Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
File: hEoXkcsH8dhhI8Y9w63P11TbEBs.mft (raw, json)
Hash identifier: yN9gdIPqVzD9GOwGgDXXX4ln29UEzdsBG4uncYoXHYE=
Subject key identifier: 16:BA:A0:22:74:92:E1:03:D9:39:5F:CE:4A:CA:94:06:6C:69:E0:0C
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 01958CCE4842A53FE5F128F3A9AD5F806CCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
Manifest number: 08A7
Signing time: Thu 13 Mar 2025 00:01:23 +0000
Manifest this update: Thu 13 Mar 2025 00:01:23 +0000
Manifest next update: Fri 14 Mar 2025 00:01:23 +0000
Files and hashes: 1: Ihp0VP8oRNeTGrBSGwpts6D1JhE.roa (hash: Qldf3LszJ2g2XwaE6LEoxPc+aR59tijRa50IN/mT6PY=)
2: gi2zaUr2ngLXfM8NV7jNPdt_PFI.roa (hash: pPPLz9b8ntu+6vKYV+GHcDLfS03p/6Pt+aGjIk5ADdw=)
3: hEoXkcsH8dhhI8Y9w63P11TbEBs.crl (hash: w+oYpVSinFhi0yj+UpAAC1HwomVVPO9oz9QY4HcQ8FA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 19:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:ce:48:42:a5:3f:e5:f1:28:f3:a9:ad:5f:80:6c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Mar 13 00:01:23 2025 GMT
Not After : Mar 14 00:01:23 2025 GMT
Subject: CN=16baa0227492e103d9395fce4aca94066c69e00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:9e:0c:95:b3:13:46:cd:db:dd:d3:9a:d3:
b2:a8:d4:74:84:94:ae:8f:cf:52:23:4b:80:f8:39:
b7:fd:c3:fa:75:27:0b:22:b6:d6:30:50:f4:8b:a3:
ae:0d:64:73:06:71:5f:8f:07:b0:35:54:d3:24:ff:
6a:4a:fb:a8:ae:87:0c:cc:06:67:b6:fa:34:63:79:
87:8c:c9:4e:fd:39:e2:82:a5:f2:1c:09:8b:1f:1a:
99:57:4c:8a:18:87:5b:0c:f5:76:5e:05:81:84:2a:
f9:fe:3d:9b:09:a4:59:3e:49:43:f8:f6:9f:47:f1:
a3:15:bd:3d:32:7f:10:bf:60:d4:78:be:43:72:3c:
2f:24:b3:0e:c9:13:71:02:bf:27:ff:71:26:f4:20:
c3:8c:15:13:fa:40:af:ad:bf:47:7b:15:81:9f:d2:
e0:b9:0e:6a:a6:51:ce:43:64:7a:ea:49:64:a8:1e:
47:14:83:a8:bd:e7:6c:1a:1b:3c:d7:ef:b0:20:cb:
cc:b7:d2:28:0e:83:e6:00:7e:9e:60:8f:75:05:79:
6e:03:85:13:53:06:23:57:a6:8b:38:fb:fd:46:47:
f6:90:e3:b4:0f:51:84:99:6b:73:63:93:43:ec:fb:
59:a0:33:9e:80:4c:f3:98:d0:37:ef:1e:6a:79:cc:
1d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BA:A0:22:74:92:E1:03:D9:39:5F:CE:4A:CA:94:06:6C:69:E0:0C
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:e4:6c:92:23:0d:72:a0:5e:26:3c:c2:b2:94:7e:13:d0:05:
d2:32:d1:26:1e:ec:c2:0f:95:50:4a:06:d6:f4:b7:11:5a:74:
7d:71:0d:82:93:7a:d1:47:83:03:9c:c5:35:a1:ef:45:6d:1c:
c4:c3:71:43:af:28:96:e6:67:73:6a:c7:2e:8f:48:26:6c:c8:
a1:31:41:9c:1f:dc:4a:bf:66:21:76:3a:0b:8a:c9:b2:cc:22:
e5:33:f7:3b:48:80:2b:26:62:8b:b9:c6:db:0c:aa:59:4f:dd:
f6:e1:30:1a:b8:b0:fd:6b:72:c5:a8:33:6b:e8:f5:bf:fd:fd:
43:7f:8c:3b:6d:3b:a1:d8:5a:b2:06:a2:87:73:d0:58:d7:3d:
d1:c2:b6:8e:95:17:2e:37:e2:6b:0b:92:2d:45:8f:75:ff:57:
fe:a4:92:7d:bd:d7:11:52:0d:73:39:04:18:6f:91:85:e5:24:
50:23:06:e7:d2:79:9c:d4:b5:bb:0e:4d:d3:66:22:e8:55:4f:
bf:99:93:86:99:2a:48:89:aa:fb:8c:01:9f:e7:6c:bc:dc:92:
02:8b:ee:5c:89:89:78:ce:8f:f8:a7:5d:3f:90:cc:cc:0b:04:
e5:8e:2b:56:e5:3f:97:e0:6c:e7:66:a9:87:5b:9d:26:4d:58:
e3:1e:85:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMzkhCpT/l8Sjzqa1fgGzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjUwMzEzMDAwMTIzWhcNMjUwMzE0MDAwMTIzWjAzMTEwLwYDVQQD
EygxNmJhYTAyMjc0OTJlMTAzZDkzOTVmY2U0YWNhOTQwNjZjNjllMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj6eDJWzE0bN293TmtOyqNR0hJSu
j89SI0uA+Dm3/cP6dScLIrbWMFD0i6OuDWRzBnFfjwewNVTTJP9qSvuorocMzAZn
tvo0Y3mHjMlO/TnigqXyHAmLHxqZV0yKGIdbDPV2XgWBhCr5/j2bCaRZPklD+Paf
R/GjFb09Mn8Qv2DUeL5DcjwvJLMOyRNxAr8n/3Em9CDDjBUT+kCvrb9HexWBn9Lg
uQ5qplHOQ2R66klkqB5HFIOovedsGhs81++wIMvMt9IoDoPmAH6eYI91BXluA4UT
UwYjV6aLOPv9Rkf2kOO0D1GEmWtzY5ND7PtZoDOegEzzmNA37x5qecwdnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBa6oCJ0kuED2TlfzkrKlAZsaeAMMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApeRskiMN
cqBeJjzCspR+E9AF0jLRJh7swg+VUEoG1vS3EVp0fXENgpN60UeDA5zFNaHvRW0c
xMNxQ68oluZnc2rHLo9IJmzIoTFBnB/cSr9mIXY6C4rJsswi5TP3O0iAKyZii7nG
2wyqWU/d9uEwGriw/Wtyxagza+j1v/39Q3+MO207odhasgaih3PQWNc90cK2jpUX
LjfiawuSLUWPdf9X/qSSfb3XEVINczkEGG+RheUkUCMG59J5nNS1uw5N02Yi6FVP
v5mThpkqSImq+4wBn+dsvNySAovuXImJeM6P+KddP5DMzAsE5Y4rVuU/l+Bs52ap
h1udJk1Y4x6FDw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:21 2025 by rpki-client