Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: BSdGQ9z+JtulWwK8QeHokP785R7akPgChymkGimGyjo=
Subject key identifier: 7F:5C:5F:F2:CC:90:E3:13:BC:3D:96:BC:B2:3B:94:F2:DC:D9:03:EC
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 01965C831AB81D480F8194AFE5D149A991AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 87
Signing time: Tue 22 Apr 2025 08:00:17 +0000
Manifest this update: Tue 22 Apr 2025 08:00:17 +0000
Manifest next update: Wed 23 Apr 2025 08:00:17 +0000
Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: X/lGxSgvoCXlozlJ7fVKZU6N4bwqT7oGwh+nSnmv/io=)
2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:83:1a:b8:1d:48:0f:81:94:af:e5:d1:49:a9:91:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Apr 22 08:00:17 2025 GMT
Not After : Apr 23 08:00:17 2025 GMT
Subject: CN=7f5c5ff2cc90e313bc3d96bcb23b94f2dcd903ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:77:b6:6a:c8:fe:a4:5b:4c:e7:66:0b:fb:
6f:d6:d9:e7:20:e2:e1:69:14:6c:05:c4:03:08:59:
24:fb:38:10:67:c3:fd:4e:2c:86:97:2d:f1:3a:5d:
1d:af:76:18:b5:15:e5:99:e3:95:0a:c6:80:f2:77:
de:00:45:90:70:a1:27:95:1d:84:c9:2f:cc:dc:64:
29:85:76:3f:11:15:4c:52:46:68:5e:86:c6:4a:09:
9e:49:c6:5c:65:1d:d8:f6:ad:8f:5f:90:53:33:32:
5b:43:98:67:4b:fd:46:89:17:ef:86:06:83:18:77:
04:4f:f2:ab:10:31:6b:f3:de:cb:7a:97:75:f2:57:
5d:e8:ed:7d:a5:4c:97:38:9c:c7:b8:3d:9c:aa:27:
b0:7b:b9:df:60:de:28:38:60:e1:81:d4:97:5e:b3:
c9:dd:cf:ea:b5:b2:b9:70:48:3d:81:59:0f:6b:66:
c4:37:7a:44:a9:10:51:bd:7a:8a:ba:54:f0:dc:54:
2b:a6:ef:43:44:75:c1:10:38:d4:13:6f:ba:be:60:
63:71:df:70:cd:fc:d3:ff:16:8f:36:21:82:49:6e:
d5:a3:ab:57:7e:87:a5:d1:28:db:06:4a:51:1c:8b:
9b:63:9f:02:32:fd:80:a2:f1:00:41:99:d1:6b:b5:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5C:5F:F2:CC:90:E3:13:BC:3D:96:BC:B2:3B:94:F2:DC:D9:03:EC
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:15:3c:68:fd:f7:49:ca:fc:04:dd:ab:8e:ae:9f:ec:5b:e4:
ee:0c:93:09:76:f0:67:f9:d2:10:6a:45:07:ae:84:01:3b:79:
3a:fd:10:0d:79:33:06:58:4f:29:7e:e4:fc:23:fb:d0:cb:18:
b9:a9:45:62:3f:4b:31:e6:82:f9:a9:20:78:01:51:39:7c:f4:
cb:2e:30:89:99:ff:92:1f:e1:d4:cc:bd:32:23:37:67:69:fc:
67:56:d9:50:ec:94:a1:12:6d:72:ae:bc:0e:4d:6e:63:5e:db:
06:d0:f4:89:70:3f:0f:cd:b1:45:2c:25:bf:0f:2a:81:bf:aa:
9c:39:e3:9a:e1:2d:b0:1e:75:c3:ab:15:fb:09:18:b1:a4:b5:
7b:ea:88:a5:2e:30:35:87:bf:fb:b3:ef:3d:6a:9c:99:9e:8d:
73:0c:cd:e5:4e:48:31:79:10:76:2c:28:49:f8:92:48:78:d6:
ba:73:8e:05:d2:b4:49:1a:3e:1b:c1:39:ea:6b:3a:7c:03:ab:
fb:0a:88:12:d9:77:68:5b:dd:d3:8a:26:f6:e9:1c:44:04:87:
9f:91:b7:cc:63:cc:07:37:81:97:37:67:f4:e3:6a:2f:f3:f9:
11:49:fa:0e:0c:7c:d7:52:ac:c6:d2:fe:e7:24:c0:64:be:9b:
c7:4c:8a:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZcgxq4HUgPgZSv5dFJqZGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjUwNDIyMDgwMDE3WhcNMjUwNDIzMDgwMDE3WjAzMTEwLwYDVQQD
Eyg3ZjVjNWZmMmNjOTBlMzEzYmMzZDk2YmNiMjNiOTRmMmRjZDkwM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYR3tmrI/qRbTOdmC/tv1tnnIOLh
aRRsBcQDCFkk+zgQZ8P9TiyGly3xOl0dr3YYtRXlmeOVCsaA8nfeAEWQcKEnlR2E
yS/M3GQphXY/ERVMUkZoXobGSgmeScZcZR3Y9q2PX5BTMzJbQ5hnS/1GiRfvhgaD
GHcET/KrEDFr897Lepd18ldd6O19pUyXOJzHuD2cqiewe7nfYN4oOGDhgdSXXrPJ
3c/qtbK5cEg9gVkPa2bEN3pEqRBRvXqKulTw3FQrpu9DRHXBEDjUE2+6vmBjcd9w
zfzT/xaPNiGCSW7Vo6tXfoel0SjbBkpRHIubY58CMv2AovEAQZnRa7VScQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9cX/LMkOMTvD2WvLI7lPLc2QPsMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlhU8aP33
Scr8BN2rjq6f7Fvk7gyTCXbwZ/nSEGpFB66EATt5Ov0QDXkzBlhPKX7k/CP70MsY
ualFYj9LMeaC+akgeAFROXz0yy4wiZn/kh/h1My9MiM3Z2n8Z1bZUOyUoRJtcq68
Dk1uY17bBtD0iXA/D82xRSwlvw8qgb+qnDnjmuEtsB51w6sV+wkYsaS1e+qIpS4w
NYe/+7PvPWqcmZ6NcwzN5U5IMXkQdiwoSfiSSHjWunOOBdK0SRo+G8E56ms6fAOr
+wqIEtl3aFvd04om9ukcRASHn5G3zGPMBzeBlzdn9ONqL/P5EUn6Dgx811KsxtL+
5yTAZL6bx0yKkw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:43:41 2025 by rpki-client