Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: y5xhwPeYKJee+qHHbsH1u4It+nwtndDgGWBoJ4NwdLk=
Subject key identifier: 0E:3D:08:FE:EC:5F:4A:96:66:C9:CC:B8:57:75:0C:BD:F8:38:48:5D
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0197C538095062AB3CD81828B2451A771074
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 15C0
Signing time: Tue 01 Jul 2025 09:01:13 +0000
Manifest this update: Tue 01 Jul 2025 09:01:13 +0000
Manifest next update: Wed 02 Jul 2025 09:01:13 +0000
Files and hashes: 1: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (hash: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: h8ihbDWxMnRvpBP6ChtWEak8aIFiQT8L7E+rchAUlIU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:38:09:50:62:ab:3c:d8:18:28:b2:45:1a:77:10:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jul 1 09:01:13 2025 GMT
Not After : Jul 2 09:01:13 2025 GMT
Subject: CN=0e3d08feec5f4a9666c9ccb857750cbdf838485d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:17:f8:c9:36:29:63:49:de:c4:e9:aa:e9:
a0:64:ea:4a:c3:f6:2d:a6:dc:fb:85:f7:81:97:6e:
4c:b2:f4:06:47:5d:3c:c1:d1:e0:34:cc:6d:87:18:
14:7c:b2:dd:1e:2c:e8:8b:f0:f4:cd:f4:3d:5f:97:
9c:b4:e6:d6:07:5d:bf:66:d4:6b:aa:ed:36:c2:64:
ec:ec:03:2d:d7:5a:4e:78:fb:0a:98:bb:6c:5b:b5:
ec:3f:79:e0:8f:8f:db:a4:d7:54:f5:81:f4:5c:8b:
22:b2:ae:f5:20:1e:16:c6:87:8e:22:6d:bb:9b:ad:
ae:43:df:10:4d:9c:8d:84:04:69:68:28:3a:27:8e:
5a:de:44:2f:d2:dd:33:69:03:8e:5d:ac:d8:d2:90:
d5:83:82:c9:43:19:25:d5:6e:1a:82:57:01:ec:b5:
17:26:df:9e:21:58:e3:7c:37:3a:dd:ba:45:e3:53:
b1:ac:e9:c5:07:bc:72:8b:67:fd:40:59:db:15:8c:
03:5a:43:08:45:ce:0f:9b:d4:37:c1:f6:bb:68:27:
e0:1f:2b:26:47:cb:71:8d:88:d4:d6:a5:79:e9:be:
a4:4b:a0:1b:12:88:15:d6:0b:7c:f5:17:54:ae:eb:
be:e4:bf:d3:7f:2f:24:73:e6:e8:12:63:0d:48:8a:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3D:08:FE:EC:5F:4A:96:66:C9:CC:B8:57:75:0C:BD:F8:38:48:5D
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:88:8d:4d:d2:b9:62:b5:53:1c:5e:48:2f:c5:10:3d:95:fe:
8b:3e:7a:ac:ac:52:e1:e0:4f:26:67:d4:e3:ca:ea:8e:d2:29:
11:4e:4e:0c:50:e6:49:98:c1:6b:b9:54:b3:da:e3:ea:46:9c:
6e:9c:00:67:32:09:7c:38:e5:11:ac:f5:fb:e0:bd:6a:9e:2e:
67:ed:29:6b:34:58:47:c7:08:5d:c2:f2:0f:56:4f:17:51:e5:
b1:7a:76:31:2f:4c:f7:29:a0:1a:f6:9d:14:62:3c:fa:d8:bb:
81:59:e1:03:a5:a4:ac:24:76:97:81:9d:86:dd:df:ec:87:73:
74:72:14:82:70:58:15:13:44:6b:bd:ba:4b:51:76:29:72:7e:
4e:84:20:b8:19:e0:96:2c:82:07:32:15:41:0c:5c:05:a2:18:
3f:47:6c:3a:4c:6a:c0:07:ac:e5:51:1d:c7:67:20:b6:e7:bf:
eb:e2:b9:2f:29:63:c8:e4:c4:e8:dd:04:f6:8a:9b:8c:8b:7f:
c5:49:8f:0f:47:2f:d5:93:f6:88:df:2b:c5:a7:cd:f7:a2:cd:
2a:df:7f:4e:d4:f3:aa:85:db:6a:0f:78:c0:ac:97:9a:9d:e3:
ae:90:95:e3:b5:62:8b:29:2c:d3:67:c2:b9:ae:d0:6b:76:16:
79:6e:6a:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfFOAlQYqs82BgoskUadxB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUwNzAxMDkwMTEzWhcNMjUwNzAyMDkwMTEzWjAzMTEwLwYDVQQD
EygwZTNkMDhmZWVjNWY0YTk2NjZjOWNjYjg1Nzc1MGNiZGY4Mzg0ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphkX+Mk2KWNJ3sTpqumgZOpKw/Yt
ptz7hfeBl25MsvQGR108wdHgNMxthxgUfLLdHizoi/D0zfQ9X5ectObWB12/ZtRr
qu02wmTs7AMt11pOePsKmLtsW7XsP3ngj4/bpNdU9YH0XIsisq71IB4WxoeOIm27
m62uQ98QTZyNhARpaCg6J45a3kQv0t0zaQOOXazY0pDVg4LJQxkl1W4aglcB7LUX
Jt+eIVjjfDc63bpF41OxrOnFB7xyi2f9QFnbFYwDWkMIRc4Pm9Q3wfa7aCfgHysm
R8txjYjU1qV56b6kS6AbEogV1gt89RdUruu+5L/Tfy8kc+boEmMNSIqDdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA49CP7sX0qWZsnMuFd1DL34OEhdMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsoiNTdK5
YrVTHF5IL8UQPZX+iz56rKxS4eBPJmfU48rqjtIpEU5ODFDmSZjBa7lUs9rj6kac
bpwAZzIJfDjlEaz1++C9ap4uZ+0pazRYR8cIXcLyD1ZPF1HlsXp2MS9M9ymgGvad
FGI8+ti7gVnhA6WkrCR2l4Gdht3f7IdzdHIUgnBYFRNEa726S1F2KXJ+ToQguBng
liyCBzIVQQxcBaIYP0dsOkxqwAes5VEdx2cgtue/6+K5LyljyOTE6N0E9oqbjIt/
xUmPD0cv1ZP2iN8rxafN96LNKt9/TtTzqoXbag94wKyXmp3jrpCV47Viiyks02fC
ua7Qa3YWeW5qDw==
-----END CERTIFICATE-----
Generated at Tue Jul 1 12:30:59 2025 by rpki-client