Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
File: DUHQpubfLhjCVnMjaNbnaCiTExA.mft (raw, json)
Hash identifier: N8nMFgaH/UncAkotc3kXxyROxFcgAI4b5MRs6+atLzs=
Subject key identifier: 59:73:ED:35:3C:2F:AA:EB:61:2D:47:99:24:46:C9:10:68:32:5A:48
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 0199239F198E3A913E40F2FA9581566799AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
Manifest number: 0FB9
Signing time: Sun 07 Sep 2025 10:00:53 +0000
Manifest this update: Sun 07 Sep 2025 10:00:53 +0000
Manifest next update: Mon 08 Sep 2025 10:00:53 +0000
Files and hashes: 1: 5yn4zHauZM75VAijpeMoQrgxCO4.roa (hash: XNQWDr0wgLOmyX40wHgFFl4XUTUYTIzKWa/lVOSFR8o=)
2: DUHQpubfLhjCVnMjaNbnaCiTExA.crl (hash: EXHUyTI3x4LWGqNf0jKCqvaRfn+SQR7+GrwF4awNc18=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9f:19:8e:3a:91:3e:40:f2:fa:95:81:56:67:99:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Sep 7 10:00:53 2025 GMT
Not After : Sep 8 10:00:53 2025 GMT
Subject: CN=5973ed353c2faaeb612d47992446c91068325a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:50:b4:6e:2f:7a:ae:c4:d7:6f:61:6e:d5:
9d:a6:e1:7a:29:57:b5:f9:74:8b:e9:48:02:fa:d9:
65:06:16:86:f2:89:bb:41:87:30:cd:c0:1d:73:45:
19:f0:35:3d:ea:82:a2:e2:4b:77:24:0e:17:97:33:
51:ce:0b:3c:76:00:8f:82:ef:a7:4c:fb:c0:cf:54:
b9:ec:32:aa:c0:b9:8b:1e:44:e0:67:97:13:53:88:
0d:88:9d:75:6f:77:fe:bf:27:73:56:e9:ac:ba:da:
07:7c:a8:7b:92:9a:bd:8c:1e:83:07:96:74:df:05:
b4:4b:77:19:a2:ed:c4:5c:5e:16:91:0d:34:08:d3:
6a:02:d4:7b:8b:73:84:55:c0:0d:1b:82:24:bd:a6:
ac:43:71:fa:76:0e:2b:ff:95:c2:2b:1c:fe:98:8a:
38:dd:94:82:ba:b1:6f:cd:bd:6c:36:ac:aa:96:aa:
06:f1:5f:3f:b3:8d:8e:40:02:ae:85:c4:a4:da:37:
ae:3d:2f:82:dd:de:9e:a2:b2:44:c1:27:b7:0b:b4:
37:6e:b0:1d:b9:f0:51:0c:08:d7:fe:aa:dc:bc:c9:
ad:d8:80:04:bb:96:b1:a6:43:98:e8:a0:9c:57:98:
e7:00:42:11:e6:8f:46:84:58:dd:4e:b3:39:17:85:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:73:ED:35:3C:2F:AA:EB:61:2D:47:99:24:46:C9:10:68:32:5A:48
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:59:a6:17:df:0b:c6:24:0a:e7:88:c4:5b:a3:6f:61:71:b2:
00:a4:7c:99:79:d7:37:49:83:ce:1f:7a:b8:50:c0:ab:19:5f:
3d:e8:7c:d9:b3:42:1e:5e:90:34:fd:7a:bf:97:ab:8f:4f:5c:
36:37:e5:92:df:ca:8e:94:68:c4:6b:25:5a:0a:18:71:db:e9:
bf:d6:4e:1c:72:62:3d:80:ce:72:1a:a9:2c:62:43:0c:0b:bd:
b6:7a:6c:a2:42:a2:38:a0:f5:94:aa:b6:e4:60:59:0b:01:11:
15:c3:18:86:19:70:71:d2:bf:d0:21:53:5f:24:c7:a6:ce:42:
66:83:de:f7:fe:f6:55:6d:9e:aa:17:ee:14:91:32:05:71:20:
87:a2:a8:55:23:da:bd:f9:30:f6:a6:cb:6b:ca:91:ba:3e:e7:
ca:a1:a9:15:fe:0d:13:d2:c2:2b:f5:14:77:b2:2a:97:1c:6a:
19:97:b8:bd:85:e5:5b:46:cd:97:d7:a3:38:fc:09:46:78:15:
b6:a3:36:cc:3a:13:19:0c:38:55:c7:47:5b:f6:bd:0d:83:f2:
e3:fa:e8:2e:7c:b1:df:43:cd:eb:c7:c9:b5:6b:34:34:a7:73:
bc:d4:bd:26:4f:a1:ac:3a:9b:36:4f:5b:dd:f4:ea:3c:7d:f7:
aa:24:a5:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnxmOOpE+QPL6lYFWZ5msMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjUwOTA3MTAwMDUzWhcNMjUwOTA4MTAwMDUzWjAzMTEwLwYDVQQD
Eyg1OTczZWQzNTNjMmZhYWViNjEyZDQ3OTkyNDQ2YzkxMDY4MzI1YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5pQtG4veq7E129hbtWdpuF6KVe1
+XSL6UgC+tllBhaG8om7QYcwzcAdc0UZ8DU96oKi4kt3JA4XlzNRzgs8dgCPgu+n
TPvAz1S57DKqwLmLHkTgZ5cTU4gNiJ11b3f+vydzVumsutoHfKh7kpq9jB6DB5Z0
3wW0S3cZou3EXF4WkQ00CNNqAtR7i3OEVcANG4IkvaasQ3H6dg4r/5XCKxz+mIo4
3ZSCurFvzb1sNqyqlqoG8V8/s42OQAKuhcSk2jeuPS+C3d6eorJEwSe3C7Q3brAd
ufBRDAjX/qrcvMmt2IAEu5axpkOY6KCcV5jnAEIR5o9GhFjdTrM5F4VfZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlz7TU8L6rrYS1HmSRGyRBoMlpIMB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVmmF98L
xiQK54jEW6NvYXGyAKR8mXnXN0mDzh96uFDAqxlfPeh82bNCHl6QNP16v5erj09c
Njflkt/KjpRoxGslWgoYcdvpv9ZOHHJiPYDOchqpLGJDDAu9tnpsokKiOKD1lKq2
5GBZCwERFcMYhhlwcdK/0CFTXyTHps5CZoPe9/72VW2eqhfuFJEyBXEgh6KoVSPa
vfkw9qbLa8qRuj7nyqGpFf4NE9LCK/UUd7IqlxxqGZe4vYXlW0bNl9ejOPwJRngV
tqM2zDoTGQw4VcdHW/a9DYPy4/roLnyx30PN68fJtWs0NKdzvNS9Jk+hrDqbNk9b
3fTqPH33qiSllA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:42:50 2025 by rpki-client