Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
File: hD0a_PE70hF9R99oPkCmMocATP4.mft (raw, json)
Hash identifier: BlMJ1ByDLbQQGDSRU/KViOWGsordQRd97sxs1dHOSVM=
Subject key identifier: D0:AC:43:83:2E:1F:DB:3E:5B:4D:46:E6:3A:AF:22:8D:02:51:9A:CB
Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe
Certificate serial: 01992F6C0E7466266C91B3FACC66D2C5CBAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
Manifest number: 1321
Signing time: Tue 09 Sep 2025 17:00:34 +0000
Manifest this update: Tue 09 Sep 2025 17:00:34 +0000
Manifest next update: Wed 10 Sep 2025 17:00:34 +0000
Files and hashes: 1: D3bRMlTDClBFr3S51rSxiY9VG9A.roa (hash: aR3n5btl/hz9D4qsdHX0kbRtCNTOPvoaLGVTTlP76Qo=)
2: ZxguzW17xFrUP53FIAJUfjkeqvQ.roa (hash: Sn/df7xibUqHylpF6Ngt+9h48Sxd84uF3fpZ9SuTgf8=)
3: hD0a_PE70hF9R99oPkCmMocATP4.crl (hash: HBCppRBfJnc9jobhMszMHbByPIdLpyhS6eb0GNDigu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:6c:0e:74:66:26:6c:91:b3:fa:cc:66:d2:c5:cb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe
Validity
Not Before: Sep 9 17:00:34 2025 GMT
Not After : Sep 10 17:00:34 2025 GMT
Subject: CN=d0ac43832e1fdb3e5b4d46e63aaf228d02519acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:90:2e:a6:9b:b3:4d:31:3c:f9:59:8d:28:98:
f6:58:5d:b2:1e:79:9e:c0:90:49:59:5f:62:d4:69:
1c:0a:b5:3b:37:41:f8:eb:10:b2:09:72:37:f6:73:
1a:1d:01:05:2d:65:23:71:21:53:d5:53:c4:39:d7:
74:84:ae:32:c9:39:41:ac:7f:aa:3e:d3:06:3a:c1:
c1:e7:74:e3:09:2b:f1:9f:8f:de:b3:44:d7:a3:40:
df:cc:9a:14:2b:6e:40:b6:5c:1e:0d:f4:e0:ed:63:
00:df:91:6b:5c:3c:a8:81:86:fa:3b:92:aa:3a:cf:
12:08:2a:6b:d0:f7:c0:7a:a1:bc:50:91:9c:49:26:
d8:1c:f3:e8:ac:28:38:19:3f:df:fd:20:ef:ce:26:
3c:9a:79:c1:05:2d:fe:85:8d:5d:b0:62:ff:f2:82:
71:80:f5:66:b5:84:e0:67:91:95:f8:99:24:8d:8b:
9f:57:78:df:83:b6:6e:f3:5a:7f:36:18:b1:ee:af:
52:c1:fa:dc:53:09:64:60:3f:15:d7:bc:66:46:57:
45:d8:5b:c4:7c:7f:00:7d:cb:f1:e1:46:c4:12:ba:
7d:7d:05:7b:5a:d1:07:03:74:02:02:88:e8:69:cc:
8b:96:fb:bd:d4:d4:48:c9:89:dc:57:41:4e:66:d2:
99:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AC:43:83:2E:1F:DB:3E:5B:4D:46:E6:3A:AF:22:8D:02:51:9A:CB
X509v3 Authority Key Identifier:
keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:83:9f:6d:c8:95:42:2d:8e:4e:b4:69:d4:02:04:a2:34:bc:
a2:51:12:cc:5c:ac:75:43:d5:a0:61:62:27:27:e2:2b:f3:81:
dc:b1:ea:80:d0:38:f8:8e:49:e3:0d:db:00:af:4d:8b:c7:96:
4b:c0:68:c0:c1:b8:d8:c9:83:67:38:d6:bc:40:49:ac:17:31:
c6:f5:6f:04:17:08:6e:98:bd:4d:12:a9:77:71:db:61:d1:44:
71:d9:31:cc:28:98:20:1a:14:61:01:3e:5e:e8:c1:ad:90:01:
d9:01:91:81:28:8b:d7:db:08:0b:82:ef:20:d9:a0:d9:d6:80:
7e:66:fd:5b:a6:11:f0:b9:5b:e3:c0:71:86:c4:63:60:52:79:
94:2e:05:63:07:20:82:f8:e0:23:79:bd:41:d3:94:dd:31:4f:
87:c0:52:a2:c2:b0:23:cb:02:29:fe:ad:aa:dd:07:69:65:3e:
f2:b6:8e:b1:4c:95:38:e1:6c:38:5a:fc:eb:b5:f6:6a:72:ba:
04:ec:b3:ab:37:dd:7a:9a:a6:09:6b:7a:68:28:dd:ed:35:d6:
3b:9d:fc:7c:3b:73:a8:b4:71:ec:ba:7c:c3:61:1b:41:3c:8f:
b2:32:1d:b5:65:11:9d:3a:d4:56:57:7a:2b:11:9c:00:e3:26:
05:6b:32:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkvbA50ZiZskbP6zGbSxcutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw
MDRjZmUwHhcNMjUwOTA5MTcwMDM0WhcNMjUwOTEwMTcwMDM0WjAzMTEwLwYDVQQD
EyhkMGFjNDM4MzJlMWZkYjNlNWI0ZDQ2ZTYzYWFmMjI4ZDAyNTE5YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45AuppuzTTE8+VmNKJj2WF2yHnme
wJBJWV9i1GkcCrU7N0H46xCyCXI39nMaHQEFLWUjcSFT1VPEOdd0hK4yyTlBrH+q
PtMGOsHB53TjCSvxn4/es0TXo0DfzJoUK25AtlweDfTg7WMA35FrXDyogYb6O5Kq
Os8SCCpr0PfAeqG8UJGcSSbYHPPorCg4GT/f/SDvziY8mnnBBS3+hY1dsGL/8oJx
gPVmtYTgZ5GV+JkkjYufV3jfg7Zu81p/Nhix7q9SwfrcUwlkYD8V17xmRldF2FvE
fH8Afcvx4UbEErp9fQV7WtEHA3QCAojoacyLlvu91NRIyYncV0FOZtKZpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCsQ4MuH9s+W01G5jqvIo0CUZrLMB8GA1UdIwQY
MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt
YjFmM2JjYzY3YWFlLzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl
LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYOfbciV
Qi2OTrRp1AIEojS8olESzFysdUPVoGFiJyfiK/OB3LHqgNA4+I5J4w3bAK9Ni8eW
S8BowMG42MmDZzjWvEBJrBcxxvVvBBcIbpi9TRKpd3HbYdFEcdkxzCiYIBoUYQE+
XujBrZAB2QGRgSiL19sIC4LvINmg2daAfmb9W6YR8Llb48BxhsRjYFJ5lC4FYwcg
gvjgI3m9QdOU3TFPh8BSosKwI8sCKf6tqt0HaWU+8raOsUyVOOFsOFr867X2anK6
BOyzqzfdepqmCWt6aCjd7TXWO538fDtzqLRx7Lp8w2EbQTyPsjIdtWURnTrUVld6
KxGcAOMmBWsyXw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:10:01 2025 by rpki-client