Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: rrPJtsJ3MQuiCFBC58Yx38xkq6HsGvP2nNUyQ5oOhrs=
Subject key identifier: FD:57:70:1A:22:BA:95:40:D3:A1:2E:BB:5B:2C:F5:82:96:4C:FE:14
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019A23D3190C36DAF86DB1347E02B65127B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 1687
Signing time: Mon 27 Oct 2025 04:00:28 +0000
Manifest this update: Mon 27 Oct 2025 04:00:28 +0000
Manifest next update: Tue 28 Oct 2025 04:00:28 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: YNt5T5nNvIfjppCLSS8yvWTkDfMMsebPh1ra/nwG4rk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:d3:19:0c:36:da:f8:6d:b1:34:7e:02:b6:51:27:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Oct 27 04:00:28 2025 GMT
Not After : Oct 28 04:00:28 2025 GMT
Subject: CN=fd57701a22ba9540d3a12ebb5b2cf582964cfe14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:ac:e1:6a:eb:91:25:0e:6a:b9:e3:e2:96:
35:26:af:11:01:c5:0f:8e:2f:9e:37:90:39:d1:33:
e9:73:92:24:d1:56:9b:b5:8f:39:c0:2a:54:0f:b5:
be:36:a3:43:b3:9d:4d:98:49:bd:b9:2b:69:2d:41:
bd:75:a1:8b:8b:58:85:61:24:1a:21:f4:53:fd:7d:
63:57:2b:c2:81:57:e5:23:5d:ca:38:f3:c2:fe:70:
85:39:b5:1d:c4:a6:36:e4:eb:aa:72:fd:9b:21:12:
65:a8:bc:b6:4e:69:b4:3b:28:eb:d3:05:73:19:08:
ed:20:35:20:f8:45:a8:f1:e7:1f:ea:69:04:56:5b:
aa:b8:20:ed:11:6a:55:22:00:e2:f6:56:5b:9c:64:
06:eb:53:07:c7:e2:72:6d:44:08:dd:3b:fe:a9:9f:
f9:63:6b:70:07:d0:bc:24:6e:81:e8:92:89:77:bf:
b0:be:50:bc:cf:60:45:82:8a:fb:bf:49:7f:cd:34:
29:aa:c1:b8:ce:e8:b6:c2:79:df:c0:29:0b:ad:e0:
75:63:ae:bc:cd:f9:fd:0d:1c:ef:d1:7c:ce:c1:b3:
63:7e:63:45:54:8e:d5:20:23:c2:6b:6c:82:56:49:
f9:05:3c:e5:b5:ec:6f:8d:42:9e:90:e5:0a:aa:54:
5f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:57:70:1A:22:BA:95:40:D3:A1:2E:BB:5B:2C:F5:82:96:4C:FE:14
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:fa:a3:0e:d9:73:a6:11:26:fa:8f:a7:e0:ab:5f:b3:d0:0e:
22:fb:76:ce:39:a3:12:9c:94:08:c7:f9:ef:b3:9c:e9:02:08:
27:77:ee:9d:4c:59:fe:fc:10:8d:db:99:aa:bf:33:32:a0:c2:
fa:f7:ee:85:94:47:43:8b:46:8e:af:32:82:6b:d9:73:ac:79:
6c:97:e8:64:7e:e2:5b:72:28:56:fc:70:77:4c:99:2c:db:0d:
bc:cc:18:1b:c9:63:21:3e:fe:a2:93:61:00:bc:a0:be:04:76:
6e:99:0e:35:2e:b4:5a:b2:61:8f:62:e1:0b:65:b4:82:d1:b4:
78:2a:6f:68:ae:46:e5:ab:af:48:04:11:57:dd:7c:7c:07:ad:
53:b2:c2:bf:58:7f:91:fb:3a:34:01:50:1c:90:f6:f9:d9:42:
0d:eb:4a:49:66:28:60:b7:45:39:f8:eb:42:8b:c2:fb:1a:21:
a4:0f:34:ea:aa:92:84:ea:f5:4c:55:32:8c:33:a4:4c:1e:00:
01:d0:96:37:02:6c:13:81:03:27:c3:c3:eb:3f:39:40:bd:8a:
ae:4b:15:d6:b9:f3:08:a5:30:d7:4d:9e:4c:db:10:0e:bd:e2:
98:19:d3:f5:7c:58:40:c7:42:86:fd:00:ca:0f:6c:6c:d2:bb:
fc:23:c8:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoj0xkMNtr4bbE0fgK2USe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUxMDI3MDQwMDI4WhcNMjUxMDI4MDQwMDI4WjAzMTEwLwYDVQQD
EyhmZDU3NzAxYTIyYmE5NTQwZDNhMTJlYmI1YjJjZjU4Mjk2NGNmZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDSs4WrrkSUOarnj4pY1Jq8RAcUP
ji+eN5A50TPpc5Ik0VabtY85wCpUD7W+NqNDs51NmEm9uStpLUG9daGLi1iFYSQa
IfRT/X1jVyvCgVflI13KOPPC/nCFObUdxKY25Ouqcv2bIRJlqLy2Tmm0Oyjr0wVz
GQjtIDUg+EWo8ecf6mkEVluquCDtEWpVIgDi9lZbnGQG61MHx+JybUQI3Tv+qZ/5
Y2twB9C8JG6B6JKJd7+wvlC8z2BFgor7v0l/zTQpqsG4zui2wnnfwCkLreB1Y668
zfn9DRzv0XzOwbNjfmNFVI7VICPCa2yCVkn5BTzltexvjUKekOUKqlRfAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1XcBoiupVA06Euu1ss9YKWTP4UMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/qjDtlz
phEm+o+n4Ktfs9AOIvt2zjmjEpyUCMf577Oc6QIIJ3funUxZ/vwQjduZqr8zMqDC
+vfuhZRHQ4tGjq8ygmvZc6x5bJfoZH7iW3IoVvxwd0yZLNsNvMwYG8ljIT7+opNh
ALygvgR2bpkONS60WrJhj2LhC2W0gtG0eCpvaK5G5auvSAQRV918fAetU7LCv1h/
kfs6NAFQHJD2+dlCDetKSWYoYLdFOfjrQovC+xohpA806qqShOr1TFUyjDOkTB4A
AdCWNwJsE4EDJ8PD6z85QL2KrksV1rnzCKUw102eTNsQDr3imBnT9XxYQMdChv0A
yg9sbNK7/CPIpg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:05:21 2025 by rpki-client