
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: W5RqZ64zCjugX8FxzXKWYHBfZEVN91JnfyfQcX477N4=
Subject key identifier: DF:05:2B:98:A3:16:EA:B5:08:21:B8:F3:86:AF:0E:25:AD:E8:61:31
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 0199FB7CF5DA21D1436C47B7E32E82D62775
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: 01A5
Signing time: Sun 19 Oct 2025 08:01:34 +0000
Manifest this update: Sun 19 Oct 2025 08:01:34 +0000
Manifest next update: Mon 20 Oct 2025 08:01:34 +0000
Files and hashes: 1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=)
2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: 6hYm4yzlHRSLjZ4IHu3O7+tXtCx5m5ziLCdxPXCoGU8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:f5:da:21:d1:43:6c:47:b7:e3:2e:82:d6:27:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Oct 19 08:01:34 2025 GMT
Not After : Oct 20 08:01:34 2025 GMT
Subject: CN=df052b98a316eab50821b8f386af0e25ade86131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:4a:4d:71:83:70:ec:ec:80:79:db:db:4e:
d4:b8:77:44:32:10:7f:6b:b2:f6:11:d6:0e:f2:42:
65:40:f0:02:6b:f4:af:22:01:7f:d3:21:c1:4d:33:
b4:d4:b5:73:24:47:ee:02:54:a4:93:52:be:27:76:
c4:fd:b1:5c:6f:c1:f1:6e:7c:0a:0f:e6:11:f8:57:
3c:b7:fe:eb:d0:0a:54:9d:92:81:fa:92:fc:89:8f:
35:c9:bb:61:fa:34:a2:e1:0b:8a:36:c8:22:b3:49:
9d:13:bd:2b:50:4f:8d:dd:e4:e3:d7:ef:a7:86:bf:
90:6d:0e:1c:99:87:fe:a4:ab:0b:6e:4e:4b:70:9e:
0f:c4:6d:4c:74:13:da:a8:89:c8:b5:da:36:3d:cb:
66:83:e9:fe:46:70:10:d4:db:42:7d:f3:ac:29:bf:
dc:60:99:4e:84:aa:f6:a9:c5:cc:9d:79:e5:bd:aa:
96:17:2e:43:aa:5b:3e:e2:ff:97:de:16:3e:9d:a1:
98:cc:d5:ce:4c:c5:c0:18:a1:a5:b6:98:a3:e2:6b:
41:dd:1e:0b:92:b5:d2:f1:10:c3:84:79:c9:8a:d0:
40:97:5f:b1:cf:19:22:b0:36:b8:d5:bd:4d:7c:a3:
a9:b8:a1:46:ff:53:af:14:ed:06:bc:6f:3a:c9:35:
41:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:05:2B:98:A3:16:EA:B5:08:21:B8:F3:86:AF:0E:25:AD:E8:61:31
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:d2:47:76:6f:db:fe:8b:c6:7b:0b:be:34:5a:bd:03:44:d5:
43:a6:6c:12:71:ce:4e:20:67:cd:f0:52:d9:c0:78:b9:9c:6a:
f0:3b:5f:1b:a9:8a:00:04:99:ed:be:cd:0d:e6:61:32:75:9e:
64:55:06:d6:c1:0f:3b:e7:ee:65:5d:05:56:04:a1:8c:05:2f:
1e:13:34:58:75:7f:f1:90:f1:93:e8:5f:97:55:a3:77:e1:88:
09:5f:59:cc:c0:c5:41:de:97:bf:2e:fd:d0:68:4a:ed:ee:30:
d7:94:93:0b:72:e6:6b:10:76:d1:97:ec:50:a9:0a:59:b3:a8:
67:7a:db:71:9d:72:c6:45:18:49:1d:1d:ad:52:48:93:6b:9b:
01:50:0f:b3:c1:ca:64:96:29:ef:aa:38:7e:92:3c:15:db:1f:
ea:79:49:83:be:79:31:49:10:0d:9a:15:76:4d:db:6a:43:04:
47:27:7a:09:0d:fb:3a:51:df:87:23:65:b4:fe:41:ab:6a:49:
5f:fb:74:21:82:34:21:7b:ac:f8:18:fb:a0:3d:d4:78:92:df:
99:fd:b8:12:ad:e4:f7:4d:2a:f3:15:68:a8:5d:5f:96:25:34:
24:30:3c:db:91:6c:0c:9c:52:0b:85:44:5c:7f:51:9a:1c:58:
24:70:2a:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPXaIdFDbEe34y6C1id1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjUxMDE5MDgwMTM0WhcNMjUxMDIwMDgwMTM0WjAzMTEwLwYDVQQD
EyhkZjA1MmI5OGEzMTZlYWI1MDgyMWI4ZjM4NmFmMGUyNWFkZTg2MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JRKTXGDcOzsgHnb207UuHdEMhB/
a7L2EdYO8kJlQPACa/SvIgF/0yHBTTO01LVzJEfuAlSkk1K+J3bE/bFcb8HxbnwK
D+YR+Fc8t/7r0ApUnZKB+pL8iY81ybth+jSi4QuKNsgis0mdE70rUE+N3eTj1++n
hr+QbQ4cmYf+pKsLbk5LcJ4PxG1MdBPaqInItdo2Pctmg+n+RnAQ1NtCffOsKb/c
YJlOhKr2qcXMnXnlvaqWFy5Dqls+4v+X3hY+naGYzNXOTMXAGKGltpij4mtB3R4L
krXS8RDDhHnJitBAl1+xzxkisDa41b1NfKOpuKFG/1OvFO0GvG86yTVB9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8FK5ijFuq1CCG484avDiWt6GExMB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtJHdm/b
/ovGewu+NFq9A0TVQ6ZsEnHOTiBnzfBS2cB4uZxq8DtfG6mKAASZ7b7NDeZhMnWe
ZFUG1sEPO+fuZV0FVgShjAUvHhM0WHV/8ZDxk+hfl1Wjd+GICV9ZzMDFQd6Xvy79
0GhK7e4w15STC3LmaxB20ZfsUKkKWbOoZ3rbcZ1yxkUYSR0drVJIk2ubAVAPs8HK
ZJYp76o4fpI8Fdsf6nlJg755MUkQDZoVdk3bakMERyd6CQ37OlHfhyNltP5Bq2pJ
X/t0IYI0IXus+Bj7oD3UeJLfmf24Eq3k900q8xVoqF1fliU0JDA825FsDJxSC4VE
XH9RmhxYJHAqzw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:20 2025 by rpki-client