Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
File: hKafxWiJTLOYXt7yIha9mZdN4lE.mft (raw, json)
Hash identifier: 9ZiWEoqfaIoV7kius2+Jq04geKCU4ox1bMgw82ZaMec=
Subject key identifier: 02:6A:82:8B:01:AF:7A:52:34:39:B2:F9:4C:9E:E5:55:88:0C:1A:B6
Authority key identifier: 84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
Certificate issuer: /CN=84a69fc568894cb3985edef22216bd99974de251
Certificate serial: 0197B82102D11A1BA95E2518472E772FD829
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
Manifest number: 127F
Signing time: Sat 28 Jun 2025 20:01:00 +0000
Manifest this update: Sat 28 Jun 2025 20:01:00 +0000
Manifest next update: Sun 29 Jun 2025 20:01:00 +0000
Files and hashes: 1: gTuMJj4zNk4inmWeuwHt2oopg5M.roa (hash: zopPOsMBU8dt9Dr0i+LUD1TPbnQUzJ4uDKxUzfrnRiY=)
2: hKafxWiJTLOYXt7yIha9mZdN4lE.crl (hash: nUwN4Sg/D/xT5bDoIThHmrB7aceDkthnVybuwpLo350=)
3: rnwY-7oYw6V-trqxlfGxfeIKZIY.roa (hash: Yep0/R2aV0HSvC5J3JSqbOslIcQ/KKdPdI5bChqi8Qg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:21:02:d1:1a:1b:a9:5e:25:18:47:2e:77:2f:d8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a69fc568894cb3985edef22216bd99974de251
Validity
Not Before: Jun 28 20:01:00 2025 GMT
Not After : Jun 29 20:01:00 2025 GMT
Subject: CN=026a828b01af7a523439b2f94c9ee555880c1ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:53:1c:89:c7:83:2c:c4:73:a7:63:73:4a:c2:
4c:ab:93:4a:6e:1d:fa:75:06:01:06:ac:8c:53:1d:
a9:b3:48:81:1a:33:35:e8:4e:ad:a3:c8:45:e3:6d:
75:71:b2:3b:3a:75:ba:57:c5:3d:28:9d:8d:8e:eb:
29:0e:71:db:20:5e:bb:0d:4f:08:05:c3:35:69:50:
4b:ae:1d:01:e4:92:6d:cf:2f:f9:b6:e6:f0:17:30:
fb:d2:c2:6f:cb:71:4d:3c:3d:83:d7:b1:44:fe:14:
4e:37:c1:09:fc:f6:80:6d:5b:77:67:e5:a9:75:09:
11:cd:7c:a5:00:c6:30:1f:2e:05:8d:0e:60:65:a7:
92:73:45:8a:14:55:45:ed:28:44:53:69:cc:61:63:
dc:55:e8:6b:59:4d:a6:cc:2d:9b:46:67:45:7b:b2:
81:01:33:e1:02:b2:8d:a4:13:ba:0f:50:be:a7:da:
2e:2f:fe:ff:a4:23:49:fb:d3:4b:e6:30:09:fe:a0:
7a:c8:67:82:44:34:87:ed:c0:b1:49:c7:0e:61:99:
52:71:ba:04:4b:49:c0:b9:12:76:20:01:6d:2b:03:
5e:cf:b6:47:49:42:f1:17:6e:df:ab:f7:ec:e9:bf:
52:4d:cf:c3:90:5f:e4:21:36:04:cd:be:9f:95:1d:
ad:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6A:82:8B:01:AF:7A:52:34:39:B2:F9:4C:9E:E5:55:88:0C:1A:B6
X509v3 Authority Key Identifier:
keyid:84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:62:d1:de:fe:c2:e3:65:b9:df:4e:c1:47:51:77:8a:18:02:
f0:02:ed:1b:36:72:ed:34:bc:49:f1:8e:7e:5b:73:04:b3:5c:
98:dc:08:b1:a5:8c:33:ca:78:9d:77:33:29:5a:ae:ac:26:64:
d0:1f:8b:e9:21:ff:b6:15:b7:0d:b8:b1:97:96:52:0b:5c:cf:
51:a2:94:70:ca:af:43:f1:fd:3a:34:22:7e:db:50:53:1c:80:
2b:14:97:14:39:a2:ec:16:b5:5a:c7:42:ea:54:2f:0c:a0:d3:
d9:e8:d5:c9:4d:95:d1:bb:58:1a:b8:1d:6e:cc:85:27:6d:18:
a3:92:38:be:b7:fd:69:ea:7b:44:34:40:6e:52:43:00:20:c1:
77:7f:cd:d1:65:f2:10:2b:5d:93:76:53:77:53:56:0c:8e:3c:
83:2b:2c:e5:95:ab:49:c6:a5:fb:bb:01:f6:06:01:ac:f1:74:
48:6e:41:db:12:b5:40:72:a0:57:84:b2:0f:59:4d:46:95:08:
55:ad:4e:54:80:61:e8:a5:1f:23:24:53:ce:87:53:7a:52:9f:
45:58:b5:dc:a8:ed:c7:ef:6e:94:3b:17:23:7d:1f:88:ee:c2:
2b:4a:26:45:93:e7:00:4e:79:ad:0f:09:dc:9c:7c:47:a0:84:
79:d9:a5:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IQLRGhupXiUYRy53L9gpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YTY5ZmM1Njg4OTRjYjM5ODVlZGVmMjIyMTZiZDk5OTc0
ZGUyNTEwHhcNMjUwNjI4MjAwMTAwWhcNMjUwNjI5MjAwMTAwWjAzMTEwLwYDVQQD
EygwMjZhODI4YjAxYWY3YTUyMzQzOWIyZjk0YzllZTU1NTg4MGMxYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1MciceDLMRzp2NzSsJMq5NKbh36
dQYBBqyMUx2ps0iBGjM16E6to8hF4211cbI7OnW6V8U9KJ2NjuspDnHbIF67DU8I
BcM1aVBLrh0B5JJtzy/5tubwFzD70sJvy3FNPD2D17FE/hRON8EJ/PaAbVt3Z+Wp
dQkRzXylAMYwHy4FjQ5gZaeSc0WKFFVF7ShEU2nMYWPcVehrWU2mzC2bRmdFe7KB
ATPhArKNpBO6D1C+p9ouL/7/pCNJ+9NL5jAJ/qB6yGeCRDSH7cCxSccOYZlScboE
S0nAuRJ2IAFtKwNez7ZHSULxF27fq/fs6b9STc/DkF/kITYEzb6flR2tcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJqgosBr3pSNDmy+Uye5VWIDBq2MB8GA1UdIwQY
MBaAFISmn8VoiUyzmF7e8iIWvZmXTeJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEt
NDM3ZmU1MGJiNGY3LzEvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEtNDM3ZmU1MGJiNGY3
LzEvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGLR3v7C
42W5307BR1F3ihgC8ALtGzZy7TS8SfGOfltzBLNcmNwIsaWMM8p4nXczKVqurCZk
0B+L6SH/thW3Dbixl5ZSC1zPUaKUcMqvQ/H9OjQifttQUxyAKxSXFDmi7Ba1WsdC
6lQvDKDT2ejVyU2V0btYGrgdbsyFJ20Yo5I4vrf9aep7RDRAblJDACDBd3/N0WXy
ECtdk3ZTd1NWDI48gyss5ZWrScal+7sB9gYBrPF0SG5B2xK1QHKgV4SyD1lNRpUI
Va1OVIBh6KUfIyRTzodTelKfRVi13Kjtx+9ulDsXI30fiO7CK0omRZPnAE55rQ8J
3Jx8R6CEedml6Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:28:07 2025 by rpki-client