Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
File: hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft (raw, json)
Hash identifier: VO8zKI6MyAb2dItBhoBK+DPnqQab8YMMZcgU/B0IsW4=
Subject key identifier: F9:73:3B:D6:23:2E:1F:FD:FE:71:3D:8D:F4:D1:B5:5F:35:8A:52:25
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 01965492AADFAEB7F0BF84F5A171A8AA7007
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
Manifest number: 11B6
Signing time: Sun 20 Apr 2025 19:00:20 +0000
Manifest this update: Sun 20 Apr 2025 19:00:20 +0000
Manifest next update: Mon 21 Apr 2025 19:00:20 +0000
Files and hashes: 1: ZDU98pLej6G5Y69Flle0aPv1r5A.roa (hash: A41/y0PjRZXqiD5cmhEr4Mj1BgTXTsWtK/kWghBv8z8=)
2: hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl (hash: VSw7JqX2H0VpBr/jVq8hCSkHk89Nb02CL9GCFAQcT10=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:92:aa:df:ae:b7:f0:bf:84:f5:a1:71:a8:aa:70:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Apr 20 19:00:20 2025 GMT
Not After : Apr 21 19:00:20 2025 GMT
Subject: CN=f9733bd6232e1ffdfe713d8df4d1b55f358a5225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:4d:07:8e:0d:ff:cf:27:08:76:0e:04:06:
ec:7e:a3:d2:91:4c:63:13:72:e8:2e:cd:a6:01:6c:
ee:27:78:39:ba:39:27:95:50:1e:cc:74:d8:86:d8:
23:87:14:28:04:07:56:56:91:41:c4:29:18:c2:64:
58:2a:9f:f6:64:3b:5e:d2:bd:52:55:03:ab:dd:b8:
4f:39:ed:0f:dd:40:fe:5e:c3:99:bd:3b:51:c0:07:
1f:9b:fb:5f:d5:2f:d1:8c:14:96:eb:2a:c2:82:40:
1b:8c:7d:c0:8a:8b:6e:9b:a6:20:ce:91:73:ff:60:
af:fb:12:34:0f:70:93:23:35:5a:4b:40:f9:4b:51:
28:08:c3:a8:37:92:c8:37:8a:2f:0d:d5:a5:0d:2c:
ff:bc:fc:13:e6:c7:87:bb:fd:4a:f0:54:e3:24:d8:
89:98:19:ce:42:a4:c3:33:ad:9b:a5:5e:5b:4b:04:
d3:11:82:bd:8b:fe:85:94:a6:2b:d7:32:6d:ab:f4:
3c:c7:71:33:45:06:ed:4e:da:d6:cd:f2:62:15:54:
46:c9:53:90:d9:e3:7f:68:67:d5:52:d5:c5:34:06:
1b:d2:9b:ff:b8:5b:28:91:4a:d8:d5:6d:7f:af:2a:
9a:df:b3:2a:3a:93:a9:1f:8b:91:e8:c8:93:e1:c0:
ed:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:73:3B:D6:23:2E:1F:FD:FE:71:3D:8D:F4:D1:B5:5F:35:8A:52:25
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:2d:d9:78:05:06:88:6c:75:36:50:2c:39:83:43:8b:ae:50:
09:ff:ad:e5:5b:a1:07:34:b8:25:09:fe:55:98:d4:9f:ca:01:
a8:a7:0f:60:d8:e5:9d:46:43:36:3e:ee:4f:39:03:e7:e8:f9:
aa:f4:fc:6e:2a:0a:1f:c2:4b:e2:ff:7e:e7:31:5a:f6:63:6a:
13:16:b4:60:f7:c9:ac:b2:64:d7:1d:4c:64:63:d1:d0:84:de:
9c:ac:14:5f:2e:ca:a7:2b:57:31:b3:a1:ee:31:d7:ff:e4:70:
1f:30:74:da:df:06:c0:fd:0e:bf:a2:40:47:b0:d0:c5:a4:30:
2b:2e:56:90:60:a6:2d:97:95:1c:7f:cf:d9:cc:65:fb:e0:5b:
ec:14:2a:30:89:ba:1e:3b:7e:03:31:93:bc:47:a8:08:0d:82:
de:46:75:90:40:c7:e5:b4:51:23:dc:9c:2e:0c:ce:fb:fa:2d:
51:e1:37:c4:7d:17:7d:fd:46:b7:bd:0b:08:5f:65:a5:10:0e:
fb:d1:7c:06:1e:6b:4d:30:1b:55:07:7d:0a:11:42:1f:d1:88:
c5:e8:ba:0e:76:46:73:ef:ef:e4:0a:8f:63:8c:79:ab:1c:c5:
bb:f4:b1:81:a4:4a:d5:67:9c:aa:94:fe:a0:46:da:68:cc:86:
10:3e:55:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkqrfrrfwv4T1oXGoqnAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjUwNDIwMTkwMDIwWhcNMjUwNDIxMTkwMDIwWjAzMTEwLwYDVQQD
EyhmOTczM2JkNjIzMmUxZmZkZmU3MTNkOGRmNGQxYjU1ZjM1OGE1MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogxNB44N/88nCHYOBAbsfqPSkUxj
E3LoLs2mAWzuJ3g5ujknlVAezHTYhtgjhxQoBAdWVpFBxCkYwmRYKp/2ZDte0r1S
VQOr3bhPOe0P3UD+XsOZvTtRwAcfm/tf1S/RjBSW6yrCgkAbjH3Aiotum6YgzpFz
/2Cv+xI0D3CTIzVaS0D5S1EoCMOoN5LIN4ovDdWlDSz/vPwT5seHu/1K8FTjJNiJ
mBnOQqTDM62bpV5bSwTTEYK9i/6FlKYr1zJtq/Q8x3EzRQbtTtrWzfJiFVRGyVOQ
2eN/aGfVUtXFNAYb0pv/uFsokUrY1W1/ryqa37MqOpOpH4uR6MiT4cDtZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlzO9YjLh/9/nE9jfTRtV81ilIlMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqC3ZeAUG
iGx1NlAsOYNDi65QCf+t5VuhBzS4JQn+VZjUn8oBqKcPYNjlnUZDNj7uTzkD5+j5
qvT8bioKH8JL4v9+5zFa9mNqExa0YPfJrLJk1x1MZGPR0ITenKwUXy7KpytXMbOh
7jHX/+RwHzB02t8GwP0Ov6JAR7DQxaQwKy5WkGCmLZeVHH/P2cxl++Bb7BQqMIm6
Hjt+AzGTvEeoCA2C3kZ1kEDH5bRRI9ycLgzO+/otUeE3xH0Xff1Gt70LCF9lpRAO
+9F8Bh5rTTAbVQd9ChFCH9GIxei6DnZGc+/v5AqPY4x5qxzFu/SxgaRK1WecqpT+
oEbaaMyGED5V+A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:18:53 2025 by rpki-client