Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: s1lv2G81BP0h/Q+Cmym3Fls4rFMRAvO+HKa+7kyXxPc=
Subject key identifier: 76:B0:13:92:96:FA:34:60:C7:03:44:CB:D5:FF:0D:76:A5:B4:21:1F
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 01965613188BD2902DEB5DB5D72A039F8C3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 1267
Signing time: Mon 21 Apr 2025 02:00:14 +0000
Manifest this update: Mon 21 Apr 2025 02:00:14 +0000
Manifest next update: Tue 22 Apr 2025 02:00:14 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: 9S9Mm/HDxlasCnKEaKMj6EE6WYRpsoICuxt0Lv5fxuk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:13:18:8b:d2:90:2d:eb:5d:b5:d7:2a:03:9f:8c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Apr 21 02:00:14 2025 GMT
Not After : Apr 22 02:00:14 2025 GMT
Subject: CN=76b0139296fa3460c70344cbd5ff0d76a5b4211f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8d:7a:20:9b:b1:78:1f:9a:c6:d0:ef:21:f1:
7c:ff:3f:2f:8d:d9:0c:5c:25:65:91:7e:34:32:42:
5c:1e:35:d3:cb:62:4f:bf:be:82:c3:d7:b6:0f:02:
7b:b2:ff:84:1e:2e:ca:7b:92:1f:c1:64:fa:67:d8:
e3:e6:d9:47:2e:a6:92:87:38:e7:d8:0e:89:b7:37:
df:ca:e1:75:82:14:70:32:16:c6:c8:02:46:6d:34:
d7:eb:68:5f:55:6f:d8:74:af:98:86:2d:55:ae:af:
2f:34:86:be:54:f8:d2:30:50:a9:8d:53:47:c7:7e:
1f:47:25:71:73:80:90:32:74:5b:ce:b1:73:3a:34:
0f:1e:2b:23:29:88:5b:da:06:37:f4:4d:f2:ea:9d:
8b:99:24:6e:59:51:1a:3a:13:52:00:60:f9:7a:9a:
0a:d6:50:61:b5:01:4a:83:b0:bd:63:b9:75:e5:70:
ad:d4:a0:1e:70:76:44:0b:99:ed:1b:bd:34:b8:84:
f0:14:6e:97:87:77:64:bf:4b:62:c6:36:ed:3e:e3:
db:0c:84:de:fa:56:8b:f0:c2:09:63:49:85:0d:45:
ef:31:78:28:30:d1:ed:fb:c8:7d:fa:35:f0:76:83:
8a:73:27:e6:50:9b:6d:aa:dd:cd:1b:cb:32:8b:da:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B0:13:92:96:FA:34:60:C7:03:44:CB:D5:FF:0D:76:A5:B4:21:1F
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:fd:a5:16:00:7a:e0:38:04:55:e3:13:bc:df:b2:4f:a1:86:
0d:a7:7b:ec:e6:36:68:e2:78:4b:17:05:c4:15:04:0c:47:d3:
9e:5c:cb:12:be:a4:75:35:cc:ba:e9:95:6b:34:df:2f:c8:71:
f4:d2:85:8d:b3:d6:3b:96:b8:40:d9:88:0a:10:7f:f7:68:0a:
f3:12:ec:0e:85:bc:01:45:77:da:d8:a3:a2:de:ac:7c:89:ab:
9e:d2:00:40:26:a8:95:c8:a1:5e:c4:d3:3f:99:41:6e:58:24:
18:8c:43:41:1f:ea:f6:37:72:5e:3c:b7:74:81:49:af:61:1d:
61:37:cf:ae:d2:21:5d:ad:06:fa:bd:0d:18:54:36:fd:15:fe:
5b:43:5c:cc:ea:fd:80:19:57:75:3b:9c:f6:d8:d2:79:e8:19:
fb:c1:e4:69:e9:93:37:43:64:3c:f1:09:7d:2a:28:b6:9d:68:
ae:31:50:28:e9:23:72:f0:a2:87:a5:79:60:e6:d0:95:7c:fe:
0d:b8:eb:8e:4e:3f:f2:f8:d2:6b:cd:68:4c:66:27:6e:c8:b2:
d8:7f:2c:b0:08:9d:d3:55:a9:91:b3:54:3b:08:fa:b5:b9:4d:
24:c4:3a:ed:7a:51:11:02:8b:c9:0c:9d:be:34:f6:75:f3:bb:
aa:47:72:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWExiL0pAt61211yoDn4w7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUwNDIxMDIwMDE0WhcNMjUwNDIyMDIwMDE0WjAzMTEwLwYDVQQD
Eyg3NmIwMTM5Mjk2ZmEzNDYwYzcwMzQ0Y2JkNWZmMGQ3NmE1YjQyMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4o16IJuxeB+axtDvIfF8/z8vjdkM
XCVlkX40MkJcHjXTy2JPv76Cw9e2DwJ7sv+EHi7Ke5IfwWT6Z9jj5tlHLqaShzjn
2A6JtzffyuF1ghRwMhbGyAJGbTTX62hfVW/YdK+Yhi1Vrq8vNIa+VPjSMFCpjVNH
x34fRyVxc4CQMnRbzrFzOjQPHisjKYhb2gY39E3y6p2LmSRuWVEaOhNSAGD5epoK
1lBhtQFKg7C9Y7l15XCt1KAecHZEC5ntG700uITwFG6Xh3dkv0tixjbtPuPbDITe
+laL8MIJY0mFDUXvMXgoMNHt+8h9+jXwdoOKcyfmUJttqt3NG8syi9q4uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHawE5KW+jRgxwNEy9X/DXaltCEfMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuP2lFgB6
4DgEVeMTvN+yT6GGDad77OY2aOJ4SxcFxBUEDEfTnlzLEr6kdTXMuumVazTfL8hx
9NKFjbPWO5a4QNmIChB/92gK8xLsDoW8AUV32tijot6sfImrntIAQCaolcihXsTT
P5lBblgkGIxDQR/q9jdyXjy3dIFJr2EdYTfPrtIhXa0G+r0NGFQ2/RX+W0NczOr9
gBlXdTuc9tjSeegZ+8HkaemTN0NkPPEJfSootp1orjFQKOkjcvCih6V5YObQlXz+
Dbjrjk4/8vjSa81oTGYnbsiy2H8ssAid01WpkbNUOwj6tblNJMQ67XpREQKLyQyd
vjT2dfO7qkdyeQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:34:19 2025 by rpki-client