Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
File: hEcK8NideFuhi6YX3Anj9yxZlvM.mft (raw, json)
Hash identifier: gX1UgRXFWR/Rd9YXOz+ATFvf5FCFGAXS2PYEIcduIkY=
Subject key identifier: 84:F4:96:25:81:CF:EC:5E:0B:CE:10:30:55:B0:E4:A7:A7:5B:FA:89
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 0196458D78E015D3A628485767248BA8653F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
Manifest number: 067C
Signing time: Thu 17 Apr 2025 21:00:21 +0000
Manifest this update: Thu 17 Apr 2025 21:00:21 +0000
Manifest next update: Fri 18 Apr 2025 21:00:21 +0000
Files and hashes: 1: 9ZZlEoJ6DOwFDIJbfzBhtXucSCo.roa (hash: e3MsAliQl7R+w6WCs9Je3nF/3YOrMW2JU+QDq2FQ+FM=)
2: hEcK8NideFuhi6YX3Anj9yxZlvM.crl (hash: EJVhFmGFUawKl8+EEAmcPg1bwqU2jBhUrhtuUYFf0F8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:8d:78:e0:15:d3:a6:28:48:57:67:24:8b:a8:65:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Apr 17 21:00:21 2025 GMT
Not After : Apr 18 21:00:21 2025 GMT
Subject: CN=84f4962581cfec5e0bce103055b0e4a7a75bfa89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:26:e0:63:a0:f2:85:3f:5e:a2:23:88:0d:
29:6c:68:2c:17:c1:cb:b3:21:5c:c1:1f:d8:0c:56:
5e:c1:8c:5b:01:01:9b:d6:b1:89:bc:7a:12:e9:b2:
75:e0:98:cc:fc:7e:f6:a7:85:ac:63:ee:8d:80:8c:
a4:a5:64:ce:4a:a9:f4:b5:0f:2d:37:a3:c2:5e:de:
0a:3d:a7:0b:d4:89:f1:32:35:49:ae:8b:5d:39:4c:
01:4f:18:fd:e1:6e:b2:bc:cd:a2:32:ad:78:c8:36:
b3:2f:e2:a4:71:8d:ff:a5:50:2f:95:9f:9b:c5:bf:
62:ac:86:f0:46:1c:df:2d:c0:cd:4f:d3:43:88:13:
a6:72:3b:37:83:ab:51:7a:c8:77:89:51:1a:d9:ee:
68:d1:9a:b6:fd:c5:e7:6a:9c:42:7a:0a:35:39:84:
17:8d:a7:80:a4:28:b1:a6:6f:9e:f6:d8:fc:68:38:
d0:bd:04:95:39:cb:3b:5f:0b:de:ed:09:f1:92:1f:
00:03:1b:e5:c2:fc:25:0d:f6:fd:34:81:65:c0:ef:
6f:9f:ab:fa:d2:79:54:12:63:4e:83:1a:d6:70:1f:
7d:1a:cd:9c:1f:6a:65:ad:ad:84:7b:c5:e3:3b:77:
41:1a:b7:45:ef:ad:2f:4e:20:0d:2b:19:4f:a4:cb:
c4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F4:96:25:81:CF:EC:5E:0B:CE:10:30:55:B0:E4:A7:A7:5B:FA:89
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:d5:7d:53:db:77:b8:61:56:48:a1:17:b1:26:8c:20:e6:7e:
6e:b9:da:8c:9e:e4:33:38:66:e6:68:92:de:1b:6e:9a:c1:a3:
38:ac:4a:a1:f1:0a:66:fa:91:6c:fd:b2:d3:2b:4b:1a:1c:bc:
8a:87:a0:4e:e9:5b:1e:90:fe:d6:4b:01:69:9c:27:12:a0:76:
09:65:40:11:f4:3f:61:79:24:d2:e5:d5:ba:b2:0d:fe:21:06:
71:c8:c9:5b:17:3f:df:e3:1a:cc:17:30:4b:f2:60:cc:0d:85:
d3:20:89:fa:eb:69:be:92:4c:9c:41:4d:0e:42:08:64:7b:04:
96:ae:38:45:df:b8:0f:b6:d3:9b:54:0b:5b:7a:7d:a6:4d:29:
a2:f9:b2:87:af:72:0f:66:01:9f:27:43:22:6c:bc:54:1e:09:
1a:9b:1b:00:75:41:c9:90:31:c6:26:b6:e6:d9:d2:dc:ef:e4:
6c:60:e9:00:14:66:a5:5b:ce:03:eb:3e:d3:a2:84:8b:60:4b:
c9:3e:57:15:de:2f:aa:72:c9:b0:c1:7b:90:4d:28:43:af:c3:
97:10:66:1f:97:02:58:8c:06:41:8f:9e:cc:e3:65:10:f2:3c:
d8:af:58:45:dd:b9:77:95:4d:74:59:79:41:ce:b2:42:c9:36:
12:46:7f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFjXjgFdOmKEhXZySLqGU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjUwNDE3MjEwMDIxWhcNMjUwNDE4MjEwMDIxWjAzMTEwLwYDVQQD
Eyg4NGY0OTYyNTgxY2ZlYzVlMGJjZTEwMzA1NWIwZTRhN2E3NWJmYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkUm4GOg8oU/XqIjiA0pbGgsF8HL
syFcwR/YDFZewYxbAQGb1rGJvHoS6bJ14JjM/H72p4WsY+6NgIykpWTOSqn0tQ8t
N6PCXt4KPacL1InxMjVJrotdOUwBTxj94W6yvM2iMq14yDazL+KkcY3/pVAvlZ+b
xb9irIbwRhzfLcDNT9NDiBOmcjs3g6tResh3iVEa2e5o0Zq2/cXnapxCego1OYQX
jaeApCixpm+e9tj8aDjQvQSVOcs7Xwve7Qnxkh8AAxvlwvwlDfb9NIFlwO9vn6v6
0nlUEmNOgxrWcB99Gs2cH2plra2Ee8XjO3dBGrdF760vTiANKxlPpMvEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIT0liWBz+xeC84QMFWw5KenW/qJMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt9V9U9t3
uGFWSKEXsSaMIOZ+brnajJ7kMzhm5miS3htumsGjOKxKofEKZvqRbP2y0ytLGhy8
ioegTulbHpD+1ksBaZwnEqB2CWVAEfQ/YXkk0uXVurIN/iEGccjJWxc/3+MazBcw
S/JgzA2F0yCJ+utpvpJMnEFNDkIIZHsElq44Rd+4D7bTm1QLW3p9pk0povmyh69y
D2YBnydDImy8VB4JGpsbAHVByZAxxia25tnS3O/kbGDpABRmpVvOA+s+06KEi2BL
yT5XFd4vqnLJsMF7kE0oQ6/DlxBmH5cCWIwGQY+ezONlEPI82K9YRd25d5VNdFl5
Qc6yQsk2EkZ/tw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:52 2025 by rpki-client