Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: cjU6XN+GL4hFTegB5ntQbYPpY/uvB0sygvkdH4r3Iys=
Subject key identifier: 89:62:BA:2F:CC:20:B8:1B:F5:95:A3:4A:98:97:C3:09:87:DE:1C:6D
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019749D62B26827654D3216312243C9EC31A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 150D
Signing time: Sat 07 Jun 2025 10:01:01 +0000
Manifest this update: Sat 07 Jun 2025 10:01:01 +0000
Manifest next update: Sun 08 Jun 2025 10:01:01 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: xVBSEEnF1+npoh4+4IIKqlmiALg1JgZVu+q56y6BRvw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:d6:2b:26:82:76:54:d3:21:63:12:24:3c:9e:c3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Jun 7 10:01:01 2025 GMT
Not After : Jun 8 10:01:01 2025 GMT
Subject: CN=8962ba2fcc20b81bf595a34a9897c30987de1c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:86:f8:4f:46:4f:81:38:eb:55:59:ee:b8:df:
10:d1:81:a9:84:8a:29:33:59:68:3d:08:1f:53:f6:
63:e1:d2:bd:c7:31:28:ea:43:23:1d:22:83:fc:55:
b7:ae:65:10:c5:ad:ab:2f:3c:24:07:42:12:05:92:
92:66:b9:47:15:b3:bb:92:ee:ca:33:3b:3a:9e:c3:
fa:65:b7:da:ec:c4:66:54:c1:15:1c:6e:1e:2b:57:
99:90:97:88:42:6f:55:72:23:59:f6:9c:93:e4:4f:
2d:34:55:e4:88:c2:8b:cb:57:08:d8:97:70:39:d3:
a6:80:e1:77:54:a8:d5:b4:e3:ef:03:4c:f1:ef:60:
39:0e:8d:c8:a6:8b:75:69:82:ba:63:ae:03:a1:41:
db:81:b4:e6:e1:e0:b3:de:bc:f1:76:57:d1:ab:3b:
a2:bb:26:97:35:f0:e1:45:c5:b5:87:0f:b4:b3:2d:
ff:d7:5d:b4:ce:51:e3:ce:16:bb:45:c5:20:72:f9:
38:06:ae:83:93:c9:c8:2f:ff:c1:bd:a3:d4:16:fc:
63:71:8a:6b:67:5a:e8:33:f9:6d:5a:a3:28:8a:da:
b1:11:be:d0:8d:63:87:ed:37:1f:e6:9b:76:db:0a:
2c:1d:52:26:fb:3e:8c:84:f8:48:86:88:bb:12:db:
2a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:62:BA:2F:CC:20:B8:1B:F5:95:A3:4A:98:97:C3:09:87:DE:1C:6D
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:59:37:a9:34:7a:17:76:86:eb:4f:27:0a:83:04:8b:46:6b:
5a:50:e8:01:7f:fe:22:d0:31:db:aa:e0:0b:15:98:a1:99:16:
dd:bd:03:1b:4a:ca:9a:c5:95:63:e4:86:80:6d:56:f6:34:56:
94:48:fa:07:f1:41:1b:3e:a8:cf:5d:64:0a:66:0d:88:63:da:
7c:e7:55:b6:cc:91:71:5b:97:7d:62:c3:cf:0f:d2:8a:d2:31:
1f:1f:f4:e4:27:7b:30:94:31:02:12:43:46:6c:ab:70:ae:0e:
87:e4:6f:9e:da:00:29:31:bc:be:49:95:58:96:f0:ab:dc:13:
10:e1:25:8c:0d:d0:78:e1:60:7e:2c:c7:14:dc:05:81:79:23:
4e:f2:96:22:28:a9:5b:e9:ad:6a:f4:79:30:8c:c4:5f:c3:4e:
04:a1:71:c9:fe:1d:d3:35:93:e5:da:46:1f:81:28:8d:bc:14:
95:59:f9:58:62:59:d7:ce:33:64:4b:f6:b8:c9:b8:5c:c7:6a:
40:ca:56:64:e3:10:ad:02:08:3d:11:a6:0b:c3:0a:c9:04:bb:
59:eb:2c:8c:86:e6:9e:1c:0b:34:ba:14:0d:68:c0:60:6e:03:
a6:93:3a:b5:5c:26:ce:72:60:1e:71:56:2b:59:30:06:19:2a:
03:5d:46:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1ismgnZU0yFjEiQ8nsMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUwNjA3MTAwMTAxWhcNMjUwNjA4MTAwMTAxWjAzMTEwLwYDVQQD
Eyg4OTYyYmEyZmNjMjBiODFiZjU5NWEzNGE5ODk3YzMwOTg3ZGUxYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzob4T0ZPgTjrVVnuuN8Q0YGphIop
M1loPQgfU/Zj4dK9xzEo6kMjHSKD/FW3rmUQxa2rLzwkB0ISBZKSZrlHFbO7ku7K
Mzs6nsP6Zbfa7MRmVMEVHG4eK1eZkJeIQm9VciNZ9pyT5E8tNFXkiMKLy1cI2Jdw
OdOmgOF3VKjVtOPvA0zx72A5Do3Ipot1aYK6Y64DoUHbgbTm4eCz3rzxdlfRqzui
uyaXNfDhRcW1hw+0sy3/1120zlHjzha7RcUgcvk4Bq6Dk8nIL//BvaPUFvxjcYpr
Z1roM/ltWqMoitqxEb7QjWOH7Tcf5pt22wosHVIm+z6MhPhIhoi7EtsqbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIliui/MILgb9ZWjSpiXwwmH3hxtMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhlk3qTR6
F3aG608nCoMEi0ZrWlDoAX/+ItAx26rgCxWYoZkW3b0DG0rKmsWVY+SGgG1W9jRW
lEj6B/FBGz6oz11kCmYNiGPafOdVtsyRcVuXfWLDzw/SitIxHx/05Cd7MJQxAhJD
RmyrcK4Oh+RvntoAKTG8vkmVWJbwq9wTEOEljA3QeOFgfizHFNwFgXkjTvKWIiip
W+mtavR5MIzEX8NOBKFxyf4d0zWT5dpGH4EojbwUlVn5WGJZ184zZEv2uMm4XMdq
QMpWZOMQrQIIPRGmC8MKyQS7WessjIbmnhwLNLoUDWjAYG4DppM6tVwmznJgHnFW
K1kwBhkqA11GVg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:16:26 2025 by rpki-client