Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
File: 1ehYR8xEuGECJwu9do5MPOuhyYg.mft (raw, json)
Hash identifier: UVCYIiabHIb1ejKogdmdtdkJ64o4lJOxgM65zN6eRTY=
Subject key identifier: C7:84:52:2E:22:A9:D1:A9:9A:01:DE:D9:11:72:5D:99:67:91:D4:9E
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 019937948F1B91AEC9183F204E22511C2CCF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
Manifest number: 050E
Signing time: Thu 11 Sep 2025 07:01:46 +0000
Manifest this update: Thu 11 Sep 2025 07:01:46 +0000
Manifest next update: Fri 12 Sep 2025 07:01:46 +0000
Files and hashes: 1: 1ehYR8xEuGECJwu9do5MPOuhyYg.crl (hash: 2k0IvyOY6oqKWe5I59cbjpD0DOcTb/aLv/NpIaMx8EQ=)
2: DTHy6RXAjA3WYCRRHO7XlxlNxP0.roa (hash: WIwE9zAwV90ldFttTq5+MPXhd1lbpoXmWHuG/jlZk1I=)
3: HP2XU4ErP340JMFJBkwhXt7RSkM.roa (hash: jqU/k+IA4J2nUGc2ePon/4S6+Kq7gFeDjcwyWdzFAK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:94:8f:1b:91:ae:c9:18:3f:20:4e:22:51:1c:2c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: Sep 11 07:01:46 2025 GMT
Not After : Sep 12 07:01:46 2025 GMT
Subject: CN=c784522e22a9d1a99a01ded911725d996791d49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c7:a7:ca:7d:93:e8:38:b0:4c:10:fb:4d:16:
35:5d:e8:51:7a:f0:ac:04:e5:11:54:89:65:1c:f6:
b4:15:08:92:cc:5a:61:9f:b8:d6:ac:76:01:e3:99:
c3:d0:df:25:80:54:77:19:90:28:ff:e0:25:24:57:
01:8f:c2:c6:ca:3f:9c:70:76:0e:a9:3e:a1:bb:1e:
0b:69:25:46:0e:d8:58:d1:8b:5b:dd:32:d8:d9:de:
7b:c3:27:76:6d:31:ed:c0:17:b5:32:fe:e3:4a:e1:
71:f8:5d:3d:64:e1:ac:5b:8a:a0:24:c8:f4:61:b9:
e2:54:dd:66:89:f4:bf:48:eb:9e:61:c7:f6:88:a3:
3a:8a:d5:0c:50:9a:21:98:41:a0:9d:74:f7:90:82:
34:05:03:0b:a2:c1:08:80:84:37:99:72:1d:fd:49:
6c:6b:b7:64:78:05:ad:87:17:77:e3:2e:22:69:90:
37:7a:e6:13:74:52:73:75:21:3a:46:68:65:37:fa:
fe:1c:40:a1:26:d1:a0:66:45:05:b1:b8:74:01:86:
22:05:7e:c3:ba:d6:34:d9:70:50:e9:1e:ca:32:41:
24:35:7d:6f:7f:73:da:44:19:ca:d6:85:66:b1:0c:
7b:fb:1a:11:0e:eb:cd:85:e3:84:f0:44:f6:5c:90:
ea:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:84:52:2E:22:A9:D1:A9:9A:01:DE:D9:11:72:5D:99:67:91:D4:9E
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:dc:16:b7:54:02:9f:12:3b:e4:cf:d2:51:53:44:db:fc:70:
9c:30:35:0d:c1:16:d2:c0:c2:2c:6c:76:f0:5e:8d:0e:39:e4:
2b:b9:62:bb:fa:92:99:85:58:a4:84:81:fb:43:54:c1:4f:12:
92:09:d4:ca:69:44:d8:79:8c:96:c2:a4:65:ff:bd:bc:23:66:
29:fb:8c:89:da:df:96:b2:22:c1:5e:34:a2:dc:3b:c1:f4:02:
4b:2b:3d:2f:5b:a4:30:09:9b:1e:37:ae:8f:1d:0a:de:e9:fd:
1b:67:d6:8d:9e:12:b1:cb:78:a3:d9:ae:71:32:d3:d6:28:d2:
d3:81:34:e8:8c:82:11:db:37:e7:37:77:c9:79:34:f6:24:26:
b8:9b:87:21:9e:02:9c:70:ba:03:74:61:7b:31:42:ac:fa:03:
95:b3:23:d1:c5:b6:00:d2:25:77:ba:2a:b6:b3:a8:1c:b2:d8:
9e:2a:96:be:36:b3:15:2f:a1:ef:a4:45:0e:f9:6e:77:22:f6:
55:24:99:5c:0c:5b:5f:fa:23:59:5e:52:ba:12:7d:8a:0c:a1:
88:b9:9a:f1:0a:e8:f0:e8:7f:e3:98:ac:69:95:9f:f1:f6:4e:
21:03:46:71:a9:c6:e7:1e:67:6e:06:4e:f5:ea:ac:01:58:28:
36:f8:f6:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk3lI8bka7JGD8gTiJRHCzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjUwOTExMDcwMTQ2WhcNMjUwOTEyMDcwMTQ2WjAzMTEwLwYDVQQD
EyhjNzg0NTIyZTIyYTlkMWE5OWEwMWRlZDkxMTcyNWQ5OTY3OTFkNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8enyn2T6DiwTBD7TRY1XehRevCs
BOURVIllHPa0FQiSzFphn7jWrHYB45nD0N8lgFR3GZAo/+AlJFcBj8LGyj+ccHYO
qT6hux4LaSVGDthY0Ytb3TLY2d57wyd2bTHtwBe1Mv7jSuFx+F09ZOGsW4qgJMj0
YbniVN1mifS/SOueYcf2iKM6itUMUJohmEGgnXT3kII0BQMLosEIgIQ3mXId/Uls
a7dkeAWthxd34y4iaZA3euYTdFJzdSE6RmhlN/r+HEChJtGgZkUFsbh0AYYiBX7D
utY02XBQ6R7KMkEkNX1vf3PaRBnK1oVmsQx7+xoRDuvNheOE8ET2XJDqDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeEUi4iqdGpmgHe2RFyXZlnkdSeMB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNwWt1QC
nxI75M/SUVNE2/xwnDA1DcEW0sDCLGx28F6NDjnkK7liu/qSmYVYpISB+0NUwU8S
kgnUymlE2HmMlsKkZf+9vCNmKfuMidrflrIiwV40otw7wfQCSys9L1ukMAmbHjeu
jx0K3un9G2fWjZ4Ssct4o9mucTLT1ijS04E06IyCEds35zd3yXk09iQmuJuHIZ4C
nHC6A3RhezFCrPoDlbMj0cW2ANIld7oqtrOoHLLYniqWvjazFS+h76RFDvludyL2
VSSZXAxbX/ojWV5SuhJ9igyhiLma8Qro8Oh/45isaZWf8fZOIQNGcanG5x5nbgZO
9eqsAVgoNvj2vA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 08:24:05 2025 by rpki-client