Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: dNZD2+1IeqcjeQSsHmFRp2qEKm47nPzRQ3IHkC4T9Vc=
Subject key identifier: 06:FC:36:67:4A:12:EE:EA:EA:FB:58:7D:6D:C1:6B:07:D6:06:1C:63
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 0198D65F642BEB403E3BD0E202F28E38B577
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 0940
Signing time: Sat 23 Aug 2025 10:00:32 +0000
Manifest this update: Sat 23 Aug 2025 10:00:32 +0000
Manifest next update: Sun 24 Aug 2025 10:00:32 +0000
Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=)
2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: DTOZjSrlxZN9YIH4nY/tDTGnUTxSNtOc+w65v5m6mPw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:5f:64:2b:eb:40:3e:3b:d0:e2:02:f2:8e:38:b5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Aug 23 10:00:32 2025 GMT
Not After : Aug 24 10:00:32 2025 GMT
Subject: CN=06fc36674a12eeeaeafb587d6dc16b07d6061c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d9:92:4c:e0:8e:f5:55:40:f4:a7:df:e4:f8:
00:e0:08:3e:e2:cd:22:1b:fd:7b:ce:9d:d5:ed:45:
64:08:6b:bc:eb:2a:f2:42:e2:18:83:7d:4a:7f:9c:
34:46:f2:fc:0a:57:36:be:d0:4f:fa:23:56:c4:06:
c6:2e:35:4a:5f:24:89:25:f0:ab:13:1e:a7:d8:03:
83:80:18:1b:3b:ae:dd:07:f5:8d:84:19:65:94:3a:
ae:e4:ad:51:76:ac:7a:e8:b1:31:82:5b:c4:4a:71:
5f:fe:4e:4b:58:24:ac:0f:48:95:a9:75:70:13:5e:
2c:df:90:ec:00:9c:68:44:b6:9d:cf:19:ba:df:4f:
b3:9e:7f:0c:b6:83:13:a7:6d:39:76:d5:bd:15:e4:
70:50:23:f9:60:d8:24:6c:2f:6b:84:4d:4c:41:45:
21:5f:08:eb:d8:e8:b3:39:3d:d1:48:0f:39:15:a7:
41:d3:1d:84:af:2d:8b:62:8e:2b:11:a7:7c:d8:8d:
48:57:04:a7:6f:dd:84:ee:e3:75:6e:d8:34:cd:67:
a7:32:50:30:37:81:4a:f5:ee:1d:f9:7b:f5:cc:c4:
36:09:31:a7:11:52:18:50:f3:9b:c9:cc:c0:6c:39:
7f:b4:c1:51:be:6a:c4:fa:41:21:a3:14:71:84:c8:
64:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FC:36:67:4A:12:EE:EA:EA:FB:58:7D:6D:C1:6B:07:D6:06:1C:63
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:ad:4f:4c:33:74:aa:bd:af:10:e3:f2:05:f7:e4:71:00:ac:
6b:6e:3b:d9:76:31:bb:c2:ce:d9:60:ca:0e:31:f0:71:bf:ef:
c2:16:d4:49:bf:9e:60:07:91:49:2d:d2:d8:b2:0c:36:f7:a2:
e3:4f:ef:0f:aa:73:0c:c2:b7:cb:7b:d8:5d:33:7c:1b:5c:50:
e7:f1:79:97:9f:81:f5:ab:a3:1e:04:ff:ce:31:e6:3c:c0:dd:
c7:2c:6c:cc:28:a4:2a:3d:b4:79:d6:b2:fd:45:ff:5a:d5:b0:
ff:1f:b5:09:c6:ce:c5:d6:53:28:6e:cc:06:96:c2:b7:a7:19:
43:35:fc:c0:27:59:e4:30:7b:20:3d:f5:ed:62:09:20:0c:b1:
5c:ca:fa:9e:78:f6:43:de:2c:7a:d6:8d:85:1b:46:ad:42:c3:
76:b4:ee:a2:4d:45:a0:62:fa:8c:46:97:61:3b:28:ac:1f:19:
57:02:9d:e9:20:d1:2c:61:93:e4:1f:b5:db:d9:ac:5a:47:33:
6d:a2:71:16:d2:4d:9f:88:75:df:d3:03:6d:0e:ee:6d:c2:43:
b8:1e:7c:e9:f2:1b:26:a8:26:e4:75:09:22:e7:e0:ad:95:3a:
70:12:a5:79:6d:b8:65:8f:de:d3:95:fc:36:2c:e7:48:e4:03:
e2:d5:93:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX2Qr60A+O9DiAvKOOLV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjUwODIzMTAwMDMyWhcNMjUwODI0MTAwMDMyWjAzMTEwLwYDVQQD
EygwNmZjMzY2NzRhMTJlZWVhZWFmYjU4N2Q2ZGMxNmIwN2Q2MDYxYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dmSTOCO9VVA9Kff5PgA4Ag+4s0i
G/17zp3V7UVkCGu86yryQuIYg31Kf5w0RvL8Clc2vtBP+iNWxAbGLjVKXySJJfCr
Ex6n2AODgBgbO67dB/WNhBlllDqu5K1Rdqx66LExglvESnFf/k5LWCSsD0iVqXVw
E14s35DsAJxoRLadzxm630+znn8MtoMTp205dtW9FeRwUCP5YNgkbC9rhE1MQUUh
Xwjr2OizOT3RSA85FadB0x2Ery2LYo4rEad82I1IVwSnb92E7uN1btg0zWenMlAw
N4FK9e4d+Xv1zMQ2CTGnEVIYUPObyczAbDl/tMFRvmrE+kEhoxRxhMhkIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAb8NmdKEu7q6vtYfW3BawfWBhxjMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg61PTDN0
qr2vEOPyBffkcQCsa2472XYxu8LO2WDKDjHwcb/vwhbUSb+eYAeRSS3S2LIMNvei
40/vD6pzDMK3y3vYXTN8G1xQ5/F5l5+B9aujHgT/zjHmPMDdxyxszCikKj20eday
/UX/WtWw/x+1CcbOxdZTKG7MBpbCt6cZQzX8wCdZ5DB7ID317WIJIAyxXMr6nnj2
Q94setaNhRtGrULDdrTuok1FoGL6jEaXYTsorB8ZVwKd6SDRLGGT5B+129msWkcz
baJxFtJNn4h139MDbQ7ubcJDuB586fIbJqgm5HUJIufgrZU6cBKleW24ZY/e05X8
NiznSOQD4tWTfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:14:19 2025 by rpki-client