Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
File: hbYRoLfUM0t6I5XozOew48m4OOg.mft (raw, json)
Hash identifier: JrbgWczmGSY5jgaEQ0R9/8eWwPhoHcl3pcIiRuDbCCA=
Subject key identifier: 29:F4:2A:43:38:EA:DF:FE:D3:D2:0A:F9:96:F7:61:43:F8:BC:DF:87
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 0197CBDEF4612D89D1687912D7C97C7BA7C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
Manifest number: 10C8
Signing time: Wed 02 Jul 2025 16:01:15 +0000
Manifest this update: Wed 02 Jul 2025 16:01:15 +0000
Manifest next update: Thu 03 Jul 2025 16:01:15 +0000
Files and hashes: 1: GqM4YVlqC8-erWafuFUuhTFle_c.roa (hash: i4cVcC9yh3IAaqw92giD4QCQEZ24C42b9AxtQz5mdqI=)
2: V5ey2q7KwpxyFqlUebHjJUU7ouc.roa (hash: Yxgk3WfNc3AICgrW7BBAgfdy4JGwXPs53GHlVT7wvGA=)
3: hbYRoLfUM0t6I5XozOew48m4OOg.crl (hash: aSp+guWbyJBB66IbTc5HYPtmM4qvLuPDhyCafWz986Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:de:f4:61:2d:89:d1:68:79:12:d7:c9:7c:7b:a7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: Jul 2 16:01:15 2025 GMT
Not After : Jul 3 16:01:15 2025 GMT
Subject: CN=29f42a4338eadffed3d20af996f76143f8bcdf87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e0:8a:6f:e1:82:4d:dc:98:94:b9:84:d2:0b:
ff:bf:31:18:29:03:51:5c:fb:88:45:74:bb:39:46:
36:7e:60:6a:eb:e9:b8:52:ca:a7:40:39:ac:b9:e7:
2b:56:6e:37:9f:b9:00:53:38:34:85:86:0d:62:9c:
fb:b4:53:bf:80:0a:2d:30:c4:93:dd:6b:f2:81:7e:
9c:34:70:32:ee:55:01:68:60:a0:7a:16:59:80:d7:
71:b1:af:a9:52:22:68:a1:4b:17:cd:42:5d:44:1a:
70:3d:f5:0c:64:bf:25:01:a8:08:40:44:b6:11:04:
78:27:d4:7f:69:de:0c:42:2a:bd:1c:9b:31:b1:93:
52:f4:61:c4:19:f6:66:06:6f:97:a6:d6:1e:34:0a:
9d:33:98:d3:b0:b7:da:c2:28:4c:aa:27:95:06:68:
02:02:46:b9:da:12:72:28:d7:78:a7:56:fd:8c:69:
0d:95:0c:d8:c5:a1:86:75:57:33:cc:08:bf:f7:2d:
cf:46:2e:34:cd:68:b0:95:1f:b5:43:4d:0c:ac:f5:
8a:81:aa:86:7a:5f:58:f9:1e:89:e9:9a:87:8f:fe:
9b:10:3d:e9:42:ca:fe:e0:b1:d1:03:cb:0c:81:16:
7c:58:3b:f4:fd:1a:bc:a1:23:d8:d9:60:ed:a4:51:
b6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F4:2A:43:38:EA:DF:FE:D3:D2:0A:F9:96:F7:61:43:F8:BC:DF:87
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:28:71:05:31:09:f8:3a:09:97:31:6a:86:cf:03:fc:98:25:
4a:13:4e:94:fd:c4:ed:dd:0a:7c:ef:90:d1:c7:df:eb:0b:d1:
3c:63:0c:38:7d:22:9b:ab:3c:9f:19:37:c8:8d:a6:a1:1a:bc:
23:ea:eb:06:d2:9f:c6:17:a7:15:77:8f:a0:26:2e:13:cc:47:
30:f7:37:11:d5:62:a6:81:a3:0b:d1:81:dc:c8:d5:19:7c:f7:
e9:fe:0e:79:02:78:07:cc:f3:21:2c:0b:97:e8:92:e1:8d:63:
dd:9d:d0:b8:2a:9a:23:23:1f:6c:c8:36:d1:30:56:34:05:59:
13:dc:28:b4:14:3e:5b:d9:7b:1c:df:4d:07:26:d8:a4:48:dc:
44:b7:1d:ab:89:64:73:3e:01:c2:b6:80:a7:1e:03:d3:6b:2e:
db:59:4f:b8:39:a0:2a:51:8c:72:c0:f8:7b:a8:25:78:75:26:
4a:32:21:23:04:26:52:57:6e:7e:9c:ae:ff:08:ae:45:be:c1:
78:09:ab:a0:21:8f:6d:59:36:e8:09:b5:07:0c:c2:81:5f:5c:
0f:0b:09:6e:45:d6:f8:99:a1:da:0f:76:27:b7:96:85:a0:6c:
06:cd:4b:05:cc:2a:63:27:0e:0c:f9:c2:55:ad:e8:22:1a:e9:
a7:6c:62:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL3vRhLYnRaHkS18l8e6fCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjUwNzAyMTYwMTE1WhcNMjUwNzAzMTYwMTE1WjAzMTEwLwYDVQQD
EygyOWY0MmE0MzM4ZWFkZmZlZDNkMjBhZjk5NmY3NjE0M2Y4YmNkZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuCKb+GCTdyYlLmE0gv/vzEYKQNR
XPuIRXS7OUY2fmBq6+m4UsqnQDmsuecrVm43n7kAUzg0hYYNYpz7tFO/gAotMMST
3WvygX6cNHAy7lUBaGCgehZZgNdxsa+pUiJooUsXzUJdRBpwPfUMZL8lAagIQES2
EQR4J9R/ad4MQiq9HJsxsZNS9GHEGfZmBm+XptYeNAqdM5jTsLfawihMqieVBmgC
Aka52hJyKNd4p1b9jGkNlQzYxaGGdVczzAi/9y3PRi40zWiwlR+1Q00MrPWKgaqG
el9Y+R6J6ZqHj/6bED3pQsr+4LHRA8sMgRZ8WDv0/Rq8oSPY2WDtpFG2gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCn0KkM46t/+09IK+Zb3YUP4vN+HMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeShxBTEJ
+DoJlzFqhs8D/JglShNOlP3E7d0KfO+Q0cff6wvRPGMMOH0im6s8nxk3yI2moRq8
I+rrBtKfxhenFXePoCYuE8xHMPc3EdVipoGjC9GB3MjVGXz36f4OeQJ4B8zzISwL
l+iS4Y1j3Z3QuCqaIyMfbMg20TBWNAVZE9wotBQ+W9l7HN9NBybYpEjcRLcdq4lk
cz4BwraApx4D02su21lPuDmgKlGMcsD4e6gleHUmSjIhIwQmUldufpyu/wiuRb7B
eAmroCGPbVk26Am1BwzCgV9cDwsJbkXW+Jmh2g92J7eWhaBsBs1LBcwqYycODPnC
Va3oIhrpp2xiqg==
-----END CERTIFICATE-----
Generated at Wed Jul 2 20:02:22 2025 by rpki-client