Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
File: HlcDhG16g2S-wwMDTbkay_9C2gw.mft (raw, json)
Hash identifier: +NgIV6v4P3iwXsb9cxE7p1VKIFZp757ylEiCh88nfc4=
Subject key identifier: 73:B2:ED:50:19:0F:8C:B8:6F:1C:E3:1C:B4:C0:0F:2E:91:79:36:79
Authority key identifier: 1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
Certificate issuer: /CN=1e5703846d7a8364bec303034db91acbff42da0c
Certificate serial: 019629E00DAEE99EB858C89DA0806F298D31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
Manifest number: 08A8
Signing time: Sat 12 Apr 2025 12:01:11 +0000
Manifest this update: Sat 12 Apr 2025 12:01:11 +0000
Manifest next update: Sun 13 Apr 2025 12:01:11 +0000
Files and hashes: 1: 4PNlkOPWAaPkvxKKyZ24ywHUUNs.roa (hash: eaQPOrhXnd6IgLBTpKSTCgVJBcG3spHBZu3BsMLZw3g=)
2: HlcDhG16g2S-wwMDTbkay_9C2gw.crl (hash: 19FOWOzXLkeuVJB4TbSccrMFAmtxffbOpbc6YKEripo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 12:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:e0:0d:ae:e9:9e:b8:58:c8:9d:a0:80:6f:29:8d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5703846d7a8364bec303034db91acbff42da0c
Validity
Not Before: Apr 12 12:01:11 2025 GMT
Not After : Apr 13 12:01:11 2025 GMT
Subject: CN=73b2ed50190f8cb86f1ce31cb4c00f2e91793679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:f5:b0:3c:f7:b1:5c:62:d8:cb:11:d8:7b:
90:c8:fc:f6:64:a4:c9:89:9a:f8:dc:a4:5d:4b:a2:
92:f8:7a:2f:ba:83:dc:0c:41:cc:17:b7:50:e4:ee:
62:51:1c:6e:70:c4:29:59:3b:a2:ed:0a:9e:b6:cd:
30:8b:25:56:18:26:4f:aa:fd:b3:34:8f:17:c1:0b:
3e:f2:71:4b:71:78:a4:27:61:f8:c8:f9:67:51:c7:
c8:09:1d:95:95:7d:9f:c4:bb:d4:72:28:72:30:96:
92:55:08:d6:c4:5f:4e:be:22:f4:c4:ca:00:67:62:
b9:08:5f:71:dc:77:7d:de:67:6b:32:5b:ed:bd:e9:
4b:e1:38:4f:a1:11:24:9d:f2:84:d2:90:df:33:f8:
67:0e:47:2f:3f:a8:de:7f:33:29:33:f4:0b:24:2b:
0e:c6:80:a6:bf:09:bd:b4:87:5f:8e:fc:b2:01:e8:
08:52:c7:78:5a:f9:e3:8c:22:d2:d7:68:d4:59:52:
9e:2f:a7:98:8a:67:b4:ab:cb:c3:2b:56:35:a6:ab:
22:27:35:93:5d:a3:63:53:43:59:de:8e:76:02:29:
b5:53:f3:ca:f1:ee:ca:17:d8:a1:32:7f:c1:be:90:
29:10:5f:06:24:2f:92:9e:59:fb:4c:1b:66:96:c8:
5a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B2:ED:50:19:0F:8C:B8:6F:1C:E3:1C:B4:C0:0F:2E:91:79:36:79
X509v3 Authority Key Identifier:
keyid:1E:57:03:84:6D:7A:83:64:BE:C3:03:03:4D:B9:1A:CB:FF:42:DA:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlcDhG16g2S-wwMDTbkay_9C2gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/bc658f-a528-4360-b58c-07b09e465119/1/HlcDhG16g2S-wwMDTbkay_9C2gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:ac:40:7a:e8:84:c5:a1:3d:87:3e:7d:d7:99:ce:a5:24:db:
71:9b:9b:9e:2b:4a:c3:30:2c:d8:14:ae:9a:f6:bf:f2:37:18:
15:6f:ae:af:3d:32:c5:66:97:54:d6:76:57:29:a7:f6:c7:af:
61:d1:fb:7b:fa:b1:81:ed:8a:ce:c2:0b:6a:72:1c:0e:7a:96:
c5:68:a1:75:af:19:a9:5a:17:eb:7c:fe:36:ef:c8:e4:1a:95:
22:2f:51:27:f2:6c:3d:2b:c0:10:20:dc:0f:16:93:8a:5a:3c:
67:09:22:08:84:e0:2c:f6:d8:df:10:62:0a:28:ce:32:04:d0:
c5:1b:53:91:c6:33:45:6d:38:b6:84:25:b9:25:84:6a:49:08:
19:6a:e7:7e:27:da:b4:a1:2b:4a:e8:8a:42:a3:1e:0a:d0:68:
68:29:6e:54:55:a8:62:5c:1f:ad:19:c2:12:2c:7a:eb:00:45:
05:21:6f:c9:13:e1:b5:8d:38:2b:ca:43:6d:82:77:dc:7d:7c:
8a:27:1d:c0:e5:32:7c:65:79:f7:ab:90:b7:63:9e:ab:e8:e4:
20:32:cc:57:4d:97:b3:ea:9d:d1:48:28:32:b3:09:0a:49:94:
8b:e1:65:a6:8d:5c:f7:ba:06:a5:59:74:e7:0c:f7:3b:d7:5a:
fa:50:88:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYp4A2u6Z64WMidoIBvKY0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNTcwMzg0NmQ3YTgzNjRiZWMzMDMwMzRkYjkxYWNiZmY0
MmRhMGMwHhcNMjUwNDEyMTIwMTExWhcNMjUwNDEzMTIwMTExWjAzMTEwLwYDVQQD
Eyg3M2IyZWQ1MDE5MGY4Y2I4NmYxY2UzMWNiNGMwMGYyZTkxNzkzNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nz1sDz3sVxi2MsR2HuQyPz2ZKTJ
iZr43KRdS6KS+HovuoPcDEHMF7dQ5O5iURxucMQpWTui7Qqets0wiyVWGCZPqv2z
NI8XwQs+8nFLcXikJ2H4yPlnUcfICR2VlX2fxLvUcihyMJaSVQjWxF9OviL0xMoA
Z2K5CF9x3Hd93mdrMlvtvelL4ThPoREknfKE0pDfM/hnDkcvP6jefzMpM/QLJCsO
xoCmvwm9tIdfjvyyAegIUsd4WvnjjCLS12jUWVKeL6eYime0q8vDK1Y1pqsiJzWT
XaNjU0NZ3o52Aim1U/PK8e7KF9ihMn/BvpApEF8GJC+Snln7TBtmlshazQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOy7VAZD4y4bxzjHLTADy6ReTZ5MB8GA1UdIwQY
MBaAFB5XA4RteoNkvsMDA025Gsv/QtoMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMt
MDdiMDllNDY1MTE5LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iYzY1OGYtYTUyOC00MzYwLWI1OGMtMDdiMDllNDY1MTE5
LzEvSGxjRGhHMTZnMlMtd3dNRFRia2F5XzlDMmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqxAeuiE
xaE9hz5915nOpSTbcZubnitKwzAs2BSumva/8jcYFW+urz0yxWaXVNZ2Vymn9sev
YdH7e/qxge2KzsILanIcDnqWxWihda8ZqVoX63z+Nu/I5BqVIi9RJ/JsPSvAECDc
DxaTilo8ZwkiCITgLPbY3xBiCijOMgTQxRtTkcYzRW04toQluSWEakkIGWrnfifa
tKErSuiKQqMeCtBoaCluVFWoYlwfrRnCEix66wBFBSFvyRPhtY04K8pDbYJ33H18
iicdwOUyfGV596uQt2Oeq+jkIDLMV02Xs+qd0UgoMrMJCkmUi+Flpo1c97oGpVl0
5wz3O9da+lCINw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:28:46 2025 by rpki-client