Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
File: KhfSVHdMl6nGhansXSTy_GlomQg.mft (raw, json)
Hash identifier: ipCd8eyia9hzwe89M/7sgJoMCr+4XBjFi+b4RhjOzzo=
Subject key identifier: 74:76:7D:4A:78:1E:43:9C:BE:4F:3A:5A:2B:1C:B3:1F:F0:C4:49:A0
Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Certificate serial: 0196586F6CD393A127579A52AE19866F33DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
Manifest number: 123B
Signing time: Mon 21 Apr 2025 13:00:19 +0000
Manifest this update: Mon 21 Apr 2025 13:00:19 +0000
Manifest next update: Tue 22 Apr 2025 13:00:19 +0000
Files and hashes: 1: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (hash: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=)
2: KhfSVHdMl6nGhansXSTy_GlomQg.crl (hash: hsPbVoWkVteTnAePSswNCoTtRO3JGPsJbt/nM2/b1kM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:6f:6c:d3:93:a1:27:57:9a:52:ae:19:86:6f:33:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Validity
Not Before: Apr 21 13:00:19 2025 GMT
Not After : Apr 22 13:00:19 2025 GMT
Subject: CN=74767d4a781e439cbe4f3a5a2b1cb31ff0c449a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:f3:8a:1e:46:c3:90:ab:69:f3:95:ca:73:
46:d2:57:3d:48:35:75:5b:8c:72:b0:bb:03:54:02:
17:81:c6:67:94:e8:44:38:24:0c:a5:56:e2:77:8e:
bb:6c:f9:e5:8c:6b:e3:ed:b5:0e:a4:5d:4e:78:7b:
aa:8f:6f:75:45:ca:d9:aa:73:aa:85:48:b8:a5:7f:
53:1a:f4:6b:8d:9f:c1:9d:67:ae:bb:7a:ab:b5:ad:
bd:52:72:cf:45:79:1a:61:bd:8b:f4:2f:16:4d:73:
6d:ed:25:3c:cc:78:da:20:6c:40:a5:10:5c:12:dd:
51:a2:c2:16:1e:5b:3d:23:66:8f:bf:f0:50:db:3e:
f9:a5:e5:1d:2d:2c:97:24:20:07:0d:0a:a4:ea:a0:
25:35:ad:10:f4:14:a6:e6:68:ed:73:ee:8e:0a:cf:
27:a6:2a:d5:65:32:a8:e1:59:54:e0:bd:2b:69:09:
4d:b9:06:66:c3:db:96:bb:00:b4:dc:fa:a6:39:5d:
3d:a2:97:8b:b9:55:78:ed:df:30:0b:c9:ac:7d:82:
f7:96:d1:da:dd:7d:4e:d0:9e:c3:ed:bd:43:65:6a:
9d:d6:2c:01:09:4d:d1:1f:1b:92:30:da:e4:6c:fe:
d7:d7:f5:72:63:bc:76:7a:4a:87:39:9e:47:b6:5f:
d7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:76:7D:4A:78:1E:43:9C:BE:4F:3A:5A:2B:1C:B3:1F:F0:C4:49:A0
X509v3 Authority Key Identifier:
keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:21:a0:f6:91:4d:10:93:11:71:d6:c9:52:2b:41:b8:d8:37:
f8:2d:37:f4:21:78:1b:16:b4:c6:47:f8:21:78:83:1e:e0:13:
66:83:07:5e:89:2b:b0:01:cd:17:7a:76:d8:aa:72:f7:ae:22:
92:20:fd:b5:70:74:04:73:32:fd:9f:70:11:41:d3:41:95:b5:
7d:17:a2:4f:36:1c:5e:9e:be:35:31:d3:4b:0b:1d:f7:10:eb:
ca:4d:ac:d1:4d:59:e3:11:7d:78:61:93:d0:55:3f:2a:1c:88:
49:39:63:04:92:2b:dd:e7:8b:3a:6f:67:36:b6:54:c7:5e:81:
c8:4a:63:a4:45:c2:36:72:27:e2:61:ac:74:e6:36:8f:92:73:
69:e8:59:1d:0e:ca:22:88:75:a9:ca:ca:9b:30:aa:c5:b7:b2:
06:d2:36:f6:42:83:b8:93:2b:81:bb:8c:2f:04:a9:73:11:81:
9f:36:08:bf:a8:9d:e9:69:61:fd:97:c3:d9:36:a3:0c:27:c5:
4f:1f:0c:6e:6c:90:7b:85:7e:08:61:78:c4:10:d2:07:9b:34:
49:aa:f9:7d:80:42:12:d7:b1:f7:ce:77:a5:84:05:b6:f8:a9:
da:71:57:8e:ec:f0:51:54:2f:54:b9:d1:7f:df:11:47:be:26:
8b:d3:c6:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb2zTk6EnV5pSrhmGbzPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2
ODk5MDgwHhcNMjUwNDIxMTMwMDE5WhcNMjUwNDIyMTMwMDE5WjAzMTEwLwYDVQQD
Eyg3NDc2N2Q0YTc4MWU0MzljYmU0ZjNhNWEyYjFjYjMxZmYwYzQ0OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWzzih5Gw5CrafOVynNG0lc9SDV1
W4xysLsDVAIXgcZnlOhEOCQMpVbid467bPnljGvj7bUOpF1OeHuqj291RcrZqnOq
hUi4pX9TGvRrjZ/BnWeuu3qrta29UnLPRXkaYb2L9C8WTXNt7SU8zHjaIGxApRBc
Et1RosIWHls9I2aPv/BQ2z75peUdLSyXJCAHDQqk6qAlNa0Q9BSm5mjtc+6OCs8n
pirVZTKo4VlU4L0raQlNuQZmw9uWuwC03PqmOV09opeLuVV47d8wC8msfYL3ltHa
3X1O0J7D7b1DZWqd1iwBCU3RHxuSMNrkbP7X1/VyY7x2ekqHOZ5Htl/X2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHR2fUp4HkOcvk86Wiscsx/wxEmgMB8GA1UdIwQY
MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt
ODBiNTExOGFiYWY2LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2
LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPSGg9pFN
EJMRcdbJUitBuNg3+C039CF4Gxa0xkf4IXiDHuATZoMHXokrsAHNF3p22Kpy964i
kiD9tXB0BHMy/Z9wEUHTQZW1fReiTzYcXp6+NTHTSwsd9xDryk2s0U1Z4xF9eGGT
0FU/KhyISTljBJIr3eeLOm9nNrZUx16ByEpjpEXCNnIn4mGsdOY2j5JzaehZHQ7K
Ioh1qcrKmzCqxbeyBtI29kKDuJMrgbuMLwSpcxGBnzYIv6id6Wlh/ZfD2TajDCfF
Tx8MbmyQe4V+CGF4xBDSB5s0Sar5fYBCEtex9853pYQFtvip2nFXjuzwUVQvVLnR
f98RR74mi9PGgw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:21 2025 by rpki-client