Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
File: HjXAaowG1d1k_nawkKPh4qSZbcg.mft (raw, json)
Hash identifier: X4+6joapIixPtvV5VqOeE2aMSsKi/iXOL+rUE3pVAyE=
Subject key identifier: 49:92:AF:22:F2:1C:06:33:AC:F1:30:38:EA:CE:3B:84:42:DB:F6:57
Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Certificate serial: 019936134BAD7396E831C71E053D5E2407F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
Manifest number: 167D
Signing time: Thu 11 Sep 2025 00:00:58 +0000
Manifest this update: Thu 11 Sep 2025 00:00:58 +0000
Manifest next update: Fri 12 Sep 2025 00:00:58 +0000
Files and hashes: 1: HjXAaowG1d1k_nawkKPh4qSZbcg.crl (hash: 36u0ErS8uzr07XKH2up+bNnrNBsbA1GO+M7RqAr8lDs=)
2: R12AgdneGd4IinauuD2IQCzaNdo.roa (hash: 0Vf4DfoprRpqIbS3viTk0elhBi8JnCMTTU8OHnzZBdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:36:13:4b:ad:73:96:e8:31:c7:1e:05:3d:5e:24:07:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Validity
Not Before: Sep 11 00:00:58 2025 GMT
Not After : Sep 12 00:00:58 2025 GMT
Subject: CN=4992af22f21c0633acf13038eace3b8442dbf657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cc:54:9b:37:11:e5:c6:32:61:28:7d:a0:3b:
0a:10:75:22:c2:ec:8f:4d:73:18:08:8f:37:f4:0f:
d8:85:18:84:d6:4c:e9:a2:35:29:38:5c:74:fc:9e:
97:9c:00:20:86:49:2c:6d:50:5b:43:14:43:c4:56:
09:4d:69:fa:63:09:34:9c:53:dc:df:6d:ff:e3:02:
40:86:1c:a5:72:36:61:47:ff:ce:20:81:af:06:ae:
12:08:f7:c4:8a:b8:08:e5:ee:59:f6:9e:64:9e:ab:
11:75:94:13:e4:51:b5:40:fd:a2:fa:b5:8f:fa:bd:
e3:e7:29:d3:4c:ec:ea:fe:9b:ec:3a:a1:3f:2a:20:
2f:d7:8d:3d:69:f2:91:af:61:d0:78:88:04:39:ed:
4f:b3:7c:1d:6e:4f:4a:1b:72:51:d0:8d:2f:41:f8:
52:f7:7d:a5:41:05:42:54:c4:d5:f7:42:a1:5b:c8:
e3:c6:b2:39:98:5e:b4:19:cb:e6:27:22:44:6a:71:
88:a9:06:1d:ee:3a:6b:aa:b4:5a:7e:01:a6:e0:44:
b9:43:06:b8:a8:8b:de:57:66:ee:ba:5a:2a:e6:80:
a0:0e:0c:47:eb:ba:da:47:70:29:bd:d3:54:b9:da:
06:bc:e7:ae:d5:fb:c3:c5:ee:84:45:86:2d:db:3e:
de:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:92:AF:22:F2:1C:06:33:AC:F1:30:38:EA:CE:3B:84:42:DB:F6:57
X509v3 Authority Key Identifier:
keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:2f:18:f9:aa:1c:e3:12:14:87:4f:d3:36:1b:9f:e4:c5:18:
67:96:74:98:fc:bb:23:3b:89:4d:89:55:8b:7f:e5:a1:95:cc:
dd:53:9d:5b:13:8b:cf:d0:2c:1a:e3:e2:b1:ac:ae:c1:b0:ac:
88:34:a3:56:57:62:88:90:b2:ad:d5:7b:85:78:a2:c9:53:b5:
bf:54:d4:13:b7:08:d9:6d:ed:d5:dd:ee:31:a0:67:b7:e5:bd:
0d:9d:37:71:01:76:60:71:47:1c:26:ee:53:f5:ee:e4:0e:fe:
06:7a:ee:e7:d3:40:62:e2:a9:92:2b:03:16:0c:5b:22:83:be:
b7:a5:8c:ab:b1:79:4e:1a:31:8b:65:77:39:2b:4a:5c:c9:65:
61:83:d8:77:65:2e:82:ff:16:f2:a9:de:16:31:57:c5:e5:c4:
a5:81:1d:08:67:39:c5:d3:c4:82:d2:fc:b2:3c:e6:16:75:97:
7c:ca:4a:52:e6:ec:7e:6e:56:e3:e5:6b:e3:86:22:cd:e2:d4:
47:d2:7b:e3:9b:00:1e:56:9c:f1:0c:dd:f7:cc:0c:d1:80:db:
d7:01:0e:36:f5:05:96:c4:41:19:22:37:fe:07:1c:0f:0b:6d:
5d:62:9c:69:5e:b3:6a:a9:18:50:aa:e0:83:fd:4c:f5:82:7e:
77:1a:35:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk2E0utc5boMcceBT1eJAfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5
OTZkYzgwHhcNMjUwOTExMDAwMDU4WhcNMjUwOTEyMDAwMDU4WjAzMTEwLwYDVQQD
Eyg0OTkyYWYyMmYyMWMwNjMzYWNmMTMwMzhlYWNlM2I4NDQyZGJmNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38xUmzcR5cYyYSh9oDsKEHUiwuyP
TXMYCI839A/YhRiE1kzpojUpOFx0/J6XnAAghkksbVBbQxRDxFYJTWn6Ywk0nFPc
323/4wJAhhylcjZhR//OIIGvBq4SCPfEirgI5e5Z9p5knqsRdZQT5FG1QP2i+rWP
+r3j5ynTTOzq/pvsOqE/KiAv1409afKRr2HQeIgEOe1Ps3wdbk9KG3JR0I0vQfhS
932lQQVCVMTV90KhW8jjxrI5mF60GcvmJyJEanGIqQYd7jprqrRafgGm4ES5Qwa4
qIveV2buuloq5oCgDgxH67raR3ApvdNUudoGvOeu1fvDxe6ERYYt2z7eiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmSryLyHAYzrPEwOOrOO4RC2/ZXMB8GA1UdIwQY
MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt
OWI1ZDc2YTk0OWY0LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0
LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApC8Y+aoc
4xIUh0/TNhuf5MUYZ5Z0mPy7IzuJTYlVi3/loZXM3VOdWxOLz9AsGuPisayuwbCs
iDSjVldiiJCyrdV7hXiiyVO1v1TUE7cI2W3t1d3uMaBnt+W9DZ03cQF2YHFHHCbu
U/Xu5A7+Bnru59NAYuKpkisDFgxbIoO+t6WMq7F5Thoxi2V3OStKXMllYYPYd2Uu
gv8W8qneFjFXxeXEpYEdCGc5xdPEgtL8sjzmFnWXfMpKUubsfm5W4+Vr44YizeLU
R9J745sAHlac8Qzd98wM0YDb1wEONvUFlsRBGSI3/gccDwttXWKcaV6zaqkYUKrg
g/1M9YJ+dxo1Ow==
-----END CERTIFICATE-----
Generated at Thu Sep 11 07:51:04 2025 by rpki-client