Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
File: hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft (raw, json)
Hash identifier: 8ZedZAYtuEGtkd76ZOyxsLNmb/XDDW+pTKN/t3rs2S0=
Subject key identifier: 2C:54:43:37:6D:85:44:18:08:3E:07:E7:91:82:25:70:F0:66:C4:37
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0198D516097E3BA25B1D8D49189997A4B16A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
Manifest number: 0C8C
Signing time: Sat 23 Aug 2025 04:00:47 +0000
Manifest this update: Sat 23 Aug 2025 04:00:47 +0000
Manifest next update: Sun 24 Aug 2025 04:00:47 +0000
Files and hashes: 1: MWwCkyjKodNxojuXE4ToQXLtm5w.roa (hash: Ak0owLXzMtwfRek9KqA/lWNxi61mLQqKV5qpbUxSWP4=)
2: NLcJ1zHiWemoNGCQqxBLJZM1epY.roa (hash: sN7g+z3kFVXgkKd1egNCxj+JRztRoGDD2QPyWEFToRI=)
3: hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl (hash: HC0Agx1hXLv2/5gDzxPzC3IskvyAs5IO2z4zfmOnf8M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:16:09:7e:3b:a2:5b:1d:8d:49:18:99:97:a4:b1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Aug 23 04:00:47 2025 GMT
Not After : Aug 24 04:00:47 2025 GMT
Subject: CN=2c5443376d854418083e07e791822570f066c437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e5:25:85:45:9c:ac:45:cf:f3:81:4b:cf:c9:
b4:d6:44:8a:01:1f:37:41:c7:6f:e0:07:03:57:99:
75:15:8d:aa:d6:26:df:14:21:7c:f6:61:65:9e:1c:
a7:ee:c6:8c:f5:05:d3:b6:c9:c3:bb:1c:be:69:84:
f0:77:7a:70:d7:c5:d5:a2:4f:96:f5:9e:c8:9b:d3:
e7:e3:fc:33:df:cc:56:00:7c:d1:b7:88:71:da:b2:
31:cf:45:5f:d5:ec:78:ea:c0:b5:d2:55:13:c3:61:
d0:a3:b1:75:57:af:56:13:4c:e0:be:9a:c6:dd:0b:
f1:3f:67:22:a9:b1:55:01:f6:a0:4f:09:12:31:5e:
85:39:ce:4f:68:b0:ec:44:07:60:fb:f0:00:61:eb:
dc:cd:9e:92:c1:fc:d2:47:48:27:05:67:90:a8:65:
a2:e6:7c:c5:dc:ed:39:82:bf:21:8e:a8:e2:09:7e:
28:14:6f:98:08:12:18:c0:6e:fd:34:05:77:88:1e:
42:db:2b:db:7d:9c:e5:e2:32:7e:ee:46:94:74:40:
e3:5e:46:7a:b2:87:9c:17:18:fa:59:07:34:9e:9e:
f1:9f:8b:cd:3a:6c:50:2e:0e:93:22:6a:11:17:fe:
ad:83:0d:a0:56:ba:3f:31:f5:da:1f:f3:8e:b0:4a:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:54:43:37:6D:85:44:18:08:3E:07:E7:91:82:25:70:F0:66:C4:37
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:3e:ad:d4:66:39:78:02:35:6b:29:1f:e7:d7:9d:5b:5c:2a:
11:d5:ee:79:6f:aa:97:ea:02:ca:c3:8b:0a:ff:95:d8:2f:5a:
75:44:dc:da:aa:2b:6b:0b:1a:0b:c9:36:7b:ff:a6:d9:d2:bb:
df:93:46:99:e2:9e:24:04:67:4d:2a:80:8f:47:0a:b2:84:02:
ef:f9:c8:71:5f:ed:96:64:fe:92:c0:65:31:57:fe:0e:7a:fe:
2d:d5:13:b9:ab:31:17:8e:90:bf:8a:ad:3a:29:be:2a:45:96:
30:09:c5:e4:5e:d5:bd:8b:cd:48:6a:49:35:5b:1c:34:1a:ab:
cf:55:50:58:aa:6d:93:61:58:88:b2:68:e1:9d:a4:70:1d:f7:
9a:e2:c8:7b:b7:a5:ff:70:db:91:75:c4:61:a2:19:b4:00:95:
b6:f8:48:7b:71:4e:ff:59:4e:a6:78:a0:8d:78:a5:70:82:74:
44:9b:d5:df:9b:94:50:23:3b:63:a5:a1:e8:dd:44:03:72:da:
c7:02:e8:18:76:f2:3a:f6:7f:af:b7:23:20:86:42:85:10:1f:
67:6f:83:14:b4:52:7b:5e:aa:9f:f2:c3:a0:8f:b6:51:80:24:
c5:b8:de:c8:20:09:c1:97:a9:f0:15:3e:64:28:fc:76:ca:7b:
7a:ab:58:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFgl+O6JbHY1JGJmXpLFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjUwODIzMDQwMDQ3WhcNMjUwODI0MDQwMDQ3WjAzMTEwLwYDVQQD
EygyYzU0NDMzNzZkODU0NDE4MDgzZTA3ZTc5MTgyMjU3MGYwNjZjNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+UlhUWcrEXP84FLz8m01kSKAR83
Qcdv4AcDV5l1FY2q1ibfFCF89mFlnhyn7saM9QXTtsnDuxy+aYTwd3pw18XVok+W
9Z7Im9Pn4/wz38xWAHzRt4hx2rIxz0Vf1ex46sC10lUTw2HQo7F1V69WE0zgvprG
3QvxP2ciqbFVAfagTwkSMV6FOc5PaLDsRAdg+/AAYevczZ6SwfzSR0gnBWeQqGWi
5nzF3O05gr8hjqjiCX4oFG+YCBIYwG79NAV3iB5C2yvbfZzl4jJ+7kaUdEDjXkZ6
soecFxj6WQc0np7xn4vNOmxQLg6TImoRF/6tgw2gVro/MfXaH/OOsEpqiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxUQzdthUQYCD4H55GCJXDwZsQ3MB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMD6t1GY5
eAI1aykf59edW1wqEdXueW+ql+oCysOLCv+V2C9adUTc2qorawsaC8k2e/+m2dK7
35NGmeKeJARnTSqAj0cKsoQC7/nIcV/tlmT+ksBlMVf+Dnr+LdUTuasxF46Qv4qt
Oim+KkWWMAnF5F7VvYvNSGpJNVscNBqrz1VQWKptk2FYiLJo4Z2kcB33muLIe7el
/3DbkXXEYaIZtACVtvhIe3FO/1lOpnigjXilcIJ0RJvV35uUUCM7Y6Wh6N1EA3La
xwLoGHbyOvZ/r7cjIIZChRAfZ2+DFLRSe16qn/LDoI+2UYAkxbjeyCAJwZep8BU+
ZCj8dsp7eqtYLQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:24:17 2025 by rpki-client