Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: 9zm4S3MhvN/ZAstq4hlS+gc4yamY7jijrjLIvVs4f+E=
Subject key identifier: 95:C6:85:99:F2:BB:F0:AD:32:0D:DF:9E:FB:EA:34:79:1B:C8:6C:A2
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 0197C6818A4FE10B6CCDC93EC68EACDE2807
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 15BE
Signing time: Tue 01 Jul 2025 15:01:07 +0000
Manifest this update: Tue 01 Jul 2025 15:01:07 +0000
Manifest next update: Wed 02 Jul 2025 15:01:07 +0000
Files and hashes: 1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: ffvDA2+VWteR2XTcM/V15fj6s/vU6ecnatGg+oe6qO0=)
2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 15:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:81:8a:4f:e1:0b:6c:cd:c9:3e:c6:8e:ac:de:28:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jul 1 15:01:07 2025 GMT
Not After : Jul 2 15:01:07 2025 GMT
Subject: CN=95c68599f2bbf0ad320ddf9efbea34791bc86ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:56:cd:f3:b3:32:be:30:1f:bb:4d:f4:dd:69:
59:24:16:0a:16:b4:88:26:b8:a5:5e:51:61:3d:96:
25:18:e9:2a:11:59:9c:09:ce:4d:d9:1e:a4:6c:b9:
ed:3d:54:ea:34:b6:39:f3:3c:45:41:b8:d5:a7:06:
85:df:34:34:39:3a:75:be:92:c8:a6:0f:66:ec:36:
cc:e6:c2:ac:74:67:75:b4:b7:f7:67:66:d2:52:7c:
a0:ed:a9:65:fd:2e:c0:14:47:0a:4c:97:61:dc:5c:
d2:45:fe:ef:b9:95:52:a1:20:1a:0f:1c:81:8a:89:
a8:f4:16:79:90:41:b1:00:41:8c:93:fd:95:d2:79:
7e:07:33:90:e8:9b:a4:82:a4:e2:ec:99:d7:15:91:
51:12:7b:fe:34:81:f7:34:a4:f7:86:8a:b0:e9:d2:
bf:27:59:a2:d1:91:73:e4:31:37:d2:35:8b:9b:f2:
be:2c:ed:a8:db:20:63:d9:73:07:4d:35:34:a9:6d:
07:b3:65:20:e0:e5:2a:bc:d4:47:6f:98:af:9e:7e:
ed:88:5f:b2:43:c1:17:b8:52:10:63:1c:7b:07:3b:
83:3c:6c:18:7b:cf:35:4d:7d:d4:b2:76:66:44:fe:
2c:a9:59:26:9e:8b:d1:93:fb:9e:1f:1b:34:8f:0c:
d9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C6:85:99:F2:BB:F0:AD:32:0D:DF:9E:FB:EA:34:79:1B:C8:6C:A2
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:cb:18:4e:81:b5:da:e2:b8:a4:ef:93:34:30:99:f1:fb:c6:
77:a8:bf:c6:57:f1:02:24:fa:e6:2e:4a:e2:55:9d:ad:44:fb:
3c:37:99:be:eb:bc:3c:af:be:8d:48:29:6c:f9:10:6e:4d:b2:
25:01:a1:1d:92:2b:0d:76:bb:6b:aa:cf:94:32:f2:bb:15:0b:
91:a6:11:f9:64:48:fe:69:df:cd:81:82:b3:26:49:bc:27:e1:
4a:96:63:2e:02:41:96:92:21:ca:1a:f7:cd:c2:68:f2:12:83:
35:38:01:6c:f7:70:f8:ca:d5:8b:15:00:a6:89:04:32:5c:ad:
3b:c5:74:25:ff:22:b2:56:c6:ae:fe:3c:a4:a7:d0:3f:f1:2e:
4e:f5:cd:6b:9e:70:3b:4b:91:19:6b:78:68:b1:4d:19:0d:44:
6d:0b:9a:75:6e:a4:41:f0:03:e2:26:1a:0c:74:d7:8d:f9:ff:
2d:6f:ac:15:b4:b7:c4:a6:4b:ea:62:ae:d6:2d:80:83:6c:13:
a5:93:14:3b:70:1d:8d:a7:a0:6f:8c:43:3f:9a:07:5c:b2:c2:
dc:c5:fb:b7:05:05:a9:6c:9c:51:40:66:3d:8a:0d:da:fd:da:
20:8e:64:d2:fb:fe:8a:32:b6:e0:c9:29:ee:f3:18:12:cb:7c:
0a:8d:de:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGgYpP4Qtszck+xo6s3igHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUwNzAxMTUwMTA3WhcNMjUwNzAyMTUwMTA3WjAzMTEwLwYDVQQD
Eyg5NWM2ODU5OWYyYmJmMGFkMzIwZGRmOWVmYmVhMzQ3OTFiYzg2Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FbN87MyvjAfu0303WlZJBYKFrSI
JrilXlFhPZYlGOkqEVmcCc5N2R6kbLntPVTqNLY58zxFQbjVpwaF3zQ0OTp1vpLI
pg9m7DbM5sKsdGd1tLf3Z2bSUnyg7all/S7AFEcKTJdh3FzSRf7vuZVSoSAaDxyB
iomo9BZ5kEGxAEGMk/2V0nl+BzOQ6JukgqTi7JnXFZFREnv+NIH3NKT3hoqw6dK/
J1mi0ZFz5DE30jWLm/K+LO2o2yBj2XMHTTU0qW0Hs2Ug4OUqvNRHb5ivnn7tiF+y
Q8EXuFIQYxx7BzuDPGwYe881TX3UsnZmRP4sqVkmnovRk/ueHxs0jwzZ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXGhZnyu/CtMg3fnvvqNHkbyGyiMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQMsYToG1
2uK4pO+TNDCZ8fvGd6i/xlfxAiT65i5K4lWdrUT7PDeZvuu8PK++jUgpbPkQbk2y
JQGhHZIrDXa7a6rPlDLyuxULkaYR+WRI/mnfzYGCsyZJvCfhSpZjLgJBlpIhyhr3
zcJo8hKDNTgBbPdw+MrVixUApokEMlytO8V0Jf8islbGrv48pKfQP/EuTvXNa55w
O0uRGWt4aLFNGQ1EbQuadW6kQfAD4iYaDHTXjfn/LW+sFbS3xKZL6mKu1i2Ag2wT
pZMUO3Adjaegb4xDP5oHXLLC3MX7twUFqWycUUBmPYoN2v3aII5k0vv+ijK24Mkp
7vMYEst8Co3eQA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:06:22 2025 by rpki-client