Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json)
Hash identifier: 0zhOBSzOuJb6GWMXXiahjzm+ve7mQKC15noLMFmLRgg=
Subject key identifier: 83:39:A8:57:B2:31:30:DC:F9:E6:32:2B:72:82:5C:E5:FA:6B:FB:1B
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 0198D73AE77B47545EE266F89430F631ADF7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
Manifest number: 10E5
Signing time: Sat 23 Aug 2025 14:00:18 +0000
Manifest this update: Sat 23 Aug 2025 14:00:18 +0000
Manifest next update: Sun 24 Aug 2025 14:00:18 +0000
Files and hashes: 1: XLQfftOCYwZhCKWBFvPgcWtM3ng.roa (hash: e5IwRRubP2iih1RAenDvyf84x82YlIWC8mC3l2YoKV8=)
2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: vDHrsby+aY7lKEZ3KLxRWTU9XdSShT9AG3kTqIrdaNE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:3a:e7:7b:47:54:5e:e2:66:f8:94:30:f6:31:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Aug 23 14:00:18 2025 GMT
Not After : Aug 24 14:00:18 2025 GMT
Subject: CN=8339a857b23130dcf9e6322b72825ce5fa6bfb1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:71:9e:fa:d2:8b:c2:e9:a4:a2:75:89:ad:
7d:a4:f3:5f:0d:1f:a9:19:76:50:cc:2a:d0:df:25:
09:8c:3e:a5:6e:c4:75:b4:90:6d:5b:4e:0d:85:10:
ae:c4:70:a7:7d:7e:29:6a:f8:65:81:7b:f3:33:40:
62:04:15:5b:6e:5c:36:a5:3f:6a:ba:76:0a:a6:48:
b9:8e:a7:9c:f9:71:dc:87:a8:a8:26:29:a1:1d:f2:
26:74:8a:5c:30:68:91:00:10:05:66:47:eb:9a:72:
79:62:05:cd:96:11:b8:0b:2b:be:51:42:dc:ea:d4:
55:b4:da:94:99:ee:b1:9e:6f:fe:0e:94:ca:ca:cd:
0c:6f:d6:6a:54:61:40:2d:60:8a:52:25:b1:de:5e:
90:90:62:3f:25:03:88:f2:40:77:06:72:2c:91:4f:
37:db:51:e5:6d:bd:d4:2f:84:2b:18:0b:b5:c6:6f:
69:7d:67:5d:9e:f6:ae:18:86:6d:35:11:5c:a8:ed:
3d:5e:7b:19:b4:73:ac:08:4a:71:82:13:87:1b:73:
25:fe:03:18:5d:c7:fb:9e:05:8c:0d:3a:d4:d3:97:
82:a5:be:63:ea:8a:d2:6c:d6:fd:a7:5a:7a:02:96:
14:ce:8e:91:95:5d:2b:ba:20:bf:c2:de:18:48:9d:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:39:A8:57:B2:31:30:DC:F9:E6:32:2B:72:82:5C:E5:FA:6B:FB:1B
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:c8:8a:c1:88:fe:44:40:05:2f:ed:2c:84:17:43:4e:b7:0a:
09:d6:b3:f4:7d:42:47:eb:e9:9b:20:04:17:d0:ef:a1:38:0c:
60:14:49:c9:be:05:12:3d:42:e7:60:5d:f3:46:70:11:c5:c4:
c1:7c:b6:70:e2:13:4e:4b:7a:4c:05:1c:59:79:c6:5f:a5:30:
97:ba:28:8e:40:b3:c3:50:89:4b:35:d2:73:ac:59:00:ba:d3:
4e:ba:ae:2f:c2:0e:8b:9e:3e:55:12:1f:b7:f1:62:e8:d1:68:
f8:ae:29:98:d9:cf:bb:18:99:71:af:5c:04:69:38:75:26:9a:
0e:74:0e:e1:c2:bb:ca:23:be:95:2b:e5:5f:6a:d2:53:60:fc:
cc:04:1f:57:1b:24:84:0a:03:9b:88:89:3e:91:75:ce:23:75:
5c:12:cf:f3:ed:6b:ad:8a:2d:39:b3:d1:1f:54:5d:6c:95:d0:
ec:cb:90:39:c6:72:f9:31:08:06:db:89:3e:5e:b4:c4:a4:7c:
01:0a:f5:1d:13:a2:56:61:f6:ca:11:73:cc:f7:00:c2:df:40:
b8:a4:97:5d:f9:17:ee:93:a6:64:22:2e:d8:02:c9:f7:09:7b:
60:2e:84:5e:e0:3a:71:52:6f:2f:0b:67:ab:a7:43:da:81:78:
1f:a9:82:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOud7R1Re4mb4lDD2Ma33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw
M2FkMDAwHhcNMjUwODIzMTQwMDE4WhcNMjUwODI0MTQwMDE4WjAzMTEwLwYDVQQD
Eyg4MzM5YTg1N2IyMzEzMGRjZjllNjMyMmI3MjgyNWNlNWZhNmJmYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpdxnvrSi8LppKJ1ia19pPNfDR+p
GXZQzCrQ3yUJjD6lbsR1tJBtW04NhRCuxHCnfX4pavhlgXvzM0BiBBVbblw2pT9q
unYKpki5jqec+XHch6ioJimhHfImdIpcMGiRABAFZkfrmnJ5YgXNlhG4Cyu+UULc
6tRVtNqUme6xnm/+DpTKys0Mb9ZqVGFALWCKUiWx3l6QkGI/JQOI8kB3BnIskU83
21Hlbb3UL4QrGAu1xm9pfWddnvauGIZtNRFcqO09XnsZtHOsCEpxghOHG3Ml/gMY
Xcf7ngWMDTrU05eCpb5j6orSbNb9p1p6ApYUzo6RlV0ruiC/wt4YSJ2ZnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIM5qFeyMTDc+eYyK3KCXOX6a/sbMB8GA1UdIwQY
MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt
NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm
LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJciKwYj+
REAFL+0shBdDTrcKCdaz9H1CR+vpmyAEF9DvoTgMYBRJyb4FEj1C52Bd80ZwEcXE
wXy2cOITTkt6TAUcWXnGX6Uwl7oojkCzw1CJSzXSc6xZALrTTrquL8IOi54+VRIf
t/Fi6NFo+K4pmNnPuxiZca9cBGk4dSaaDnQO4cK7yiO+lSvlX2rSU2D8zAQfVxsk
hAoDm4iJPpF1ziN1XBLP8+1rrYotObPRH1RdbJXQ7MuQOcZy+TEIBtuJPl60xKR8
AQr1HROiVmH2yhFzzPcAwt9AuKSXXfkX7pOmZCIu2ALJ9wl7YC6EXuA6cVJvLwtn
q6dD2oF4H6mCng==
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:04:24 2025 by rpki-client