Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: NodVC1NDRt5INzb0ikFqG+/z/TSW5ok6dbgXwkaI2O4=
Subject key identifier: B8:3E:4C:17:EF:0A:75:D7:4B:91:FD:8B:D6:B1:5F:09:0B:38:9D:C5
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 01958C97458AFADB41768B385F0022BC8F93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1498
Signing time: Wed 12 Mar 2025 23:01:18 +0000
Manifest this update: Wed 12 Mar 2025 23:01:18 +0000
Manifest next update: Thu 13 Mar 2025 23:01:18 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: wt66eSkLL7VKOpszjldAjPJDy+XYOD5/paJBO0V0Xmk=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 19:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:97:45:8a:fa:db:41:76:8b:38:5f:00:22:bc:8f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Mar 12 23:01:18 2025 GMT
Not After : Mar 13 23:01:18 2025 GMT
Subject: CN=b83e4c17ef0a75d74b91fd8bd6b15f090b389dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:aa:2f:02:33:d6:b4:73:2e:79:c6:2b:e1:18:
ce:e7:61:ab:2f:bd:a2:f0:b9:48:60:fe:d0:77:7a:
50:65:d6:b2:ea:0f:c3:b1:7d:62:f7:d8:75:c3:d4:
fe:ef:ba:3b:d6:0d:df:81:e4:c0:3d:1a:34:85:f8:
10:8b:f8:71:cc:fb:4f:cf:08:1f:36:e8:1d:b5:97:
6b:26:e9:fe:52:ac:ee:09:d0:81:b1:cf:f4:5e:c4:
0d:3b:7a:6f:ba:1f:2f:56:27:c3:25:a7:14:ed:4e:
2c:c8:e9:c5:a6:9c:3e:82:22:16:c9:5a:a4:85:ee:
ad:fa:a5:f5:f3:d9:99:e0:61:17:3b:29:93:ef:65:
c5:65:1a:dd:17:c8:26:78:7c:98:3a:13:f5:bd:27:
1f:38:c0:95:aa:d1:3d:ee:97:cd:19:b6:ae:54:3b:
2e:52:15:3b:86:ba:8c:6a:5d:6d:64:1b:b9:9f:dd:
20:5f:94:82:d3:d0:96:ce:98:c9:40:27:fc:60:97:
e7:13:00:56:09:45:e8:d9:cd:6a:a5:17:cc:a1:b4:
aa:48:3b:e1:22:50:ba:9c:4a:88:b9:08:91:0d:12:
09:70:e0:67:45:db:54:7f:6a:b3:3e:ec:16:01:df:
f2:bd:04:d2:a9:4f:fd:23:e6:27:b1:60:de:3e:40:
77:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3E:4C:17:EF:0A:75:D7:4B:91:FD:8B:D6:B1:5F:09:0B:38:9D:C5
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:91:85:7f:8d:98:36:a8:22:d4:2a:6c:80:b6:9d:6f:b4:bc:
32:9d:c8:8a:92:84:c8:95:44:fe:82:54:cf:f2:4d:b6:8f:a0:
0b:42:4c:9d:d4:09:fe:45:94:e3:85:48:12:10:c7:eb:ab:84:
c2:84:c5:02:f0:bf:5d:cf:22:97:ed:76:07:20:56:1b:6a:29:
a3:73:19:fc:c5:c3:db:81:7b:4a:07:7a:2a:41:27:96:6d:77:
89:89:00:e3:56:ef:bf:b0:ac:98:3d:e8:9e:84:b8:95:77:07:
a6:34:70:6c:2d:98:86:f2:d3:de:f4:fb:03:57:82:42:41:0b:
c4:3e:9f:be:58:8f:2f:8e:15:94:a0:ef:53:da:8e:72:6d:f8:
61:4e:f2:80:4c:45:19:47:c6:f7:74:22:95:37:1b:9f:7e:44:
0c:35:68:e4:98:a6:d2:06:d6:65:15:0a:88:5b:dc:c3:51:1e:
3d:12:eb:84:b3:0d:5c:6b:14:74:55:20:19:d1:42:53:30:a4:
8f:2c:c0:22:0f:8c:c5:ef:a4:2c:e4:8d:68:d6:a2:3c:f2:42:
93:10:1f:84:e2:7b:54:d9:ec:e3:8e:a5:3d:b4:33:3b:60:3a:
9a:11:25:dd:55:dd:f1:92:70:60:e8:0c:3c:d2:cb:36:e3:b9:
a5:6b:3c:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMl0WK+ttBdos4XwAivI+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwMzEyMjMwMTE4WhcNMjUwMzEzMjMwMTE4WjAzMTEwLwYDVQQD
EyhiODNlNGMxN2VmMGE3NWQ3NGI5MWZkOGJkNmIxNWYwOTBiMzg5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6ovAjPWtHMuecYr4RjO52GrL72i
8LlIYP7Qd3pQZday6g/DsX1i99h1w9T+77o71g3fgeTAPRo0hfgQi/hxzPtPzwgf
NugdtZdrJun+UqzuCdCBsc/0XsQNO3pvuh8vVifDJacU7U4syOnFppw+giIWyVqk
he6t+qX189mZ4GEXOymT72XFZRrdF8gmeHyYOhP1vScfOMCVqtE97pfNGbauVDsu
UhU7hrqMal1tZBu5n90gX5SC09CWzpjJQCf8YJfnEwBWCUXo2c1qpRfMobSqSDvh
IlC6nEqIuQiRDRIJcOBnRdtUf2qzPuwWAd/yvQTSqU/9I+YnsWDePkB3QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg+TBfvCnXXS5H9i9axXwkLOJ3FMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZGFf42Y
Nqgi1CpsgLadb7S8Mp3IipKEyJVE/oJUz/JNto+gC0JMndQJ/kWU44VIEhDH66uE
woTFAvC/Xc8il+12ByBWG2opo3MZ/MXD24F7Sgd6KkEnlm13iYkA41bvv7CsmD3o
noS4lXcHpjRwbC2YhvLT3vT7A1eCQkELxD6fvliPL44VlKDvU9qOcm34YU7ygExF
GUfG93QilTcbn35EDDVo5Jim0gbWZRUKiFvcw1EePRLrhLMNXGsUdFUgGdFCUzCk
jyzAIg+Mxe+kLOSNaNaiPPJCkxAfhOJ7VNns446lPbQzO2A6mhEl3VXd8ZJwYOgM
PNLLNuO5pWs8Sg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:27 2025 by rpki-client