Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: PrE+nhEASlwap5YFWlgzm66nQGSxbKDJ8JY53vQ3WBI=
Subject key identifier: 25:45:25:A5:B2:2B:D2:D0:AD:4D:09:75:96:E8:F2:2F:9D:6E:6B:CF
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 019750459A24E2C00F61D9D0F0BC28ADD0D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 0876
Signing time: Sun 08 Jun 2025 16:00:28 +0000
Manifest this update: Sun 08 Jun 2025 16:00:28 +0000
Manifest next update: Mon 09 Jun 2025 16:00:28 +0000
Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=)
2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: b2U7WQ0Rxe2nvb6jCr+gSHNt3ciCW+F6QSL2miAeR1g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:50:45:9a:24:e2:c0:0f:61:d9:d0:f0:bc:28:ad:d0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Jun 8 16:00:28 2025 GMT
Not After : Jun 9 16:00:28 2025 GMT
Subject: CN=254525a5b22bd2d0ad4d097596e8f22f9d6e6bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a7:f7:ce:9d:17:05:93:5a:3a:eb:7b:ec:fb:
bf:d2:f0:98:06:a1:f1:0f:47:e8:73:45:d0:11:08:
44:2e:7a:30:1f:19:9a:37:e3:07:f9:c7:e7:ea:e8:
ab:20:3a:ce:ca:12:2e:c3:b3:62:8f:3a:08:c5:cd:
b6:58:98:2b:d2:db:3b:aa:cd:d5:cb:0d:2e:64:cf:
56:ac:12:74:f6:b0:1c:ac:0e:9d:bd:72:2d:45:ed:
0c:0b:14:36:a2:c3:38:78:54:bc:60:94:36:39:29:
7e:3b:3e:b1:c7:ce:21:22:1b:d6:fe:17:9c:9d:6b:
f0:0b:23:a5:12:6c:06:5c:c2:9b:f9:4c:ab:d3:a3:
9b:d8:a2:8c:5f:53:eb:34:ec:5f:c6:9b:60:4e:fd:
0d:5f:bb:42:4d:08:b6:9e:c1:ba:80:78:da:9e:d6:
2f:51:92:58:b8:58:ac:ab:05:8c:63:fd:3f:29:b8:
da:ae:cd:ee:9f:72:81:6a:50:4e:e8:11:00:54:84:
b3:dc:66:00:c4:06:fb:13:6b:36:a9:6d:77:0b:f4:
57:1d:e0:bc:0c:35:eb:26:97:de:8a:ea:89:3e:28:
bb:74:72:56:c6:8f:d0:e6:63:87:a7:e9:44:7e:22:
08:99:2e:69:24:a2:2b:af:86:75:1c:e7:d0:e9:7d:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:45:25:A5:B2:2B:D2:D0:AD:4D:09:75:96:E8:F2:2F:9D:6E:6B:CF
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:b9:23:d6:50:12:70:50:ad:8b:f9:a8:f1:02:ab:09:77:c1:
34:82:46:c2:e1:fd:8e:c4:5f:84:8d:43:95:ce:51:8e:27:93:
27:bd:11:18:e6:39:39:8d:a9:47:23:81:76:3e:25:d9:a4:cb:
bd:4d:39:31:e8:c0:1b:cc:8c:6c:f9:22:2c:bf:ed:de:67:35:
ed:7c:a5:4b:e2:0e:4f:6e:94:3a:38:12:43:28:b8:80:e3:fc:
78:5e:fe:8b:c1:62:95:c3:1a:83:d1:75:09:94:04:cd:f1:07:
a4:55:5a:5f:41:62:a5:91:b3:1c:7b:0f:8e:41:eb:10:fc:23:
e0:46:d3:bd:bb:52:14:53:fe:f3:92:c1:df:a5:ce:83:3d:5c:
62:77:12:97:90:cd:14:f0:5f:d5:02:4e:1e:ab:29:6d:55:ee:
a8:84:66:69:10:c1:65:aa:25:86:44:c2:91:09:a4:6b:f5:03:
a4:48:36:e4:a7:10:9f:ee:8d:7d:4b:4f:2e:96:06:80:62:58:
1d:99:b9:2f:8b:78:a5:b1:79:f1:c3:9b:52:48:13:77:88:ca:
20:91:f7:8e:c7:35:22:49:de:67:51:a7:cb:0f:42:bd:e0:38:
8b:3a:97:81:a6:a9:2c:d5:0a:00:32:e3:06:6d:d6:3c:e5:8f:
a0:03:b4:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRZok4sAPYdnQ8LwordDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjUwNjA4MTYwMDI4WhcNMjUwNjA5MTYwMDI4WjAzMTEwLwYDVQQD
EygyNTQ1MjVhNWIyMmJkMmQwYWQ0ZDA5NzU5NmU4ZjIyZjlkNmU2YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqf3zp0XBZNaOut77Pu/0vCYBqHx
D0foc0XQEQhELnowHxmaN+MH+cfn6uirIDrOyhIuw7NijzoIxc22WJgr0ts7qs3V
yw0uZM9WrBJ09rAcrA6dvXItRe0MCxQ2osM4eFS8YJQ2OSl+Oz6xx84hIhvW/hec
nWvwCyOlEmwGXMKb+Uyr06Ob2KKMX1PrNOxfxptgTv0NX7tCTQi2nsG6gHjantYv
UZJYuFisqwWMY/0/Kbjars3un3KBalBO6BEAVISz3GYAxAb7E2s2qW13C/RXHeC8
DDXrJpfeiuqJPii7dHJWxo/Q5mOHp+lEfiIImS5pJKIrr4Z1HOfQ6X2MZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVFJaWyK9LQrU0JdZbo8i+dbmvPMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvbkj1lAS
cFCti/mo8QKrCXfBNIJGwuH9jsRfhI1Dlc5RjieTJ70RGOY5OY2pRyOBdj4l2aTL
vU05MejAG8yMbPkiLL/t3mc17XylS+IOT26UOjgSQyi4gOP8eF7+i8FilcMag9F1
CZQEzfEHpFVaX0FipZGzHHsPjkHrEPwj4EbTvbtSFFP+85LB36XOgz1cYncSl5DN
FPBf1QJOHqspbVXuqIRmaRDBZaolhkTCkQmka/UDpEg25KcQn+6NfUtPLpYGgGJY
HZm5L4t4pbF58cObUkgTd4jKIJH3jsc1IkneZ1Gnyw9CveA4izqXgaapLNUKADLj
Bm3WPOWPoAO0lw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:14:12 2025 by rpki-client