Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: T5s0EsivrYUs96jXCLbWIhSIwCQp89jrFDZOksELeQs=
Subject key identifier: F8:46:DD:C9:45:A1:B2:53:47:A8:FC:97:4A:C8:C2:38:0C:DE:E4:EB
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 0199364A106E084F29CD8BC6DDB6D56D192C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 160C
Signing time: Thu 11 Sep 2025 01:00:47 +0000
Manifest this update: Thu 11 Sep 2025 01:00:47 +0000
Manifest next update: Fri 12 Sep 2025 01:00:47 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: lWpyRMIIcv8WGZEalp8ly69UYser6dT59kMIGKirpds=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:4a:10:6e:08:4f:29:cd:8b:c6:dd:b6:d5:6d:19:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Sep 11 01:00:47 2025 GMT
Not After : Sep 12 01:00:47 2025 GMT
Subject: CN=f846ddc945a1b25347a8fc974ac8c2380cdee4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:31:fc:19:84:e6:4e:86:87:89:99:ba:67:
bb:d8:c3:84:43:b7:f5:31:1f:ed:b2:2c:34:a7:da:
fa:38:c1:b3:14:05:f7:0a:76:6c:d9:ff:74:e8:0f:
15:5d:75:cc:1d:5a:4d:da:1d:15:4c:bd:a0:43:41:
d8:cc:80:5b:3a:45:05:99:bf:3b:09:2b:1d:35:7c:
27:77:70:fd:8a:a9:7e:cf:ba:ce:fa:c5:75:15:83:
82:dc:9c:0c:94:dd:cc:0f:9f:be:3a:e4:43:a1:e8:
74:f0:ed:eb:90:f0:97:ba:28:20:fc:0c:bc:7b:6f:
da:ca:1e:59:17:22:1f:a2:93:1e:1c:4a:80:fb:b0:
bf:2c:bb:68:a1:b6:c2:b9:6c:66:f0:0b:b8:84:cf:
2e:13:b1:b5:25:ea:80:f5:29:6b:f3:d4:db:05:1d:
74:34:a6:fd:51:ce:0a:2e:69:3b:91:1f:5b:89:48:
aa:72:5a:c0:4c:4c:8b:5b:b2:5c:d6:7d:d4:f4:28:
b4:fb:44:cb:3a:e3:18:34:a8:3d:94:83:6b:9f:8d:
51:06:a1:09:c6:19:b5:27:ed:5f:98:ae:e7:f5:0f:
8f:fb:7c:3e:9e:2a:0b:a9:47:f4:b1:88:bd:c5:da:
9a:63:9c:62:dc:d9:9b:82:19:69:d6:e6:e2:cf:43:
c4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:46:DD:C9:45:A1:B2:53:47:A8:FC:97:4A:C8:C2:38:0C:DE:E4:EB
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:83:d0:66:ae:1d:12:93:74:46:59:81:82:e6:e1:b5:77:d1:
4b:f5:f5:86:38:48:72:5b:16:d0:b6:22:40:c1:42:66:5f:e5:
ca:47:01:ad:4c:40:8f:15:c9:68:d5:92:79:a6:12:22:57:cc:
10:79:8f:88:05:da:f7:48:df:a1:5e:6d:c3:c1:7b:ca:81:20:
db:26:9b:22:35:4c:11:9a:d1:f9:2f:c0:ff:f7:7f:35:cd:ac:
36:12:6f:4b:a2:00:a5:38:a8:33:27:43:33:bf:09:a8:3a:60:
06:ed:06:40:9c:49:fa:67:2c:eb:c3:12:98:71:4b:7e:cc:2d:
bf:8f:26:78:a0:d5:fe:a4:c0:f3:ee:47:2b:cd:74:30:df:b1:
72:7b:46:26:e0:fd:5f:94:5c:72:ee:5a:9a:27:4e:bb:8c:3d:
94:fd:58:59:7f:ca:d0:d2:2f:fb:6a:bd:45:20:7f:12:82:45:
d7:24:b1:0c:ae:33:64:68:23:09:6a:a7:e9:a8:a7:c2:82:c4:
a3:e9:be:97:77:e2:28:f0:cb:7c:03:f2:2f:a3:23:8a:d3:50:
cb:ad:a8:9c:12:69:c8:f3:28:58:a7:72:d6:80:88:c6:70:c2:
43:e2:60:53:09:89:f8:79:1a:c3:48:1f:5c:5d:ee:c9:8f:0d:
1f:41:85:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk2ShBuCE8pzYvG3bbVbRksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUwOTExMDEwMDQ3WhcNMjUwOTEyMDEwMDQ3WjAzMTEwLwYDVQQD
EyhmODQ2ZGRjOTQ1YTFiMjUzNDdhOGZjOTc0YWM4YzIzODBjZGVlNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoUx/BmE5k6Gh4mZume72MOEQ7f1
MR/tsiw0p9r6OMGzFAX3CnZs2f906A8VXXXMHVpN2h0VTL2gQ0HYzIBbOkUFmb87
CSsdNXwnd3D9iql+z7rO+sV1FYOC3JwMlN3MD5++OuRDoeh08O3rkPCXuigg/Ay8
e2/ayh5ZFyIfopMeHEqA+7C/LLtoobbCuWxm8Au4hM8uE7G1JeqA9Slr89TbBR10
NKb9Uc4KLmk7kR9biUiqclrATEyLW7Jc1n3U9Ci0+0TLOuMYNKg9lINrn41RBqEJ
xhm1J+1fmK7n9Q+P+3w+nioLqUf0sYi9xdqaY5xi3Nmbghlp1ubiz0PEFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhG3clFobJTR6j8l0rIwjgM3uTrMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqoPQZq4d
EpN0RlmBgubhtXfRS/X1hjhIclsW0LYiQMFCZl/lykcBrUxAjxXJaNWSeaYSIlfM
EHmPiAXa90jfoV5tw8F7yoEg2yabIjVMEZrR+S/A//d/Nc2sNhJvS6IApTioMydD
M78JqDpgBu0GQJxJ+mcs68MSmHFLfswtv48meKDV/qTA8+5HK810MN+xcntGJuD9
X5Rccu5amidOu4w9lP1YWX/K0NIv+2q9RSB/EoJF1ySxDK4zZGgjCWqn6ainwoLE
o+m+l3fiKPDLfAPyL6MjitNQy62onBJpyPMoWKdy1oCIxnDCQ+JgUwmJ+Hkaw0gf
XF3uyY8NH0GFvA==
-----END CERTIFICATE-----
Generated at Thu Sep 11 02:48:13 2025 by rpki-client