Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
File: 1ehYR8xEuGECJwu9do5MPOuhyYg.mft (raw, json)
Hash identifier: 4s2G6yre18xuxB/1Nw4UOR3T30cX8ncORLnYcjwZs5U=
Subject key identifier: 40:45:93:14:1B:C4:A9:30:82:13:DE:79:BB:BB:56:51:49:49:CF:09
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 0198D705AD4F3B889D1C07343079F7A5D3B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
Manifest number: 04DC
Signing time: Sat 23 Aug 2025 13:02:09 +0000
Manifest this update: Sat 23 Aug 2025 13:02:09 +0000
Manifest next update: Sun 24 Aug 2025 13:02:09 +0000
Files and hashes: 1: 1ehYR8xEuGECJwu9do5MPOuhyYg.crl (hash: EErB5Ijv7ui7PnhuwVdmVfeUlK1fhXc1vre13X4Z3ck=)
2: DTHy6RXAjA3WYCRRHO7XlxlNxP0.roa (hash: WIwE9zAwV90ldFttTq5+MPXhd1lbpoXmWHuG/jlZk1I=)
3: HP2XU4ErP340JMFJBkwhXt7RSkM.roa (hash: jqU/k+IA4J2nUGc2ePon/4S6+Kq7gFeDjcwyWdzFAK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:05:ad:4f:3b:88:9d:1c:07:34:30:79:f7:a5:d3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: Aug 23 13:02:09 2025 GMT
Not After : Aug 24 13:02:09 2025 GMT
Subject: CN=404593141bc4a9308213de79bbbb56514949cf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:91:f6:7b:c9:3d:d5:23:f6:ee:6a:b2:07:73:
60:f1:f7:35:fd:4a:43:9b:f2:09:20:ea:e7:0a:f5:
d4:55:c9:19:2c:66:31:4d:b1:10:0c:1b:2f:37:90:
e2:02:c1:02:ca:bc:f2:28:bd:cc:da:ff:cb:4c:ff:
5c:93:bb:6b:ee:03:ea:58:24:33:1c:8f:07:e8:bb:
f0:1f:08:c0:70:a5:17:2e:7b:78:ac:3a:61:14:18:
ec:0d:c4:77:31:d5:a4:78:f5:0f:53:aa:27:22:1e:
1e:01:17:cb:d7:3e:cb:8a:0c:95:b1:4b:fd:69:dd:
19:19:3e:08:20:19:ca:0a:fe:ab:f4:66:cb:15:53:
26:15:76:86:35:4f:b6:cd:0a:61:66:b1:31:3c:9d:
bf:62:82:75:05:90:27:f9:c3:48:ca:54:de:60:42:
dc:b3:fa:b5:aa:0e:84:16:7f:21:b1:da:83:23:e0:
38:7c:71:ee:3f:0c:24:8f:48:d5:06:44:71:ff:7a:
87:2e:56:cf:62:d6:53:91:84:36:d7:2d:6d:c5:0f:
1e:2f:2b:f4:86:50:93:bb:a7:d6:29:78:28:a5:9b:
a1:0a:9b:ca:80:ce:a3:dd:4c:e8:17:cf:88:7d:1e:
66:25:8b:2e:48:4d:fd:1f:af:0b:b2:bc:80:e7:fc:
87:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:45:93:14:1B:C4:A9:30:82:13:DE:79:BB:BB:56:51:49:49:CF:09
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:0d:c0:11:89:3d:81:e7:e3:f0:ec:e1:65:64:f8:80:65:fa:
bb:ff:14:18:73:67:fb:ca:12:ed:e3:e3:e6:ea:51:89:28:b5:
8e:48:21:8c:8f:1b:a9:36:ed:61:bd:f0:eb:e9:9e:7d:0b:4a:
f4:20:11:59:c9:d3:df:21:37:6d:37:ed:49:ff:7c:47:fe:eb:
51:c3:47:34:ec:fd:66:ba:e5:fc:97:83:4c:01:ed:a9:6a:8d:
85:89:42:a3:f2:7a:14:38:28:49:74:ca:ba:90:e6:c6:38:a0:
25:cc:d0:2a:08:5f:60:af:6f:14:2b:c9:cd:e0:d7:13:2b:7e:
61:e2:ae:a0:f8:04:64:ea:27:e8:46:b9:9a:01:2e:58:4c:9d:
39:58:0e:55:59:3e:9a:53:1d:63:fb:44:ab:d4:a9:09:4e:27:
01:47:33:e6:69:86:3c:a8:11:cc:a4:16:e9:99:3d:fa:4c:a2:
1b:b5:3d:68:7c:a2:fc:bc:8b:aa:b4:ad:c5:1f:5b:49:e2:92:
d6:97:75:d1:ba:22:fc:57:5b:7d:f2:14:4a:a9:4e:d0:87:ae:
6d:43:1f:5e:5e:45:ef:28:76:ee:ae:bd:3a:55:21:fb:37:b6:
77:eb:aa:6d:55:44:33:c6:b6:86:b0:3c:43:a0:01:68:93:06:
f4:37:4d:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBa1PO4idHAc0MHn3pdO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjUwODIzMTMwMjA5WhcNMjUwODI0MTMwMjA5WjAzMTEwLwYDVQQD
Eyg0MDQ1OTMxNDFiYzRhOTMwODIxM2RlNzliYmJiNTY1MTQ5NDljZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZH2e8k91SP27mqyB3Ng8fc1/UpD
m/IJIOrnCvXUVckZLGYxTbEQDBsvN5DiAsECyrzyKL3M2v/LTP9ck7tr7gPqWCQz
HI8H6LvwHwjAcKUXLnt4rDphFBjsDcR3MdWkePUPU6onIh4eARfL1z7LigyVsUv9
ad0ZGT4IIBnKCv6r9GbLFVMmFXaGNU+2zQphZrExPJ2/YoJ1BZAn+cNIylTeYELc
s/q1qg6EFn8hsdqDI+A4fHHuPwwkj0jVBkRx/3qHLlbPYtZTkYQ21y1txQ8eLyv0
hlCTu6fWKXgopZuhCpvKgM6j3UzoF8+IfR5mJYsuSE39H68LsryA5/yHtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBFkxQbxKkwghPeebu7VlFJSc8JMB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQ3AEYk9
gefj8OzhZWT4gGX6u/8UGHNn+8oS7ePj5upRiSi1jkghjI8bqTbtYb3w6+mefQtK
9CARWcnT3yE3bTftSf98R/7rUcNHNOz9Zrrl/JeDTAHtqWqNhYlCo/J6FDgoSXTK
upDmxjigJczQKghfYK9vFCvJzeDXEyt+YeKuoPgEZOon6Ea5mgEuWEydOVgOVVk+
mlMdY/tEq9SpCU4nAUcz5mmGPKgRzKQW6Zk9+kyiG7U9aHyi/LyLqrStxR9bSeKS
1pd10boi/FdbffIUSqlO0IeubUMfXl5F7yh27q69OlUh+ze2d+uqbVVEM8a2hrA8
Q6ABaJMG9DdNHQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:22:43 2025 by rpki-client