Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: l/M0K0t9ge0EjmJDX0A5IF5fZWpIr7QshS57yhMxoRo=
Subject key identifier: FB:7C:18:4F:A2:46:44:FE:8E:80:9F:A6:4E:C8:1D:6A:2E:2C:0A:55
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 01992330D30D861531D35B48521116773B8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: 0135
Signing time: Sun 07 Sep 2025 08:00:26 +0000
Manifest this update: Sun 07 Sep 2025 08:00:26 +0000
Manifest next update: Mon 08 Sep 2025 08:00:26 +0000
Files and hashes: 1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=)
2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: ImrBuxJNUhAjnq0KklGP5xRxVKM7B0hUnO0avWTuQ9k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:30:d3:0d:86:15:31:d3:5b:48:52:11:16:77:3b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Sep 7 08:00:26 2025 GMT
Not After : Sep 8 08:00:26 2025 GMT
Subject: CN=fb7c184fa24644fe8e809fa64ec81d6a2e2c0a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:30:c7:78:c3:e6:11:a8:c5:7f:7e:be:ed:2c:
a6:3a:14:02:d5:ac:c8:14:3f:54:44:8a:d2:35:f8:
e7:d7:37:e3:51:83:c3:3d:94:ef:f4:86:4f:35:da:
bd:7b:92:d1:23:6b:e2:de:5b:89:63:e5:28:d8:aa:
1a:af:9f:8a:f0:15:8c:c8:f8:2f:ce:11:f9:bb:ea:
ac:9f:89:cc:d9:de:d4:dd:3d:91:06:27:54:42:b8:
c6:a2:8d:3c:11:a8:3b:53:76:62:38:eb:4b:59:9c:
68:21:80:f1:29:23:4d:be:8d:e0:8a:18:d8:21:55:
fb:3e:5f:c0:bf:97:c9:ad:21:38:3f:84:69:8f:fa:
b0:1e:c5:01:84:98:e4:fa:07:5d:29:6b:78:88:da:
5e:3f:60:f6:02:3d:67:47:21:d9:e1:fd:7f:9f:d5:
1a:1a:c4:28:31:09:d4:75:da:84:d6:a8:ab:b2:58:
a3:90:b7:07:86:f9:63:55:55:1b:04:96:64:be:79:
76:96:01:74:a0:35:21:fb:7d:10:56:04:07:9c:89:
7d:78:cc:fe:f6:5d:ca:bc:36:6d:b3:c5:09:01:14:
dd:45:7b:1d:a1:96:5b:76:eb:c9:a7:dd:10:d3:5c:
fe:54:99:26:77:ca:e0:4e:b7:30:29:83:60:fa:c9:
fb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:7C:18:4F:A2:46:44:FE:8E:80:9F:A6:4E:C8:1D:6A:2E:2C:0A:55
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:78:9c:04:44:7c:b4:e5:af:40:21:e2:5e:1b:ad:6d:74:9b:
bf:7b:f4:17:3b:a5:a1:e1:46:9d:e2:55:9d:5e:72:92:e5:1d:
0f:96:a3:db:5d:7e:ff:2f:97:11:fd:f5:77:f6:36:13:08:be:
f8:6c:a0:b0:c8:22:4b:32:f2:cb:7c:37:83:0b:20:8d:8f:2d:
8e:85:57:0e:ed:ce:ac:9e:66:21:c4:67:b2:8b:c9:6c:06:2d:
0e:f9:90:52:d2:a3:b1:73:7d:ba:e9:c1:8d:df:2b:a5:91:58:
17:9b:4e:1b:fd:aa:87:e2:e2:e1:28:9f:56:05:2e:1a:d0:cf:
89:c8:d0:67:e3:c6:2f:53:57:2b:a5:d2:fb:4f:48:de:d3:ee:
79:00:18:27:52:50:66:7f:ce:18:6b:27:70:10:08:46:8c:40:
30:89:e7:f2:7f:ff:77:dd:33:c6:46:c5:ef:3f:c9:5d:ff:16:
e5:ea:cb:45:85:e5:6e:44:2b:f5:ee:d3:4b:8e:d3:df:43:48:
12:60:cc:12:fa:d6:9f:01:6a:c3:57:d0:e9:77:df:e2:76:0e:
71:a7:12:ec:01:e5:b3:ae:84:45:53:92:9d:cf:5f:fe:0e:d9:
af:c9:ca:22:5b:1a:8e:7d:1b:42:ec:71:03:d7:c5:07:05:c1:
86:f5:c6:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMNMNhhUx01tIUhEWdzuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjUwOTA3MDgwMDI2WhcNMjUwOTA4MDgwMDI2WjAzMTEwLwYDVQQD
EyhmYjdjMTg0ZmEyNDY0NGZlOGU4MDlmYTY0ZWM4MWQ2YTJlMmMwYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zDHeMPmEajFf36+7SymOhQC1azI
FD9URIrSNfjn1zfjUYPDPZTv9IZPNdq9e5LRI2vi3luJY+Uo2Koar5+K8BWMyPgv
zhH5u+qsn4nM2d7U3T2RBidUQrjGoo08Eag7U3ZiOOtLWZxoIYDxKSNNvo3gihjY
IVX7Pl/Av5fJrSE4P4Rpj/qwHsUBhJjk+gddKWt4iNpeP2D2Aj1nRyHZ4f1/n9Ua
GsQoMQnUddqE1qirslijkLcHhvljVVUbBJZkvnl2lgF0oDUh+30QVgQHnIl9eMz+
9l3KvDZts8UJARTdRXsdoZZbduvJp90Q01z+VJkmd8rgTrcwKYNg+sn7iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPt8GE+iRkT+joCfpk7IHWouLApVMB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXicBER8
tOWvQCHiXhutbXSbv3v0FzuloeFGneJVnV5ykuUdD5aj211+/y+XEf31d/Y2Ewi+
+GygsMgiSzLyy3w3gwsgjY8tjoVXDu3OrJ5mIcRnsovJbAYtDvmQUtKjsXN9uunB
jd8rpZFYF5tOG/2qh+Li4SifVgUuGtDPicjQZ+PGL1NXK6XS+09I3tPueQAYJ1JQ
Zn/OGGsncBAIRoxAMInn8n//d90zxkbF7z/JXf8W5erLRYXlbkQr9e7TS47T30NI
EmDMEvrWnwFqw1fQ6Xff4nYOcacS7AHls66ERVOSnc9f/g7Zr8nKIlsajn0bQuxx
A9fFBwXBhvXGhg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:46:46 2025 by rpki-client