Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
File: 1ehYR8xEuGECJwu9do5MPOuhyYg.mft (raw, json)
Hash identifier: f2SH5qzHNN2siIKOmRqEPQkBBAX3kcWk02SujaA43Z8=
Subject key identifier: E3:60:15:63:E1:47:3F:0E:3C:58:EA:A0:E9:05:E7:97:77:98:45:2F
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 01984A0A378BD83EF1E788E640B48FA96978
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
Manifest number: 0493
Signing time: Sun 27 Jul 2025 04:00:40 +0000
Manifest this update: Sun 27 Jul 2025 04:00:40 +0000
Manifest next update: Mon 28 Jul 2025 04:00:40 +0000
Files and hashes: 1: 1ehYR8xEuGECJwu9do5MPOuhyYg.crl (hash: UokRHX9unPAaXxT3zht/jOBdy0X6JhyNlEL52mpQTLM=)
2: DTHy6RXAjA3WYCRRHO7XlxlNxP0.roa (hash: WIwE9zAwV90ldFttTq5+MPXhd1lbpoXmWHuG/jlZk1I=)
3: HP2XU4ErP340JMFJBkwhXt7RSkM.roa (hash: jqU/k+IA4J2nUGc2ePon/4S6+Kq7gFeDjcwyWdzFAK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 04:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:0a:37:8b:d8:3e:f1:e7:88:e6:40:b4:8f:a9:69:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: Jul 27 04:00:40 2025 GMT
Not After : Jul 28 04:00:40 2025 GMT
Subject: CN=e3601563e1473f0e3c58eaa0e905e7977798452f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:42:2f:05:e4:6b:76:6c:c2:88:09:b8:6f:
5d:9f:2a:0a:80:c8:49:21:aa:5d:3c:5e:22:f7:0e:
05:27:b3:d5:24:ab:a8:4c:1a:90:53:32:78:07:0b:
cf:7d:19:1b:9a:9f:94:95:46:83:f7:75:b2:df:6f:
3d:a5:de:df:2d:1f:56:f9:3e:b4:8b:5e:fe:13:6c:
06:67:44:81:dd:85:b6:18:0d:23:3a:67:3b:d7:06:
d7:72:40:61:27:08:88:cf:a4:fc:e7:cd:61:8f:81:
61:8a:8a:52:b2:95:5b:96:e2:14:fa:77:8b:c3:5b:
be:a9:3d:37:e3:4a:8d:03:11:d9:84:49:50:a9:64:
12:16:c2:0b:00:96:c7:17:4f:16:55:bb:ea:b5:02:
9a:b6:e1:f6:f0:8b:8d:f9:0a:95:84:56:52:a5:e7:
64:31:a9:02:ea:98:97:56:70:1a:48:07:07:0a:65:
c4:86:7c:fa:7f:30:c8:6f:3e:0e:5c:81:7c:ea:5f:
04:45:7b:5f:ba:d3:06:c8:14:e0:b0:fb:e3:78:b5:
23:76:44:70:58:d6:9f:2c:21:fe:41:d5:5d:4c:1d:
ca:1d:cb:47:9a:cd:f2:bb:84:a7:47:12:cc:cb:0f:
b6:3d:2d:b3:61:b7:8f:ec:11:01:87:a7:f7:70:7a:
55:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:60:15:63:E1:47:3F:0E:3C:58:EA:A0:E9:05:E7:97:77:98:45:2F
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:cf:2a:ee:01:cc:0c:ae:0e:6e:3e:cd:21:bd:7e:cf:c8:f5:
e1:8a:79:28:e6:b5:66:f3:3c:98:21:44:52:b9:82:75:a4:4b:
da:fa:a9:7b:4c:ce:40:80:e7:8d:a7:19:ff:79:9e:53:69:b0:
0e:6c:22:e0:b2:07:af:91:d1:b8:e6:3b:e3:96:b9:f4:2a:62:
11:d8:e2:32:2f:37:0b:ac:b1:8c:3a:d9:d2:01:cf:91:55:e5:
da:2c:42:f3:85:81:93:ba:c1:37:17:b4:1a:c8:a4:66:39:79:
ea:7f:6a:c0:60:c1:89:65:d5:9b:d4:70:9e:34:ef:1b:e0:65:
2d:c6:20:a1:1d:07:d6:14:fa:c0:fe:a4:1b:6c:77:d3:73:e8:
f7:50:47:cd:39:47:ae:49:0f:9f:d9:3d:be:d7:a2:04:f4:48:
ad:e0:92:ab:15:8a:b4:39:89:3e:77:71:a5:60:a1:51:d5:ac:
29:ce:c6:c4:b3:76:04:07:a8:f5:b4:92:70:26:89:85:16:d5:
c9:a4:b0:7e:1d:6e:44:51:8c:6d:cc:21:0c:93:a7:72:41:99:
f8:d5:21:90:5c:a1:ad:6e:b7:bf:25:e1:56:7a:fd:45:f7:74:
47:09:f9:30:96:cd:7f:ff:8a:8d:d6:80:cf:80:c7:1e:ac:e2:
e3:70:a3:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCjeL2D7x54jmQLSPqWl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjUwNzI3MDQwMDQwWhcNMjUwNzI4MDQwMDQwWjAzMTEwLwYDVQQD
EyhlMzYwMTU2M2UxNDczZjBlM2M1OGVhYTBlOTA1ZTc5Nzc3OTg0NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhBCLwXka3ZswogJuG9dnyoKgMhJ
IapdPF4i9w4FJ7PVJKuoTBqQUzJ4BwvPfRkbmp+UlUaD93Wy3289pd7fLR9W+T60
i17+E2wGZ0SB3YW2GA0jOmc71wbXckBhJwiIz6T8581hj4FhiopSspVbluIU+neL
w1u+qT0340qNAxHZhElQqWQSFsILAJbHF08WVbvqtQKatuH28IuN+QqVhFZSpedk
MakC6piXVnAaSAcHCmXEhnz6fzDIbz4OXIF86l8ERXtfutMGyBTgsPvjeLUjdkRw
WNafLCH+QdVdTB3KHctHms3yu4SnRxLMyw+2PS2zYbeP7BEBh6f3cHpVOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONgFWPhRz8OPFjqoOkF55d3mEUvMB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoM8q7gHM
DK4Obj7NIb1+z8j14Yp5KOa1ZvM8mCFEUrmCdaRL2vqpe0zOQIDnjacZ/3meU2mw
Dmwi4LIHr5HRuOY745a59CpiEdjiMi83C6yxjDrZ0gHPkVXl2ixC84WBk7rBNxe0
GsikZjl56n9qwGDBiWXVm9RwnjTvG+BlLcYgoR0H1hT6wP6kG2x303Po91BHzTlH
rkkPn9k9vteiBPRIreCSqxWKtDmJPndxpWChUdWsKc7GxLN2BAeo9bSScCaJhRbV
yaSwfh1uRFGMbcwhDJOnckGZ+NUhkFyhrW63vyXhVnr9Rfd0Rwn5MJbNf/+KjdaA
z4DHHqzi43CjZg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:32:00 2025 by rpki-client