Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
File: HQHtI2TsgiZcaIaf5yvnVzGaMes.mft (raw, json)
Hash identifier: 5/I6ljiEO6jVzm51wHhgEmQKtTdzZLpmbkEMJTcbGpY=
Subject key identifier: 5E:53:D3:A5:6F:3D:06:F9:76:29:D1:6A:87:91:73:DE:42:AA:75:9A
Authority key identifier: 1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB
Certificate issuer: /CN=1d01ed2364ec82265c68869fe72be757319a31eb
Certificate serial: 019656B82146703A8063A461B53A80C3C041
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
Manifest number: 1320
Signing time: Mon 21 Apr 2025 05:00:29 +0000
Manifest this update: Mon 21 Apr 2025 05:00:29 +0000
Manifest next update: Tue 22 Apr 2025 05:00:29 +0000
Files and hashes: 1: HQHtI2TsgiZcaIaf5yvnVzGaMes.crl (hash: kDJozXYhYFc8n1iRZhHHeQOZE2P3hx8VSN0tVpNQ2rw=)
2: VrKnPWUHZqDvzs6ur0GOjZl2i2E.roa (hash: mb8FZcI3peRcYmZtZcg+Q1vM47sFhZh3vrE8fwC75+A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:b8:21:46:70:3a:80:63:a4:61:b5:3a:80:c3:c0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01ed2364ec82265c68869fe72be757319a31eb
Validity
Not Before: Apr 21 05:00:29 2025 GMT
Not After : Apr 22 05:00:29 2025 GMT
Subject: CN=5e53d3a56f3d06f97629d16a879173de42aa759a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c4:36:cd:66:f4:8c:81:e3:d6:e2:07:a2:2e:
30:e0:84:d7:70:f9:d4:c7:05:dd:0b:b3:95:22:d6:
29:5d:2c:c2:22:83:8f:aa:b6:cf:00:f6:78:66:0b:
1b:07:1b:32:21:a0:c6:63:c9:f8:f9:9f:c2:c3:a5:
d7:4d:94:ef:50:20:18:6d:d7:56:81:07:0f:13:47:
d9:66:3d:0e:ab:44:3c:53:f3:69:65:83:b1:da:9e:
b1:63:5f:5f:4a:25:c7:d1:10:48:c3:2e:df:8d:24:
a6:68:86:91:20:fc:1f:91:58:4e:f7:6b:88:e6:14:
f4:83:36:21:2e:43:27:fd:1a:d8:b0:f5:bd:c1:d7:
2f:97:5e:d7:4f:e4:ed:84:85:16:97:88:17:78:28:
51:2f:1c:fd:0f:06:a5:b1:f1:ea:4a:47:9b:b3:cc:
c4:e4:79:32:ee:be:89:a3:2f:12:d3:75:dc:0e:08:
f2:c4:f8:cf:e3:ea:9f:b4:02:bf:28:04:2e:cf:90:
90:0c:70:c0:41:4b:37:36:9a:c3:8b:67:0c:aa:72:
b2:aa:6b:cc:76:c8:4b:73:43:94:0d:ca:71:3b:18:
2e:17:5d:0c:e9:93:9b:5f:59:2a:9f:4d:72:eb:84:
85:26:c0:ac:db:24:9c:d0:66:e6:6f:92:1f:c6:ac:
f4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:53:D3:A5:6F:3D:06:F9:76:29:D1:6A:87:91:73:DE:42:AA:75:9A
X509v3 Authority Key Identifier:
keyid:1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:9c:18:c3:39:2c:36:18:14:a7:13:30:f2:c5:91:be:02:1d:
a4:67:a4:08:06:fe:5e:dd:b7:4d:ba:81:ad:da:5d:39:89:6b:
32:fa:d3:f3:46:25:a1:9e:25:dc:4c:77:c5:af:e9:10:14:e3:
ef:50:7b:37:f1:58:af:3f:7b:dd:2b:89:1a:ec:21:70:e2:38:
00:db:e1:42:1b:9f:ae:b6:c9:a1:0d:ca:50:78:53:b2:21:21:
bf:6e:ad:a8:4e:36:84:37:90:e6:57:e9:01:bd:10:ee:03:18:
dd:05:a1:23:18:7c:c3:b6:47:19:1e:03:e6:a9:ba:a8:4e:c7:
1e:ec:43:3e:7a:db:1e:28:d3:86:5f:d1:3a:bb:90:09:50:ae:
83:dc:1f:77:76:d0:95:7a:43:12:b8:6f:83:4a:0c:68:8b:8e:
40:fa:fc:b9:68:9f:6f:e7:27:3c:a0:a5:b5:9a:66:e2:86:dd:
99:cb:44:41:a5:c1:05:ba:9d:44:fa:82:e0:2f:27:7f:ee:50:
ef:1e:0c:64:55:b4:80:67:18:92:b3:86:1a:e3:85:61:fa:82:
8f:07:dd:8d:4d:d4:9c:b7:c9:cb:75:de:1a:b3:da:26:67:18:
04:7a:99:36:97:28:fe:8b:ed:84:5f:e3:e7:2f:a6:e5:5d:82:
cd:19:94:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWuCFGcDqAY6RhtTqAw8BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFlZDIzNjRlYzgyMjY1YzY4ODY5ZmU3MmJlNzU3MzE5
YTMxZWIwHhcNMjUwNDIxMDUwMDI5WhcNMjUwNDIyMDUwMDI5WjAzMTEwLwYDVQQD
Eyg1ZTUzZDNhNTZmM2QwNmY5NzYyOWQxNmE4NzkxNzNkZTQyYWE3NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsQ2zWb0jIHj1uIHoi4w4ITXcPnU
xwXdC7OVItYpXSzCIoOPqrbPAPZ4ZgsbBxsyIaDGY8n4+Z/Cw6XXTZTvUCAYbddW
gQcPE0fZZj0Oq0Q8U/NpZYOx2p6xY19fSiXH0RBIwy7fjSSmaIaRIPwfkVhO92uI
5hT0gzYhLkMn/RrYsPW9wdcvl17XT+TthIUWl4gXeChRLxz9DwalsfHqSkebs8zE
5Hky7r6Joy8S03XcDgjyxPjP4+qftAK/KAQuz5CQDHDAQUs3NprDi2cMqnKyqmvM
dshLc0OUDcpxOxguF10M6ZObX1kqn01y64SFJsCs2ySc0Gbmb5Ifxqz0ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF5T06VvPQb5dinRaoeRc95CqnWaMB8GA1UdIwQY
MBaAFB0B7SNk7IImXGiGn+cr51cxmjHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDct
YjQzY2FlNmUyMzE5LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDctYjQzY2FlNmUyMzE5
LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz5wYwzks
NhgUpxMw8sWRvgIdpGekCAb+Xt23TbqBrdpdOYlrMvrT80YloZ4l3Ex3xa/pEBTj
71B7N/FYrz973SuJGuwhcOI4ANvhQhufrrbJoQ3KUHhTsiEhv26tqE42hDeQ5lfp
Ab0Q7gMY3QWhIxh8w7ZHGR4D5qm6qE7HHuxDPnrbHijThl/ROruQCVCug9wfd3bQ
lXpDErhvg0oMaIuOQPr8uWifb+cnPKCltZpm4obdmctEQaXBBbqdRPqC4C8nf+5Q
7x4MZFW0gGcYkrOGGuOFYfqCjwfdjU3UnLfJy3XeGrPaJmcYBHqZNpco/ovthF/j
5y+m5V2CzRmU8A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:33:53 2025 by rpki-client