
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File: hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier: pC5aqKDDeXtGkr+ecwIPLVB4as0p1DJ+v+A15jCEKbE=
Subject key identifier: DE:85:3B:8C:03:9C:8F:E7:DE:53:F1:33:2A:8A:5A:76:BA:EC:07:65
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer: /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial: 019767E030999A14F695C48EEFDAC5BD6678
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number: 1590
Signing time: Fri 13 Jun 2025 06:00:34 +0000
Manifest this update: Fri 13 Jun 2025 06:00:34 +0000
Manifest next update: Sat 14 Jun 2025 06:00:34 +0000
Files and hashes: 1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: AI5Y7wq/4rSL0g6Qh4lJbZsmc5iBev19l3VYaStszvU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:67:e0:30:99:9a:14:f6:95:c4:8e:ef:da:c5:bd:66:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
Validity
Not Before: Jun 13 06:00:34 2025 GMT
Not After : Jun 14 06:00:34 2025 GMT
Subject: CN=de853b8c039c8fe7de53f1332a8a5a76baec0765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:fc:75:b7:e0:96:c1:3a:62:41:4b:59:75:
cf:1f:b0:65:94:1c:bd:5f:8f:b3:89:77:14:34:88:
bf:75:5a:5a:d8:84:bc:e6:84:78:02:c2:6e:ad:8a:
76:47:d8:c5:82:31:96:ed:d8:7f:d3:6b:bb:3e:72:
58:d6:b5:5e:a7:e8:a9:86:18:a6:b3:aa:e1:dc:28:
86:11:58:b5:8d:c8:05:d0:29:95:dc:70:ca:ac:28:
26:21:4d:49:a8:60:f5:d5:9b:7f:c1:a3:d4:e7:92:
d1:cb:29:12:5d:fa:6c:aa:16:7a:43:05:64:28:9b:
19:a2:31:2d:09:a1:6f:d4:71:c1:81:5d:0b:35:dc:
cd:43:1a:3d:08:45:5c:ae:fc:63:6a:8e:18:24:de:
a4:6d:bb:f8:57:e0:eb:b0:ef:17:40:7e:5e:47:ef:
a6:db:0b:5d:6b:01:ed:dc:d6:1e:fe:29:0b:73:32:
e1:ff:76:e6:60:cd:1d:15:be:2e:2e:71:ce:a2:4d:
ee:f0:bc:f7:a4:ba:3b:a7:60:f4:f7:a2:26:95:51:
77:b1:ec:ba:60:94:bf:87:cd:8b:3b:43:a0:f1:02:
9e:31:7b:12:33:d6:d0:28:b8:6b:f8:0d:b8:65:f9:
f4:6e:61:9a:23:7d:e4:42:b6:f8:60:ca:0d:c6:af:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:85:3B:8C:03:9C:8F:E7:DE:53:F1:33:2A:8A:5A:76:BA:EC:07:65
X509v3 Authority Key Identifier:
keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:f4:0c:eb:3d:bd:73:47:10:48:66:18:f9:c7:46:ff:50:7b:
78:da:30:05:b1:90:ba:60:aa:a1:91:e6:e1:80:42:a1:95:a0:
cb:5f:1e:60:5d:09:a4:b2:6b:57:4e:12:dc:33:6f:0b:57:33:
e8:fd:57:e7:98:7d:f6:93:70:57:bc:6b:87:7b:0b:f0:55:5b:
cc:56:8a:6b:f2:f9:3f:f9:88:6b:c6:9b:eb:dc:3a:90:2c:af:
44:f7:70:f8:80:11:a7:99:f9:9d:cd:73:3f:15:81:41:43:6d:
66:79:5d:f0:3f:77:18:fd:27:50:aa:ce:e5:2b:1f:1b:06:a8:
2e:48:02:a4:6f:7b:e3:4f:17:bc:f1:71:85:dd:ce:b5:87:fc:
22:1c:74:4b:54:07:b8:e3:71:5b:ee:fc:5c:df:11:cd:b4:ed:
07:e5:77:8e:96:b3:aa:af:4f:41:4e:61:58:1d:77:a0:6e:bd:
04:af:37:3e:d7:2d:90:59:c1:67:22:a0:bf:3f:12:58:a4:66:
f5:37:7f:ca:2b:09:8a:f3:67:1c:3a:ac:26:15:6f:57:07:ea:
c8:3f:ed:53:f3:21:96:c0:02:99:71:7b:50:0f:b4:61:6b:80:
98:09:0a:90:a4:5c:85:0d:5f:5e:fb:ba:6f:99:fa:ac:af:2b:
73:15:1b:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4DCZmhT2lcSO79rFvWZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUwNjEzMDYwMDM0WhcNMjUwNjE0MDYwMDM0WjAzMTEwLwYDVQQD
EyhkZTg1M2I4YzAzOWM4ZmU3ZGU1M2YxMzMyYThhNWE3NmJhZWMwNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBj8dbfglsE6YkFLWXXPH7BllBy9
X4+ziXcUNIi/dVpa2IS85oR4AsJurYp2R9jFgjGW7dh/02u7PnJY1rVep+iphhim
s6rh3CiGEVi1jcgF0CmV3HDKrCgmIU1JqGD11Zt/waPU55LRyykSXfpsqhZ6QwVk
KJsZojEtCaFv1HHBgV0LNdzNQxo9CEVcrvxjao4YJN6kbbv4V+DrsO8XQH5eR++m
2wtdawHt3NYe/ikLczLh/3bmYM0dFb4uLnHOok3u8Lz3pLo7p2D096ImlVF3sey6
YJS/h82LO0Og8QKeMXsSM9bQKLhr+A24Zfn0bmGaI33kQrb4YMoNxq81DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6FO4wDnI/n3lPxMyqKWna67AdlMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/QM6z29
c0cQSGYY+cdG/1B7eNowBbGQumCqoZHm4YBCoZWgy18eYF0JpLJrV04S3DNvC1cz
6P1X55h99pNwV7xrh3sL8FVbzFaKa/L5P/mIa8ab69w6kCyvRPdw+IARp5n5nc1z
PxWBQUNtZnld8D93GP0nUKrO5SsfGwaoLkgCpG97408XvPFxhd3OtYf8Ihx0S1QH
uONxW+78XN8RzbTtB+V3jpazqq9PQU5hWB13oG69BK83PtctkFnBZyKgvz8SWKRm
9Td/yisJivNnHDqsJhVvVwfqyD/tU/MhlsACmXF7UA+0YWuAmAkKkKRchQ1fXvu6
b5n6rK8rcxUbEg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:05:04 2025 by rpki-client