Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: /ta1lUW0k6sPOquXVBe4saljKfCmvQ51BxGfCVi2KSg=
Subject key identifier: 3F:52:F5:1C:F9:33:45:FD:65:46:54:90:DF:E7:C7:AC:9C:B5:45:DF
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0198D5836C7A4B872E5497BB1A8870CEC81F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 164D
Signing time: Sat 23 Aug 2025 06:00:16 +0000
Manifest this update: Sat 23 Aug 2025 06:00:16 +0000
Manifest next update: Sun 24 Aug 2025 06:00:16 +0000
Files and hashes: 1: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (hash: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: Lff55PDC5fD1p8b6O7rIAtO11RfCCDLpRVJ+yyiRBZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:6c:7a:4b:87:2e:54:97:bb:1a:88:70:ce:c8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Aug 23 06:00:16 2025 GMT
Not After : Aug 24 06:00:16 2025 GMT
Subject: CN=3f52f51cf93345fd65465490dfe7c7ac9cb545df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:39:79:62:ac:fc:85:db:67:59:47:4d:ba:0a:
85:3d:75:dd:9d:f2:03:b8:f5:5c:2a:24:b9:6f:b6:
da:19:36:c3:ed:f6:32:9e:d8:d3:e7:6f:99:45:4f:
57:c4:16:fb:02:27:9d:5d:4b:45:95:fa:cb:53:c5:
43:25:1b:ea:a9:1d:ab:3f:34:b4:ed:8a:88:75:16:
b5:91:89:eb:a5:74:c0:39:bf:b6:94:fd:b1:cf:71:
f0:5c:68:6f:0a:ed:5a:ba:13:bd:7e:b3:26:85:e6:
98:10:12:ce:39:93:07:cf:31:78:2b:ac:25:29:43:
d2:df:5a:fb:fb:5c:02:7d:95:93:68:17:f4:c1:05:
85:1f:09:5a:98:ab:46:2d:35:4d:06:99:52:ed:a3:
9f:c3:1b:64:71:3e:02:0d:2e:80:51:49:8d:76:fc:
3d:e6:48:20:d6:a8:f5:ae:d7:53:84:8f:c2:7a:79:
18:98:b2:b3:69:41:36:4c:63:ab:32:4b:3a:4e:dd:
60:c5:ae:d2:c6:eb:91:06:c6:53:dd:9f:db:6b:1c:
5e:bc:c7:02:d4:cf:5d:94:e2:8d:70:ae:50:b2:4c:
c5:43:8f:9d:1f:cc:c1:48:34:a8:53:78:20:08:64:
5f:7b:18:40:05:3b:35:f1:68:2d:dc:7d:d7:c6:e3:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:52:F5:1C:F9:33:45:FD:65:46:54:90:DF:E7:C7:AC:9C:B5:45:DF
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:a1:9e:b4:fa:45:06:44:71:2c:f1:63:87:65:09:c1:e0:23:
70:ca:ce:ad:9c:c0:18:a8:9b:ad:8c:87:3d:bb:7b:5f:9f:6e:
ed:c3:7c:94:9b:88:34:43:16:01:33:3b:69:35:0e:44:86:78:
66:ca:62:3c:19:5b:22:69:6c:98:c6:85:a4:db:9e:fa:c5:4d:
11:89:3f:16:98:6f:2d:a4:f9:85:4a:38:e4:b3:16:79:a2:d2:
c1:7a:78:71:c6:4c:b5:5f:2d:74:60:81:16:2c:1a:f5:c6:b2:
9e:19:f3:28:37:fb:43:98:b5:29:d7:79:65:1f:14:c0:3c:eb:
79:22:f3:64:5c:83:2d:8d:d3:77:d2:c5:e1:66:44:47:67:41:
c3:64:89:90:65:0b:9c:8a:03:02:75:b9:e2:de:d7:5f:94:26:
2f:a5:8c:27:2a:12:f2:02:d8:3f:15:e1:b9:7a:49:8a:52:d8:
f9:5c:f4:e1:cb:64:31:1b:a0:e5:07:fa:a1:fd:11:20:95:5b:
1e:73:ad:00:39:60:62:d9:6d:00:d9:d1:90:24:d5:f2:b3:79:
91:80:d5:c3:f5:9e:c8:83:b5:d1:90:b8:02:6e:da:18:af:a7:
42:51:a1:da:b1:d7:4d:f3:12:ac:c1:63:26:78:2d:6e:c0:6a:
5e:c5:7f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg2x6S4cuVJe7GohwzsgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUwODIzMDYwMDE2WhcNMjUwODI0MDYwMDE2WjAzMTEwLwYDVQQD
EygzZjUyZjUxY2Y5MzM0NWZkNjU0NjU0OTBkZmU3YzdhYzljYjU0NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDl5Yqz8hdtnWUdNugqFPXXdnfID
uPVcKiS5b7baGTbD7fYyntjT52+ZRU9XxBb7AiedXUtFlfrLU8VDJRvqqR2rPzS0
7YqIdRa1kYnrpXTAOb+2lP2xz3HwXGhvCu1auhO9frMmheaYEBLOOZMHzzF4K6wl
KUPS31r7+1wCfZWTaBf0wQWFHwlamKtGLTVNBplS7aOfwxtkcT4CDS6AUUmNdvw9
5kgg1qj1rtdThI/CenkYmLKzaUE2TGOrMks6Tt1gxa7SxuuRBsZT3Z/baxxevMcC
1M9dlOKNcK5QskzFQ4+dH8zBSDSoU3ggCGRfexhABTs18Wgt3H3XxuOS6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9S9Rz5M0X9ZUZUkN/nx6yctUXfMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbKGetPpF
BkRxLPFjh2UJweAjcMrOrZzAGKibrYyHPbt7X59u7cN8lJuINEMWATM7aTUORIZ4
ZspiPBlbImlsmMaFpNue+sVNEYk/FphvLaT5hUo45LMWeaLSwXp4ccZMtV8tdGCB
Fiwa9caynhnzKDf7Q5i1Kdd5ZR8UwDzreSLzZFyDLY3Td9LF4WZER2dBw2SJkGUL
nIoDAnW54t7XX5QmL6WMJyoS8gLYPxXhuXpJilLY+Vz04ctkMRug5Qf6of0RIJVb
HnOtADlgYtltANnRkCTV8rN5kYDVw/WeyIO10ZC4Am7aGK+nQlGh2rHXTfMSrMFj
JngtbsBqXsV/JQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:36:49 2025 by rpki-client