23XqLFtkWAnR9ckE5DYaVn/Zf4tmIgt4SyDZ1NnKJ0pOjIMcgP
G6yDT1VhdxBIJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:05:56 2025 by rpki-client