Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
File: hWyvHy8CkUARBe9osllX3FVVENI.mft (raw, json)
Hash identifier: G5I6ikUsc5k3DMrRknz987XP3Wl15mFjIvGXWgZZYHE=
Subject key identifier: 6F:59:5E:97:28:2E:A5:22:EF:4D:9C:2B:F2:C1:C1:A6:D9:6D:0B:14
Authority key identifier: 85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
Certificate issuer: /CN=856caf1f2f0291401105ef68b25957dc555510d2
Certificate serial: 019921B0E7CEDFA6819DE4BB3C238FD4A12C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
Manifest number: 11DC
Signing time: Sun 07 Sep 2025 01:01:05 +0000
Manifest this update: Sun 07 Sep 2025 01:01:05 +0000
Manifest next update: Mon 08 Sep 2025 01:01:05 +0000
Files and hashes: 1: GpIZ4jE-9ieq_ECexQxa_m3ORPw.roa (hash: IjDJZYXavRzEltys5gXrAE3D7K9MgVcCUjh6DyqqaSM=)
2: hWyvHy8CkUARBe9osllX3FVVENI.crl (hash: SUkVGmN3LXyXn9R3WJb+C59xzOU06wHoG1yJudPaS7g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b0:e7:ce:df:a6:81:9d:e4:bb:3c:23:8f:d4:a1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856caf1f2f0291401105ef68b25957dc555510d2
Validity
Not Before: Sep 7 01:01:05 2025 GMT
Not After : Sep 8 01:01:05 2025 GMT
Subject: CN=6f595e97282ea522ef4d9c2bf2c1c1a6d96d0b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:64:83:d5:1d:07:b9:c9:6a:17:93:f1:db:cb:
63:e1:be:6a:0d:f7:7c:d6:ff:37:6c:35:54:e6:a6:
d6:54:8c:49:9b:54:19:63:0d:37:73:c9:04:b5:06:
d8:51:8a:39:50:1c:af:61:c3:f2:a7:df:1c:11:8b:
48:4c:34:c5:89:39:57:0f:21:f7:0a:c4:eb:ff:91:
02:cd:56:a2:88:98:f0:e0:cb:c9:d4:5b:82:8b:74:
fd:54:fb:68:2d:82:d4:8a:82:1d:43:c4:a5:77:67:
2f:3e:73:46:45:60:a9:79:6f:26:bc:f3:f7:d4:13:
13:c2:9b:40:9a:2b:57:0d:46:5c:64:b5:75:a1:86:
67:12:63:aa:14:b7:52:95:6d:b6:75:c3:e8:8c:3d:
39:4e:5d:b7:03:fb:67:66:3c:4d:df:0d:a3:2d:63:
44:cd:ab:43:ed:db:c2:c9:65:93:42:0e:9c:89:2b:
5e:7a:62:b5:e7:9f:b5:fc:74:91:e4:25:bb:27:5a:
2f:e8:63:3f:3c:b3:0f:b9:dd:35:db:6a:e4:78:9d:
a8:0c:12:e7:e8:d8:c6:83:6e:57:8b:9e:58:cd:4b:
a8:c4:35:db:14:5c:9f:38:24:37:20:97:57:b7:f2:
26:66:1c:76:2d:a1:b1:c0:d6:ba:bb:9d:de:80:97:
48:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:59:5E:97:28:2E:A5:22:EF:4D:9C:2B:F2:C1:C1:A6:D9:6D:0B:14
X509v3 Authority Key Identifier:
keyid:85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:ef:57:e4:be:13:19:af:fd:85:d2:86:00:38:8c:62:af:bf:
ac:28:84:40:30:e9:b3:a6:30:6a:2c:ec:3b:1b:cd:26:75:09:
66:d8:19:d7:92:ab:e6:6e:3f:63:5e:b1:0a:9e:a9:5c:89:ed:
bb:f7:fb:6e:4e:e9:69:c0:f0:ca:ae:31:33:93:ae:d1:51:5f:
10:9a:d8:5b:1b:3c:44:39:57:64:38:12:e4:9f:af:7a:1d:83:
87:51:88:16:da:54:e4:ae:ee:be:1c:07:2a:31:2e:05:38:2b:
82:9e:5d:53:cf:47:74:e1:52:a0:0b:fb:6a:93:ca:c9:32:b3:
f3:80:49:9a:f0:6b:8e:02:9e:3f:4a:aa:a1:85:3d:2e:67:5b:
48:1b:22:4b:53:9e:43:53:7f:93:f6:d9:b3:e8:51:08:d6:71:
08:4e:a4:64:8a:8d:86:28:ae:55:98:e3:ed:9a:3f:1c:41:c3:
17:a0:15:cd:1d:77:6d:f6:43:05:10:cb:be:ea:41:82:9f:f0:
32:46:3d:4f:eb:ed:bc:df:12:72:14:09:8a:fb:9f:47:8f:6d:
de:dc:9d:34:c0:1f:23:b8:78:fa:80:27:e7:66:64:53:2b:ae:
f7:92:8c:c8:e1:b2:ca:b9:57:24:39:54:42:db:62:63:20:a6:
57:ed:a7:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsOfO36aBneS7PCOP1KEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmNhZjFmMmYwMjkxNDAxMTA1ZWY2OGIyNTk1N2RjNTU1
NTEwZDIwHhcNMjUwOTA3MDEwMTA1WhcNMjUwOTA4MDEwMTA1WjAzMTEwLwYDVQQD
Eyg2ZjU5NWU5NzI4MmVhNTIyZWY0ZDljMmJmMmMxYzFhNmQ5NmQwYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2SD1R0HuclqF5Px28tj4b5qDfd8
1v83bDVU5qbWVIxJm1QZYw03c8kEtQbYUYo5UByvYcPyp98cEYtITDTFiTlXDyH3
CsTr/5ECzVaiiJjw4MvJ1FuCi3T9VPtoLYLUioIdQ8Sld2cvPnNGRWCpeW8mvPP3
1BMTwptAmitXDUZcZLV1oYZnEmOqFLdSlW22dcPojD05Tl23A/tnZjxN3w2jLWNE
zatD7dvCyWWTQg6ciSteemK155+1/HSR5CW7J1ov6GM/PLMPud0122rkeJ2oDBLn
6NjGg25Xi55YzUuoxDXbFFyfOCQ3IJdXt/ImZhx2LaGxwNa6u53egJdIuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9ZXpcoLqUi702cK/LBwabZbQsUMB8GA1UdIwQY
MBaAFIVsrx8vApFAEQXvaLJZV9xVVRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTct
YjBkMGJjZDkwZmFlLzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTctYjBkMGJjZDkwZmFl
LzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+9X5L4T
Ga/9hdKGADiMYq+/rCiEQDDps6YwaizsOxvNJnUJZtgZ15Kr5m4/Y16xCp6pXInt
u/f7bk7pacDwyq4xM5Ou0VFfEJrYWxs8RDlXZDgS5J+veh2Dh1GIFtpU5K7uvhwH
KjEuBTgrgp5dU89HdOFSoAv7apPKyTKz84BJmvBrjgKeP0qqoYU9LmdbSBsiS1Oe
Q1N/k/bZs+hRCNZxCE6kZIqNhiiuVZjj7Zo/HEHDF6AVzR13bfZDBRDLvupBgp/w
MkY9T+vtvN8SchQJivufR49t3tydNMAfI7h4+oAn52ZkUyuu95KMyOGyyrlXJDlU
QttiYyCmV+2nzw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:15:11 2025 by rpki-client