Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: OGK85QYB1tuF6ijg2Yl7sr+V8JKEeyfw2J3BnjTsaFo=
Subject key identifier: 10:57:95:11:96:2F:63:97:7A:44:F8:CC:EC:8D:74:B0:C5:17:09:76
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 0197B632BF6F38A904C49BE7A74CFA5815D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: 78
Signing time: Sat 28 Jun 2025 11:01:08 +0000
Manifest this update: Sat 28 Jun 2025 11:01:08 +0000
Manifest next update: Sun 29 Jun 2025 11:01:08 +0000
Files and hashes: 1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=)
2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: UHl67mhnnZC0pFnibab9R4vHJzmq+45vttbVKGdQldQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:bf:6f:38:a9:04:c4:9b:e7:a7:4c:fa:58:15:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Jun 28 11:01:08 2025 GMT
Not After : Jun 29 11:01:08 2025 GMT
Subject: CN=10579511962f63977a44f8ccec8d74b0c5170976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7d:66:08:b2:d1:64:16:b9:5d:a1:3e:d4:4c:
8f:b3:32:75:0e:a4:be:0f:62:a9:fd:39:c3:49:b7:
c5:f6:67:80:8b:30:20:56:be:8e:e1:3b:26:74:57:
d7:6c:8b:68:f7:be:65:61:ab:38:6f:04:27:f1:74:
76:a4:a0:de:c8:d1:96:d1:a6:cd:58:87:a7:52:2a:
77:1d:bc:51:f9:1b:f9:f2:f4:ec:fc:cd:b8:cc:17:
eb:f5:6f:c3:01:7f:cf:27:73:39:f5:87:fa:e4:f7:
ba:90:cf:82:e7:22:4c:84:cf:54:7d:b8:fb:96:71:
1e:5b:fe:d5:ce:f6:8b:6b:fc:25:9a:20:c8:1b:2e:
21:9b:cf:e1:a2:93:ad:68:df:b5:bd:09:f0:03:ae:
ac:35:39:02:59:3a:f2:45:fa:20:07:c1:89:47:2b:
41:a1:b5:be:81:dd:e4:75:bd:04:e9:a1:aa:59:59:
e0:9c:ec:f7:83:0a:d3:2b:0b:bc:e4:52:f1:5e:a9:
4f:78:05:cc:8d:59:5a:bb:a4:01:08:79:9a:4d:c1:
84:2b:3c:c7:1b:40:02:f2:96:4b:85:12:26:fc:16:
5d:ef:0f:10:47:15:03:92:1c:53:2d:09:84:ed:3b:
4c:46:13:e1:68:b4:5d:11:62:0c:86:cb:ac:f1:6f:
d4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:57:95:11:96:2F:63:97:7A:44:F8:CC:EC:8D:74:B0:C5:17:09:76
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:ec:5a:fc:ca:75:50:7c:6a:bc:30:7f:f6:83:c1:c1:9b:d1:
5a:2e:4e:ed:a2:d3:d4:b0:db:f7:85:3d:62:66:fa:c8:87:5f:
ff:ee:87:95:cd:5e:cd:c4:e1:cc:be:fd:b1:84:60:39:e8:44:
23:ca:74:de:69:3d:b8:ae:53:00:0d:a4:11:79:1d:d0:36:a5:
b4:a2:b0:94:bf:36:9c:89:8f:b2:ec:bd:e1:94:ad:be:3c:99:
0e:5d:f9:85:73:12:8c:3f:68:5a:bc:d0:ee:7d:29:35:9a:c3:
d7:8d:e2:9d:76:aa:8f:28:78:fd:4a:73:e5:ef:db:78:66:11:
d3:86:2c:81:fc:1a:65:9c:3f:ea:6e:19:06:7f:d8:85:72:88:
83:40:6f:5b:6e:d4:bd:bc:a7:3e:ce:9c:cf:06:1b:e7:0b:99:
8e:2c:de:f7:b3:61:90:60:3c:18:85:fb:4a:3f:c5:f1:76:69:
27:c8:97:0a:e7:af:af:f0:18:07:87:d5:1c:ce:98:07:18:e0:
51:a5:c3:ba:3b:ab:48:dd:f4:0c:ee:07:4b:a8:c1:af:9c:85:
7e:3b:b0:35:d6:e0:4b:8a:cb:e5:03:64:ea:87:9f:73:50:92:
31:6e:46:da:9e:dc:4c:17:8e:c1:62:1d:a5:21:96:9f:85:5d:
6a:64:66:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2Mr9vOKkExJvnp0z6WBXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjUwNjI4MTEwMTA4WhcNMjUwNjI5MTEwMTA4WjAzMTEwLwYDVQQD
EygxMDU3OTUxMTk2MmY2Mzk3N2E0NGY4Y2NlYzhkNzRiMGM1MTcwOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu31mCLLRZBa5XaE+1EyPszJ1DqS+
D2Kp/TnDSbfF9meAizAgVr6O4TsmdFfXbIto975lYas4bwQn8XR2pKDeyNGW0abN
WIenUip3HbxR+Rv58vTs/M24zBfr9W/DAX/PJ3M59Yf65Pe6kM+C5yJMhM9Ufbj7
lnEeW/7VzvaLa/wlmiDIGy4hm8/hopOtaN+1vQnwA66sNTkCWTryRfogB8GJRytB
obW+gd3kdb0E6aGqWVngnOz3gwrTKwu85FLxXqlPeAXMjVlau6QBCHmaTcGEKzzH
G0AC8pZLhRIm/BZd7w8QRxUDkhxTLQmE7TtMRhPhaLRdEWIMhsus8W/UfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBXlRGWL2OXekT4zOyNdLDFFwl2MB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOxa/Mp1
UHxqvDB/9oPBwZvRWi5O7aLT1LDb94U9Ymb6yIdf/+6Hlc1ezcThzL79sYRgOehE
I8p03mk9uK5TAA2kEXkd0DaltKKwlL82nImPsuy94ZStvjyZDl35hXMSjD9oWrzQ
7n0pNZrD143inXaqjyh4/Upz5e/beGYR04YsgfwaZZw/6m4ZBn/YhXKIg0BvW27U
vbynPs6czwYb5wuZjize97NhkGA8GIX7Sj/F8XZpJ8iXCuevr/AYB4fVHM6YBxjg
UaXDujurSN30DO4HS6jBr5yFfjuwNdbgS4rL5QNk6oefc1CSMW5G2p7cTBeOwWId
pSGWn4VdamRmow==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:23:33 2025 by rpki-client