
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: APlnj5q5EZkzWd9XCOU43MbyJZl8PTW6DFWj9yFCrn0=
Subject key identifier: DB:CF:F1:90:E4:55:E7:52:5B:67:3C:0E:13:3E:B7:88:91:58:33:9E
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 019760CBC49FEDEF84502FBBFBD276CB7057
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 158C
Signing time: Wed 11 Jun 2025 21:00:56 +0000
Manifest this update: Wed 11 Jun 2025 21:00:56 +0000
Manifest next update: Thu 12 Jun 2025 21:00:56 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: somcG5iantFnFnH4wOIMBS0Q87pOkmZdgPRcJDtZoB4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 15:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:cb:c4:9f:ed:ef:84:50:2f:bb:fb:d2:76:cb:70:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Jun 11 21:00:56 2025 GMT
Not After : Jun 12 21:00:56 2025 GMT
Subject: CN=dbcff190e455e7525b673c0e133eb7889158339e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:89:98:9e:90:7d:1a:17:6f:74:6e:ce:9f:4f:
0c:53:08:f9:72:1b:38:3d:52:18:71:80:4f:07:bc:
c2:61:8b:2c:26:56:bc:0f:d6:68:a5:c1:9a:76:93:
b1:0b:81:63:c8:41:6e:4f:87:4e:94:f5:de:7d:8a:
68:7a:d7:b6:84:e1:fe:e3:51:cf:dc:6f:d0:4d:de:
2e:a3:2c:25:81:ca:42:ec:a8:fe:2c:60:bc:05:19:
7d:70:8a:90:6b:c7:b4:e0:9f:42:7b:42:16:d9:d3:
1f:82:f0:4f:a4:a3:48:03:04:b7:df:1e:5c:db:2f:
79:28:25:c1:ec:89:96:72:0b:2a:36:b4:1c:73:a2:
3d:57:06:84:18:4f:bd:bd:bf:69:c3:aa:47:a2:34:
5e:8f:6f:05:45:ae:00:03:67:53:bd:50:80:f7:dc:
85:f8:f8:36:68:f1:29:8d:5a:65:5a:09:aa:9f:b5:
b6:38:ea:07:b0:03:80:35:fe:65:a0:17:57:fe:33:
85:91:75:a2:bc:b3:81:74:a3:bb:5e:c9:1d:c7:be:
2c:b8:93:5d:06:f4:2c:10:f4:b7:7a:1f:4b:23:d4:
07:e0:1e:95:c0:fc:5a:22:be:ab:ea:96:3e:f4:b2:
a2:31:30:80:d2:c5:f5:c9:b0:d5:23:cf:46:28:7a:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CF:F1:90:E4:55:E7:52:5B:67:3C:0E:13:3E:B7:88:91:58:33:9E
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:b7:25:b3:2d:d6:ca:84:5a:fb:78:e2:ca:0f:6e:22:24:db:
63:ae:b8:34:8d:f4:0f:60:63:fd:f0:92:b5:8e:c4:4a:30:de:
0f:97:8a:cf:d7:dd:46:d5:13:45:ec:41:1f:32:ad:6b:24:cc:
a3:52:83:3e:06:14:50:29:45:a6:8c:6c:9e:b9:8b:2a:54:a9:
b7:a0:e0:13:5d:82:bf:94:4d:df:d8:b0:78:18:dd:a1:e0:b6:
57:0e:c5:ac:2f:91:29:c3:1f:60:f3:cd:75:b8:83:fd:54:4f:
54:14:6a:69:e7:40:cc:9a:0d:af:42:cb:83:d7:0e:24:7e:c0:
40:5b:52:9b:09:da:ce:43:0d:55:89:db:ce:41:62:92:3e:0b:
29:87:c4:0b:8f:7e:29:e7:8d:57:61:15:8d:03:59:67:7d:95:
c1:69:1e:d1:c0:dc:86:63:c6:db:3d:5d:e2:45:50:c6:06:3e:
10:bb:fe:6f:6b:af:f6:77:cf:19:b5:20:a7:5d:31:eb:9d:cb:
5f:fc:88:c0:70:27:b2:3f:0d:bf:94:5f:5a:1e:ab:b0:2b:01:
f8:ef:28:bd:a3:83:dd:9c:0d:e6:d9:f1:02:c3:92:64:2f:ac:
9d:fe:06:39:a2:2b:62:fa:60:aa:e9:24:4c:f4:8e:88:7c:4a:
f4:7c:11:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy8Sf7e+EUC+7+9J2y3BXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNjExMjEwMDU2WhcNMjUwNjEyMjEwMDU2WjAzMTEwLwYDVQQD
EyhkYmNmZjE5MGU0NTVlNzUyNWI2NzNjMGUxMzNlYjc4ODkxNTgzMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ImYnpB9GhdvdG7On08MUwj5chs4
PVIYcYBPB7zCYYssJla8D9ZopcGadpOxC4FjyEFuT4dOlPXefYpoete2hOH+41HP
3G/QTd4uoywlgcpC7Kj+LGC8BRl9cIqQa8e04J9Ce0IW2dMfgvBPpKNIAwS33x5c
2y95KCXB7ImWcgsqNrQcc6I9VwaEGE+9vb9pw6pHojRej28FRa4AA2dTvVCA99yF
+Pg2aPEpjVplWgmqn7W2OOoHsAOANf5loBdX/jOFkXWivLOBdKO7Xskdx74suJNd
BvQsEPS3eh9LI9QH4B6VwPxaIr6r6pY+9LKiMTCA0sX1ybDVI89GKHqCgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvP8ZDkVedSW2c8DhM+t4iRWDOeMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLclsy3W
yoRa+3jiyg9uIiTbY664NI30D2Bj/fCStY7ESjDeD5eKz9fdRtUTRexBHzKtayTM
o1KDPgYUUClFpoxsnrmLKlSpt6DgE12Cv5RN39iweBjdoeC2Vw7FrC+RKcMfYPPN
dbiD/VRPVBRqaedAzJoNr0LLg9cOJH7AQFtSmwnazkMNVYnbzkFikj4LKYfEC49+
KeeNV2EVjQNZZ32VwWke0cDchmPG2z1d4kVQxgY+ELv+b2uv9nfPGbUgp10x653L
X/yIwHAnsj8Nv5RfWh6rsCsB+O8ovaOD3ZwN5tnxAsOSZC+snf4GOaIrYvpgqukk
TPSOiHxK9HwRrw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:50:58 2025 by rpki-client