Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: HQLxVk9EUja6z/jN4pva7/9Kx7b2Qs5Rq/TAl4tDIMA=
Subject key identifier: 8B:1A:31:C5:83:78:C8:8C:2C:41:4B:CE:10:87:91:D3:8C:34:7E:5B
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 019922C363F1EE84F88361837A17A5B10AEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 1675
Signing time: Sun 07 Sep 2025 06:00:54 +0000
Manifest this update: Sun 07 Sep 2025 06:00:54 +0000
Manifest next update: Mon 08 Sep 2025 06:00:54 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: tqT/Ej35cDKTlr92NA3oQ/Kjg6jC69FFNQpO+X+xATo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:63:f1:ee:84:f8:83:61:83:7a:17:a5:b1:0a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Sep 7 06:00:54 2025 GMT
Not After : Sep 8 06:00:54 2025 GMT
Subject: CN=8b1a31c58378c88c2c414bce108791d38c347e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4c:c2:68:5e:43:74:a8:68:25:2f:60:eb:14:
4f:c6:41:31:ee:29:2a:63:ac:d2:de:05:2f:29:9a:
a1:46:b8:1f:8f:e1:f9:3b:9f:59:f7:5a:45:4a:1d:
64:5b:78:0b:c2:e4:35:fe:ad:53:ce:0e:6c:65:3b:
52:e4:09:db:87:33:22:a8:9a:fd:59:9f:1c:0a:c2:
96:c6:b4:f2:5c:fb:ef:0f:d0:d4:c9:8d:ac:76:d3:
89:19:1d:f7:18:2d:a9:8f:43:ca:81:5a:86:6f:5d:
0c:12:68:b6:d4:5c:81:bd:a5:c0:7d:13:05:cc:36:
23:fe:1b:56:d1:d7:60:17:f5:5e:bf:ce:c1:2b:14:
ce:a8:70:6c:17:8a:84:41:40:78:8c:64:14:bf:99:
5b:a3:37:e9:43:84:a0:40:6b:a4:f0:42:db:88:90:
c2:d5:35:cd:04:c1:ef:86:2a:41:0e:3c:a3:4c:3b:
af:d4:1e:ed:7b:be:3b:e7:68:0e:51:69:46:f0:da:
81:d2:fa:0c:90:e4:99:a5:0b:23:a3:d5:ea:ae:f3:
9e:9f:97:d3:60:0a:0b:f2:52:bc:3d:3d:15:b0:1b:
d0:07:13:a7:7c:2f:48:d0:e8:ca:b3:ad:68:db:4b:
31:30:21:56:bb:24:ed:02:c0:7d:8a:d6:88:dc:4c:
15:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1A:31:C5:83:78:C8:8C:2C:41:4B:CE:10:87:91:D3:8C:34:7E:5B
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:cb:34:cd:72:b9:b2:21:3b:5a:21:a5:4f:f5:53:bf:37:71:
c1:d1:4d:20:61:2a:88:60:58:60:9b:b5:d3:5e:75:2f:14:b4:
f7:92:b9:f4:16:5a:5c:60:bb:5e:b3:07:56:3f:4a:af:2a:fe:
6b:5a:59:94:03:2a:b7:1c:cf:46:f1:5f:18:89:6e:c4:a4:15:
7e:49:98:e3:d4:a7:83:51:79:40:95:7f:ba:c0:62:ed:b3:b7:
6f:d5:4f:08:bc:39:f5:bc:b3:25:cd:01:80:c1:53:6a:c9:c3:
a1:ee:87:19:ab:c4:d6:98:bf:63:b4:0d:94:86:15:b0:3b:e6:
0d:c6:19:be:dc:cf:54:26:e3:aa:d3:f4:59:b7:ee:32:67:d3:
4d:71:6e:00:31:0a:56:da:2a:4f:90:89:74:25:89:7e:c2:84:
19:6f:cd:7e:e1:b0:10:7a:77:fe:1c:a3:79:a0:2f:f7:2e:a8:
f1:50:b5:3b:04:63:15:8d:27:54:30:a1:d7:db:33:db:ca:25:
c9:bd:fb:5f:ed:3b:fc:46:4f:74:9f:ea:8a:50:41:9f:bc:58:
b8:a6:4b:64:3e:c0:52:36:1a:ed:53:c5:6f:f8:b0:31:96:b0:
7f:2b:f5:23:dd:27:56:78:79:f4:89:28:6d:6c:fa:ff:b9:eb:
23:ab:86:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw2Px7oT4g2GDehelsQrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwOTA3MDYwMDU0WhcNMjUwOTA4MDYwMDU0WjAzMTEwLwYDVQQD
Eyg4YjFhMzFjNTgzNzhjODhjMmM0MTRiY2UxMDg3OTFkMzhjMzQ3ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUzCaF5DdKhoJS9g6xRPxkEx7ikq
Y6zS3gUvKZqhRrgfj+H5O59Z91pFSh1kW3gLwuQ1/q1Tzg5sZTtS5AnbhzMiqJr9
WZ8cCsKWxrTyXPvvD9DUyY2sdtOJGR33GC2pj0PKgVqGb10MEmi21FyBvaXAfRMF
zDYj/htW0ddgF/Vev87BKxTOqHBsF4qEQUB4jGQUv5lbozfpQ4SgQGuk8ELbiJDC
1TXNBMHvhipBDjyjTDuv1B7te74752gOUWlG8NqB0voMkOSZpQsjo9XqrvOen5fT
YAoL8lK8PT0VsBvQBxOnfC9I0OjKs61o20sxMCFWuyTtAsB9itaI3EwVzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsaMcWDeMiMLEFLzhCHkdOMNH5bMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMs0zXK5
siE7WiGlT/VTvzdxwdFNIGEqiGBYYJu10151LxS095K59BZaXGC7XrMHVj9Kryr+
a1pZlAMqtxzPRvFfGIluxKQVfkmY49Sng1F5QJV/usBi7bO3b9VPCLw59byzJc0B
gMFTasnDoe6HGavE1pi/Y7QNlIYVsDvmDcYZvtzPVCbjqtP0WbfuMmfTTXFuADEK
VtoqT5CJdCWJfsKEGW/NfuGwEHp3/hyjeaAv9y6o8VC1OwRjFY0nVDCh19sz28ol
yb37X+07/EZPdJ/qilBBn7xYuKZLZD7AUjYa7VPFb/iwMZawfyv1I90nVnh59Iko
bWz6/7nrI6uGEQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:13:38 2025 by rpki-client