Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json)
Hash identifier: Qx0qU1GVFu2JTHVmnjBs6cNeHncLDVjoiZ5C2xw7FP0=
Subject key identifier: D5:0E:69:31:8F:9B:23:30:13:37:BE:6C:E6:FE:28:9A:D0:BE:CD:F4
Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e
Certificate serial: 0196542535FCD34F37DEA74B2B20FF44C9EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
Manifest number: 0DA7
Signing time: Sun 20 Apr 2025 17:00:46 +0000
Manifest this update: Sun 20 Apr 2025 17:00:46 +0000
Manifest next update: Mon 21 Apr 2025 17:00:46 +0000
Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=)
2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: d4iGA8ngoP09crvapU3/iR060NrAh5SdwND00jrO3Ow=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:25:35:fc:d3:4f:37:de:a7:4b:2b:20:ff:44:c9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e
Validity
Not Before: Apr 20 17:00:46 2025 GMT
Not After : Apr 21 17:00:46 2025 GMT
Subject: CN=d50e69318f9b23301337be6ce6fe289ad0becdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:e8:86:01:4a:38:ba:46:3c:3d:7e:f6:44:
f7:ff:8c:f7:f8:d5:e3:f1:88:5e:e2:45:2d:b5:5d:
1f:c9:fc:8d:88:83:ed:07:11:a4:56:2c:58:47:e3:
dc:4a:d2:4c:86:24:dd:b6:8d:16:eb:ea:8f:6a:66:
09:53:f2:1e:05:e0:fa:1e:b3:d6:64:0a:be:b6:33:
fc:54:cd:d8:d4:12:fa:92:fc:9d:5c:4f:4d:57:0d:
36:10:54:64:45:e2:69:72:f2:1c:f0:58:32:bf:f3:
49:e5:80:31:36:45:ce:c7:ee:f7:20:63:1e:16:97:
42:3e:6e:38:13:4b:41:78:0a:ee:31:8d:c9:78:7b:
0e:c8:4d:bc:db:09:d5:b8:5f:6f:d0:18:ae:4b:a5:
2b:98:30:c8:bb:cb:6d:37:fe:c3:d0:5b:c2:f0:7f:
1d:dd:44:af:b9:ee:ad:be:a7:5f:93:d3:98:56:32:
6e:6c:a5:d4:5a:a1:c9:71:0a:e2:23:e4:4c:7d:8b:
81:ff:a6:2f:af:b5:42:84:e5:3c:1d:76:fb:0b:c4:
8a:d9:90:09:57:a0:7e:c5:d6:bb:21:69:b2:d5:c9:
5f:aa:69:f2:8a:2a:2a:28:4d:fc:bb:a6:5b:d1:5e:
bb:32:41:d6:3c:6b:d8:c6:4e:5e:01:3e:d6:93:e6:
0c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:0E:69:31:8F:9B:23:30:13:37:BE:6C:E6:FE:28:9A:D0:BE:CD:F4
X509v3 Authority Key Identifier:
keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:11:59:e8:6d:b9:65:dd:f2:42:c7:27:56:3f:f4:9d:00:d8:
2f:b7:b2:82:1d:1f:ac:d3:5a:37:19:1a:5e:89:2c:c4:87:43:
da:13:04:8f:28:41:a3:e9:c1:c8:03:ad:52:92:1b:53:2c:3b:
b9:e9:34:3e:8f:0a:c0:93:06:2e:68:42:63:46:c3:67:75:cc:
18:b5:a2:57:e7:76:3c:16:51:10:96:d3:ec:23:4f:1c:8c:f2:
0d:39:86:7a:83:ae:14:86:f3:e3:b3:14:9f:02:a9:96:cd:4e:
80:bb:08:54:80:dc:cf:3a:60:ea:16:d0:05:57:3e:19:a3:d9:
a6:e0:1f:e7:a1:78:0b:e9:ec:84:52:78:a5:4f:7a:2c:be:13:
db:94:dd:1b:1d:b9:e6:b2:2a:13:20:7c:27:10:87:14:d8:13:
ec:7c:8e:7e:29:b1:fc:cb:29:89:59:64:0d:3a:58:f5:2f:1a:
0e:02:83:49:61:8c:a7:65:bf:b8:5d:c2:de:a6:0a:ca:2b:8c:
2e:80:75:a9:6c:e9:1e:2c:db:5f:1a:f4:ed:ed:d0:8a:44:c4:
78:b5:6e:73:72:97:54:a6:df:39:e9:6c:56:35:9f:ac:8b:4e:
8f:86:7e:2f:8c:6b:9a:aa:3d:f0:d4:49:43:db:66:90:b4:02:
59:3e:3c:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJTX800833qdLKyD/RMnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz
ZjAyMmUwHhcNMjUwNDIwMTcwMDQ2WhcNMjUwNDIxMTcwMDQ2WjAzMTEwLwYDVQQD
EyhkNTBlNjkzMThmOWIyMzMwMTMzN2JlNmNlNmZlMjg5YWQwYmVjZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu7ohgFKOLpGPD1+9kT3/4z3+NXj
8Yhe4kUttV0fyfyNiIPtBxGkVixYR+PcStJMhiTdto0W6+qPamYJU/IeBeD6HrPW
ZAq+tjP8VM3Y1BL6kvydXE9NVw02EFRkReJpcvIc8Fgyv/NJ5YAxNkXOx+73IGMe
FpdCPm44E0tBeAruMY3JeHsOyE282wnVuF9v0BiuS6UrmDDIu8ttN/7D0FvC8H8d
3USvue6tvqdfk9OYVjJubKXUWqHJcQriI+RMfYuB/6Yvr7VChOU8HXb7C8SK2ZAJ
V6B+xda7IWmy1clfqmnyiioqKE38u6Zb0V67MkHWPGvYxk5eAT7Wk+YM3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUOaTGPmyMwEze+bOb+KJrQvs30MB8GA1UdIwQY
MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt
MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2
LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBFZ6G25
Zd3yQscnVj/0nQDYL7eygh0frNNaNxkaXoksxIdD2hMEjyhBo+nByAOtUpIbUyw7
uek0Po8KwJMGLmhCY0bDZ3XMGLWiV+d2PBZREJbT7CNPHIzyDTmGeoOuFIbz47MU
nwKpls1OgLsIVIDczzpg6hbQBVc+GaPZpuAf56F4C+nshFJ4pU96LL4T25TdGx25
5rIqEyB8JxCHFNgT7HyOfimx/MspiVlkDTpY9S8aDgKDSWGMp2W/uF3C3qYKyiuM
LoB1qWzpHizbXxr07e3QikTEeLVuc3KXVKbfOelsVjWfrItOj4Z+L4xrmqo98NRJ
Q9tmkLQCWT48uA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:50 2025 by rpki-client