Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: KR8NOt5EjAH5N6TsAOh1DFFkXU2GR5g+XTq82C8b95s=
Subject key identifier: DE:FC:12:5C:ED:0C:2D:6C:15:9F:B5:2B:BD:F0:1C:0F:6B:3E:BF:C3
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 019923A044B98B062D8004E4E264E1C5AEF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 0968
Signing time: Sun 07 Sep 2025 10:02:09 +0000
Manifest this update: Sun 07 Sep 2025 10:02:09 +0000
Manifest next update: Mon 08 Sep 2025 10:02:09 +0000
Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=)
2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: wlqaQ8cji546HmCqh8rSTaAy+hG2+ExA0jetbXni40I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:44:b9:8b:06:2d:80:04:e4:e2:64:e1:c5:ae:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Sep 7 10:02:09 2025 GMT
Not After : Sep 8 10:02:09 2025 GMT
Subject: CN=defc125ced0c2d6c159fb52bbdf01c0f6b3ebfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e3:56:6b:4e:f5:1f:7d:e5:92:89:e8:60:5b:
28:00:11:f8:3f:c1:87:0f:17:ae:d4:e4:81:74:75:
d2:75:14:fc:4b:9e:d1:c7:0f:80:91:56:f8:f1:99:
03:f3:cc:a6:5f:52:f6:1b:9c:c6:76:1e:dc:1d:c7:
c7:e4:75:e7:de:d3:90:cb:ad:ee:cb:af:49:d9:8f:
1b:b0:38:a4:40:fd:30:0d:09:70:62:47:86:f7:83:
49:e8:44:6b:01:d6:08:e3:dc:8b:61:08:fb:3d:30:
d2:9b:b8:8b:80:31:bf:18:c3:dd:47:09:a7:b5:c0:
f8:2c:ef:f3:8c:01:61:6e:b2:2d:c4:4f:fe:4c:dc:
4c:3d:7b:74:38:e7:1a:d0:ce:c7:b2:20:11:30:69:
db:41:94:fa:5d:da:b2:6e:da:99:b1:c4:16:bb:ed:
76:e6:9e:09:28:a4:87:f6:1d:7e:6c:72:03:10:71:
37:10:1c:92:50:74:49:66:00:ca:1d:e8:98:b4:da:
8e:91:4c:4e:96:41:8b:13:3e:00:8d:4f:a2:7b:70:
36:4e:67:9f:b1:80:00:95:f8:1c:cd:29:e5:2e:ff:
c4:f1:4f:e2:4c:c5:1a:5d:e1:7b:a0:38:2a:b9:54:
f6:29:46:21:76:79:20:97:78:da:ab:fe:2c:a3:c9:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FC:12:5C:ED:0C:2D:6C:15:9F:B5:2B:BD:F0:1C:0F:6B:3E:BF:C3
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:14:ae:d6:6d:3c:f6:30:cd:93:4e:88:88:17:72:d8:2a:78:
f5:d2:3c:e8:54:15:04:0e:38:34:fb:d0:c4:18:c8:65:8b:9e:
7b:e5:e1:b4:ec:39:67:59:be:d5:a9:73:57:a2:91:25:a2:56:
82:43:3e:2b:33:1d:e6:0b:b5:e5:db:23:fe:10:45:fd:39:54:
5b:65:54:62:07:f8:44:0a:ec:a9:08:4a:6c:8b:05:bb:57:28:
7c:45:6a:04:b9:80:ab:01:e2:5d:be:96:37:05:f2:23:18:a3:
06:52:a0:1b:07:31:56:a0:8d:14:62:30:8c:a8:31:5b:8f:06:
62:ec:6a:e4:60:cd:a1:51:11:25:75:57:68:11:5b:79:cb:35:
ad:b8:12:73:80:e4:2b:ec:9c:9a:e4:66:f4:03:03:c9:af:54:
20:c2:77:71:d4:43:bc:16:db:5a:4d:d8:cc:7c:1a:e0:45:46:
9c:40:44:90:fe:0d:1d:ed:3f:f3:24:d9:af:31:2b:20:83:c9:
28:87:3e:e3:1c:0b:47:c9:74:70:5a:e6:1f:cf:d1:72:fb:27:
81:20:9a:ce:13:96:cc:42:8e:0a:13:f2:d9:26:a7:56:72:81:
b6:aa:48:7f:6c:05:08:33:1f:8a:84:7e:94:53:50:b2:6b:cd:
c1:6a:86:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoES5iwYtgATk4mThxa7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjUwOTA3MTAwMjA5WhcNMjUwOTA4MTAwMjA5WjAzMTEwLwYDVQQD
EyhkZWZjMTI1Y2VkMGMyZDZjMTU5ZmI1MmJiZGYwMWMwZjZiM2ViZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeNWa071H33lkonoYFsoABH4P8GH
Dxeu1OSBdHXSdRT8S57Rxw+AkVb48ZkD88ymX1L2G5zGdh7cHcfH5HXn3tOQy63u
y69J2Y8bsDikQP0wDQlwYkeG94NJ6ERrAdYI49yLYQj7PTDSm7iLgDG/GMPdRwmn
tcD4LO/zjAFhbrItxE/+TNxMPXt0OOca0M7HsiARMGnbQZT6XdqybtqZscQWu+12
5p4JKKSH9h1+bHIDEHE3EBySUHRJZgDKHeiYtNqOkUxOlkGLEz4AjU+ie3A2Tmef
sYAAlfgczSnlLv/E8U/iTMUaXeF7oDgquVT2KUYhdnkgl3jaq/4so8m6YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN78ElztDC1sFZ+1K73wHA9rPr/DMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgxSu1m08
9jDNk06IiBdy2Cp49dI86FQVBA44NPvQxBjIZYuee+XhtOw5Z1m+1alzV6KRJaJW
gkM+KzMd5gu15dsj/hBF/TlUW2VUYgf4RArsqQhKbIsFu1cofEVqBLmAqwHiXb6W
NwXyIxijBlKgGwcxVqCNFGIwjKgxW48GYuxq5GDNoVERJXVXaBFbecs1rbgSc4Dk
K+ycmuRm9AMDya9UIMJ3cdRDvBbbWk3YzHwa4EVGnEBEkP4NHe0/8yTZrzErIIPJ
KIc+4xwLR8l0cFrmH8/RcvsngSCazhOWzEKOChPy2SanVnKBtqpIf2wFCDMfioR+
lFNQsmvNwWqGkQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:43:33 2025 by rpki-client