Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
File: hbYRoLfUM0t6I5XozOew48m4OOg.mft (raw, json)
Hash identifier: ZMHdhUNNij2j9eY3/vu7dyFfBjmehb+eJNlk1mKW49o=
Subject key identifier: BA:42:9C:BC:70:72:45:B0:8D:F0:C6:9E:91:71:D6:17:65:57:98:30
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 01976D06A10405328CCECC56E0F785AD7820
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
Manifest number: 1097
Signing time: Sat 14 Jun 2025 06:00:40 +0000
Manifest this update: Sat 14 Jun 2025 06:00:40 +0000
Manifest next update: Sun 15 Jun 2025 06:00:40 +0000
Files and hashes: 1: GqM4YVlqC8-erWafuFUuhTFle_c.roa (hash: i4cVcC9yh3IAaqw92giD4QCQEZ24C42b9AxtQz5mdqI=)
2: V5ey2q7KwpxyFqlUebHjJUU7ouc.roa (hash: Yxgk3WfNc3AICgrW7BBAgfdy4JGwXPs53GHlVT7wvGA=)
3: hbYRoLfUM0t6I5XozOew48m4OOg.crl (hash: pF1R4fpLtSR74dEa/MHKnFXMTlsLBRlWw8wLRwuwfRU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:06:a1:04:05:32:8c:ce:cc:56:e0:f7:85:ad:78:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: Jun 14 06:00:40 2025 GMT
Not After : Jun 15 06:00:40 2025 GMT
Subject: CN=ba429cbc707245b08df0c69e9171d61765579830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6d:7a:93:87:51:b1:a3:b4:84:20:03:ac:1b:
06:a3:dc:b1:8e:6e:fe:93:46:5d:2d:2b:62:a1:5a:
dd:0b:1e:7a:9e:d0:bc:ce:d6:35:22:85:fb:09:27:
7d:96:ae:51:cc:3b:17:fb:30:7a:e9:de:ac:1e:45:
bd:8d:68:16:b0:74:e7:bb:84:d6:b3:77:6a:27:a9:
e5:96:eb:6c:f5:cc:5a:47:67:4b:c5:6f:77:e4:59:
59:03:e0:b0:49:78:aa:94:1c:21:b4:80:09:38:f4:
7e:f2:28:c2:a1:58:22:4c:dc:69:fe:ba:21:1d:7f:
97:bd:06:12:70:42:0e:48:d2:69:96:b8:58:bc:13:
78:0e:82:8f:3b:4f:d0:55:4c:6d:cb:30:99:88:93:
62:3a:9d:e3:44:3c:46:1c:d7:da:52:57:51:42:ac:
ad:49:83:66:3f:28:d3:8e:1b:ca:25:b8:dc:02:01:
42:09:ed:a4:9d:06:07:c6:18:64:7b:4e:39:ee:b6:
f7:45:df:26:f0:bd:72:a7:2f:0b:e5:2b:dc:88:4b:
03:2a:e2:54:16:d2:33:41:34:b0:81:02:7d:a5:6a:
50:e9:ad:31:6f:45:c6:15:65:22:18:18:96:3f:64:
99:1b:5f:5e:3e:a9:11:03:f0:e1:25:10:31:13:3b:
f4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:42:9C:BC:70:72:45:B0:8D:F0:C6:9E:91:71:D6:17:65:57:98:30
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:b8:a6:ac:80:e5:58:22:68:a0:04:7c:5f:77:1a:d4:ac:c3:
25:30:ab:97:ad:16:7b:3f:1e:61:0a:80:63:49:22:68:7b:64:
bf:61:93:92:67:92:0a:49:0b:ed:e4:39:74:ef:e9:65:11:b0:
ae:9a:75:a5:23:c7:ce:79:02:31:76:b5:06:a9:28:7d:76:d9:
5f:c1:cb:82:76:af:8a:ca:67:a1:a1:0d:fe:fd:4c:c6:c9:24:
99:f1:cf:16:22:49:8a:4b:c0:f1:d5:fa:f9:e2:02:39:71:09:
fa:6f:e9:96:c0:9f:cf:22:2c:2d:21:f1:0b:14:89:47:57:b1:
54:9c:47:ee:f5:b0:0e:f1:ed:67:a2:6c:83:98:98:61:1a:6a:
1e:f8:b4:05:d4:16:0f:2d:d3:59:75:23:a7:6c:63:bf:60:5a:
f5:a9:aa:05:08:d4:24:65:4d:b6:24:77:de:24:61:91:0b:ee:
12:c2:0e:9e:09:49:24:b7:58:fe:9d:d0:9d:dd:be:e7:4c:19:
16:6d:07:02:c3:09:9c:45:20:95:ba:6e:9b:f3:dc:2c:4d:1a:
c0:73:0e:be:aa:3e:07:f8:06:a1:73:14:0e:72:2b:a5:ea:67:
80:e8:f1:97:74:6c:bf:1c:53:b8:26:17:b8:04:35:55:00:3b:
eb:e1:3e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBqEEBTKMzsxW4PeFrXggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjUwNjE0MDYwMDQwWhcNMjUwNjE1MDYwMDQwWjAzMTEwLwYDVQQD
EyhiYTQyOWNiYzcwNzI0NWIwOGRmMGM2OWU5MTcxZDYxNzY1NTc5ODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm16k4dRsaO0hCADrBsGo9yxjm7+
k0ZdLStioVrdCx56ntC8ztY1IoX7CSd9lq5RzDsX+zB66d6sHkW9jWgWsHTnu4TW
s3dqJ6nlluts9cxaR2dLxW935FlZA+CwSXiqlBwhtIAJOPR+8ijCoVgiTNxp/roh
HX+XvQYScEIOSNJplrhYvBN4DoKPO0/QVUxtyzCZiJNiOp3jRDxGHNfaUldRQqyt
SYNmPyjTjhvKJbjcAgFCCe2knQYHxhhke0457rb3Rd8m8L1ypy8L5SvciEsDKuJU
FtIzQTSwgQJ9pWpQ6a0xb0XGFWUiGBiWP2SZG19ePqkRA/DhJRAxEzv0tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpCnLxwckWwjfDGnpFx1hdlV5gwMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7imrIDl
WCJooAR8X3ca1KzDJTCrl60Wez8eYQqAY0kiaHtkv2GTkmeSCkkL7eQ5dO/pZRGw
rpp1pSPHznkCMXa1BqkofXbZX8HLgnavispnoaEN/v1MxskkmfHPFiJJikvA8dX6
+eICOXEJ+m/plsCfzyIsLSHxCxSJR1exVJxH7vWwDvHtZ6Jsg5iYYRpqHvi0BdQW
Dy3TWXUjp2xjv2Ba9amqBQjUJGVNtiR33iRhkQvuEsIOnglJJLdY/p3Qnd2+50wZ
Fm0HAsMJnEUglbpum/PcLE0awHMOvqo+B/gGoXMUDnIrpepngOjxl3RsvxxTuCYX
uAQ1VQA76+E+Kw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 08:27:51 2025 by rpki-client