Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json)
Hash identifier: sgf7PSK+wWKXblqv3JSvsWbYLnW52eygQ4VWGTEnIVs=
Subject key identifier: 19:B3:43:81:E6:8B:9E:AD:62:87:E8:5A:9C:77:41:B2:F0:9D:7E:2E
Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Certificate serial: 019658017CCF94BDA2423435544F700E38EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
Manifest number: 1125
Signing time: Mon 21 Apr 2025 11:00:14 +0000
Manifest this update: Mon 21 Apr 2025 11:00:14 +0000
Manifest next update: Tue 22 Apr 2025 11:00:14 +0000
Files and hashes: 1: CSj4rvQmRyDsyaDEw0jstidXLzo.roa (hash: 3pSnEcRnf/ULKrT/Poc1HoH7UgR2xUCZ7SNrN3hfNmI=)
2: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: jexJaO60LKPJvw84e25tHOs8ypiJR+GzQ9VjLATf92A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:01:7c:cf:94:bd:a2:42:34:35:54:4f:70:0e:38:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Validity
Not Before: Apr 21 11:00:14 2025 GMT
Not After : Apr 22 11:00:14 2025 GMT
Subject: CN=19b34381e68b9ead6287e85a9c7741b2f09d7e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1b:2c:9e:d2:48:00:3e:3b:71:b8:07:81:d3:
78:53:99:be:08:fe:9b:99:dd:2d:8c:0e:c8:61:c6:
44:72:4b:24:32:d3:3a:85:6d:f3:8b:fd:51:eb:a2:
4d:45:9a:0a:cd:56:50:73:60:57:91:7b:ed:ef:84:
9d:e3:25:a5:59:91:2b:a7:f3:b5:36:b9:8d:d6:d2:
86:5c:5e:c4:3a:e1:4c:36:38:66:34:30:87:90:88:
f6:87:3a:7f:24:ba:6d:f6:04:02:36:d4:4c:78:e8:
04:be:49:36:aa:db:9e:68:8d:1a:6e:07:18:3b:6b:
53:86:3c:be:7a:6e:15:85:b6:5c:9b:c5:cc:6b:de:
f0:bd:49:05:d7:0a:d7:67:b8:c5:6d:13:ff:f7:db:
14:ab:f8:04:57:8a:08:f5:7e:89:ec:42:7e:8e:9a:
7f:3e:b5:9d:a5:cd:e3:fe:46:ee:c6:72:63:3e:80:
45:2b:54:42:52:fd:fe:11:d4:fa:e2:a0:9f:5d:17:
13:77:73:36:ba:de:b5:4a:da:64:1e:5b:ae:3d:6b:
7d:01:9a:8f:0f:53:10:5c:ed:4c:83:25:2b:cc:5e:
50:42:4d:ae:e3:bd:ee:c6:e1:bc:9c:4d:40:24:e3:
05:1f:b5:6e:5b:a2:15:41:d9:5f:34:f3:19:51:ae:
56:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B3:43:81:E6:8B:9E:AD:62:87:E8:5A:9C:77:41:B2:F0:9D:7E:2E
X509v3 Authority Key Identifier:
keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:3f:95:e6:05:c1:4b:70:fe:98:8e:dc:19:ed:aa:83:93:f4:
cb:c3:e5:66:bb:d5:b7:6e:0f:d3:5e:47:7d:92:e4:ae:99:a3:
f4:29:0f:4d:52:07:84:07:73:ca:44:8c:6e:a6:33:ab:eb:ea:
31:a7:39:cf:9f:8a:e8:32:c7:bd:53:92:fa:3a:eb:7e:fb:33:
0c:de:6f:b1:ce:97:77:aa:ac:77:fa:67:a6:fa:77:d6:03:52:
c4:6d:a5:bf:99:fe:c2:10:87:67:0b:4c:21:39:bf:36:ec:05:
d1:b1:b8:4b:a7:d3:da:d2:a3:05:a4:9e:a6:64:e9:f8:29:90:
79:d8:32:0f:93:f6:00:35:23:93:44:ea:38:e6:6b:56:2e:33:
30:b1:a9:62:7f:dc:2e:e1:d1:a1:31:59:ec:d3:fe:d4:59:24:
b9:c6:3d:85:e5:25:1b:a9:53:34:6d:ba:9b:6c:55:39:d8:1e:
ea:56:54:ac:ef:81:84:42:24:71:dd:3c:c8:44:01:e1:80:14:
2b:08:d5:7b:ae:c0:41:52:c9:1a:6b:74:87:63:a3:56:e2:89:
2c:65:ac:1f:ac:02:da:8a:c5:73:ca:0a:bb:a9:27:2d:c4:77:
44:67:0e:45:f9:49:c1:ad:e3:44:0c:68:80:bd:42:15:1b:19:
b5:a9:3f:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYAXzPlL2iQjQ1VE9wDjjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy
OTcwYjEwHhcNMjUwNDIxMTEwMDE0WhcNMjUwNDIyMTEwMDE0WjAzMTEwLwYDVQQD
EygxOWIzNDM4MWU2OGI5ZWFkNjI4N2U4NWE5Yzc3NDFiMmYwOWQ3ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRssntJIAD47cbgHgdN4U5m+CP6b
md0tjA7IYcZEckskMtM6hW3zi/1R66JNRZoKzVZQc2BXkXvt74Sd4yWlWZErp/O1
NrmN1tKGXF7EOuFMNjhmNDCHkIj2hzp/JLpt9gQCNtRMeOgEvkk2qtueaI0abgcY
O2tThjy+em4VhbZcm8XMa97wvUkF1wrXZ7jFbRP/99sUq/gEV4oI9X6J7EJ+jpp/
PrWdpc3j/kbuxnJjPoBFK1RCUv3+EdT64qCfXRcTd3M2ut61StpkHluuPWt9AZqP
D1MQXO1MgyUrzF5QQk2u473uxuG8nE1AJOMFH7VuW6IVQdlfNPMZUa5WcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmzQ4Hmi56tYofoWpx3QbLwnX4uMB8GA1UdIwQY
MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt
NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk
LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARz+V5gXB
S3D+mI7cGe2qg5P0y8PlZrvVt24P015HfZLkrpmj9CkPTVIHhAdzykSMbqYzq+vq
Mac5z5+K6DLHvVOS+jrrfvszDN5vsc6Xd6qsd/pnpvp31gNSxG2lv5n+whCHZwtM
ITm/NuwF0bG4S6fT2tKjBaSepmTp+CmQedgyD5P2ADUjk0TqOOZrVi4zMLGpYn/c
LuHRoTFZ7NP+1FkkucY9heUlG6lTNG26m2xVOdge6lZUrO+BhEIkcd08yEQB4YAU
KwjVe67AQVLJGmt0h2OjVuKJLGWsH6wC2orFc8oKu6knLcR3RGcORflJwa3jRAxo
gL1CFRsZtak/RA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:14 2025 by rpki-client