Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: PiaLXl9TI/WS8h26s/UunpHA4DcqCvFZoAACZeqiXVU=
Subject key identifier: C3:74:46:5B:6B:BC:AA:AB:E4:88:66:92:31:0B:04:89:33:9E:31:7D
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0198D439BD4D5D566A88BF0FF51147ED18EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 0616
Signing time: Sat 23 Aug 2025 00:00:10 +0000
Manifest this update: Sat 23 Aug 2025 00:00:10 +0000
Manifest next update: Sun 24 Aug 2025 00:00:10 +0000
Files and hashes: 1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: WQDogDdTyt3FMVC95J6ks4T8hJcrw0Fi2cjbol5nN9Q=)
2: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
3: x35TZBfjRzydIntP1wj4bzkffVI.roa (hash: m3lAcV9738Nh7P2x7upDgBTiTVZP/HAse993nyHmPOw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:39:bd:4d:5d:56:6a:88:bf:0f:f5:11:47:ed:18:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Aug 23 00:00:10 2025 GMT
Not After : Aug 24 00:00:10 2025 GMT
Subject: CN=c374465b6bbcaaabe4886692310b0489339e317d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4b:c5:83:9e:1c:2e:14:fd:b8:5d:9e:54:24:
1d:eb:af:e6:ae:fc:20:4b:55:9d:a6:59:d4:38:ab:
8c:2b:59:81:34:8d:10:5b:cc:cf:69:d3:a9:07:eb:
86:59:71:03:8b:a5:7a:8c:6a:db:06:78:7e:54:a1:
66:04:ce:26:ec:58:0b:f9:d4:5d:15:c5:0b:9b:1a:
3e:68:16:95:be:3a:3e:86:b7:5c:18:42:a1:6a:a9:
f6:67:45:8c:0b:3f:d1:ce:a5:20:39:3c:32:c3:48:
2b:49:2b:0c:8b:83:83:c5:60:0f:1e:3b:66:24:70:
ec:e4:ad:e2:da:97:22:7e:7c:81:6f:2c:08:45:2d:
1e:b3:94:c9:ec:4f:6e:d3:2e:01:80:ae:e6:d1:e9:
69:2b:76:ca:12:a3:93:6e:4e:dc:de:39:fd:06:2c:
98:e1:4a:27:de:17:da:41:c6:d6:51:12:55:e7:4e:
99:23:c5:9a:97:ec:b3:8f:77:ac:d4:79:8a:6c:7f:
e4:6a:1e:e3:7e:c0:f5:64:d4:06:25:a1:aa:9a:d2:
55:7d:66:46:62:64:20:c3:8a:ec:0a:44:ab:e3:19:
82:59:1f:8e:ed:cc:2a:86:c7:95:99:9c:8a:65:71:
ad:76:a4:7c:f7:43:cb:1d:5d:fb:38:3a:8f:c0:7c:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:74:46:5B:6B:BC:AA:AB:E4:88:66:92:31:0B:04:89:33:9E:31:7D
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:76:0f:08:d5:f4:23:c0:6b:0a:f5:f9:0c:03:d0:af:a0:e2:
31:33:03:d8:0b:2a:17:f3:47:ad:df:f6:36:60:b2:2c:50:d6:
b6:86:9c:0b:51:aa:dc:3d:58:6d:8b:2b:fb:50:7f:a7:66:31:
d3:89:38:1d:bb:b6:3a:03:f9:8b:08:71:5c:40:30:01:d4:cc:
dd:67:a2:22:e3:5a:21:a5:30:4c:71:3d:a9:46:19:b5:97:e3:
be:ed:66:a8:80:9c:99:c8:36:a7:9c:c6:45:b8:63:6a:ae:bf:
14:52:c9:d9:99:28:ae:c2:82:4a:c9:c0:20:05:e2:e5:75:88:
ba:41:c4:4f:61:a7:12:07:d7:05:88:c8:f7:e1:bb:19:9a:66:
75:3a:59:cc:b1:e2:17:c5:06:b9:71:f8:a4:b3:33:9d:35:2a:
87:cf:b0:23:9a:90:e5:0c:8c:25:9e:a1:e2:38:c8:05:f2:c8:
e7:09:24:78:85:93:99:3e:48:8c:6e:0f:bb:51:3d:c7:81:31:
fb:f1:ed:25:79:d9:f5:84:63:b2:35:da:18:7c:d5:ca:8a:dd:
37:1a:03:47:4f:63:56:6c:08:7b:03:68:d3:b2:95:fa:d2:ca:
2d:00:19:25:60:5a:7d:21:ec:f4:f3:3a:85:f8:71:f9:53:4d:
94:65:b5:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUOb1NXVZqiL8P9RFH7RjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwODIzMDAwMDEwWhcNMjUwODI0MDAwMDEwWjAzMTEwLwYDVQQD
EyhjMzc0NDY1YjZiYmNhYWFiZTQ4ODY2OTIzMTBiMDQ4OTMzOWUzMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokvFg54cLhT9uF2eVCQd66/mrvwg
S1WdplnUOKuMK1mBNI0QW8zPadOpB+uGWXEDi6V6jGrbBnh+VKFmBM4m7FgL+dRd
FcULmxo+aBaVvjo+hrdcGEKhaqn2Z0WMCz/RzqUgOTwyw0grSSsMi4ODxWAPHjtm
JHDs5K3i2pcifnyBbywIRS0es5TJ7E9u0y4BgK7m0elpK3bKEqOTbk7c3jn9BiyY
4Uon3hfaQcbWURJV506ZI8Wal+yzj3es1HmKbH/kah7jfsD1ZNQGJaGqmtJVfWZG
YmQgw4rsCkSr4xmCWR+O7cwqhseVmZyKZXGtdqR890PLHV37ODqPwHxwXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMN0RltrvKqr5IhmkjELBIkznjF9MB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnYPCNX0
I8BrCvX5DAPQr6DiMTMD2AsqF/NHrd/2NmCyLFDWtoacC1Gq3D1YbYsr+1B/p2Yx
04k4Hbu2OgP5iwhxXEAwAdTM3WeiIuNaIaUwTHE9qUYZtZfjvu1mqICcmcg2p5zG
Rbhjaq6/FFLJ2ZkorsKCSsnAIAXi5XWIukHET2GnEgfXBYjI9+G7GZpmdTpZzLHi
F8UGuXH4pLMznTUqh8+wI5qQ5QyMJZ6h4jjIBfLI5wkkeIWTmT5IjG4Pu1E9x4Ex
+/HtJXnZ9YRjsjXaGHzVyordNxoDR09jVmwIewNo07KV+tLKLQAZJWBafSHs9PM6
hfhx+VNNlGW1QA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:25:47 2025 by rpki-client