Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json)
Hash identifier: NMSyJ+SC+gw5Vi41EZ2BKpwZAHSU8AABoc0YOMUOdWs=
Subject key identifier: 2A:FB:37:E3:8C:FF:90:35:8C:CB:28:D3:88:45:FC:EC:C6:8A:BC:0A
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 019655A593CA81C72A7CA95741AE36D0A042
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
Manifest number: 0F4D
Signing time: Mon 21 Apr 2025 00:00:36 +0000
Manifest this update: Mon 21 Apr 2025 00:00:36 +0000
Manifest next update: Tue 22 Apr 2025 00:00:36 +0000
Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=)
2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: Tr0p0Q8rguUXHvhAIgYglF3NFkkIt4UhgYF/lc5gUGE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a5:93:ca:81:c7:2a:7c:a9:57:41:ae:36:d0:a0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Apr 21 00:00:36 2025 GMT
Not After : Apr 22 00:00:36 2025 GMT
Subject: CN=2afb37e38cff90358ccb28d38845fcecc68abc0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:f9:62:42:6a:25:1c:b2:85:36:61:15:ca:
4d:a5:1c:b8:bf:61:f1:ea:cb:0d:c7:23:23:60:9b:
16:0e:ea:32:63:7b:4a:65:fb:bd:7b:3f:cd:c2:91:
51:db:5d:e0:e1:39:ce:12:40:23:19:1f:4f:d5:17:
72:fc:40:0f:e0:63:59:b4:5c:6b:3a:03:cc:1d:8a:
fd:5f:fa:6d:76:11:d2:18:a8:b8:b6:63:ae:dc:19:
f4:4b:ff:34:03:e8:87:a6:e8:e1:b5:a0:aa:3b:6b:
08:d3:c8:c7:8c:1b:90:02:13:7f:5c:d4:38:89:a2:
1c:4b:a3:ab:a0:54:27:f1:a8:70:0a:92:f5:89:b4:
79:0c:b1:44:1d:5f:90:dc:57:25:aa:6d:43:c1:1c:
5b:0c:11:c0:ed:8c:60:55:83:78:a6:74:8f:f1:98:
7f:39:3c:33:b6:3d:41:0a:9b:b6:06:4d:76:c7:3e:
4e:dc:9f:2c:d9:99:ef:9a:d2:82:50:89:e1:e6:db:
04:e4:53:5c:e2:bc:b6:64:e5:c1:25:c6:c4:9e:dc:
a8:b8:c7:75:99:e3:84:ed:35:45:4c:b0:81:92:1d:
e1:48:18:46:89:7c:a6:01:cb:f4:24:ff:11:5d:8e:
f7:d0:67:cc:f2:e5:73:58:ca:ac:54:3f:82:e3:34:
ef:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FB:37:E3:8C:FF:90:35:8C:CB:28:D3:88:45:FC:EC:C6:8A:BC:0A
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:96:81:e4:79:94:dd:41:88:84:7d:27:3c:6f:24:18:d0:c7:
ff:da:b4:49:ed:bc:93:01:87:1c:f5:d9:e7:23:f4:92:49:44:
18:57:81:ff:07:ec:29:5d:77:c9:6f:e5:e1:ef:92:30:3d:3f:
dc:0e:61:81:49:22:08:1b:3e:c8:16:d7:bd:08:e6:92:08:af:
3d:cd:df:3e:1b:d5:37:3e:a1:e7:cd:16:08:1b:2e:ff:e7:84:
dc:bc:88:12:5c:96:36:10:3d:df:f1:f6:c6:69:e2:d8:dd:24:
08:9c:86:67:d4:a1:7d:3d:93:bf:b0:f7:8d:c3:fa:e8:f7:e7:
c9:b5:83:a6:88:6f:9d:e2:db:60:ad:35:de:16:0b:80:fb:8a:
3f:a5:43:db:aa:c5:92:e2:cc:a1:0e:d2:7e:7b:48:61:45:ad:
9d:eb:9b:17:4e:3c:fa:33:60:19:f1:1f:c5:50:d5:d4:e5:21:
ef:93:34:5e:ea:28:9f:77:74:12:4a:44:33:a3:f3:4e:18:74:
ba:1a:87:c6:c7:eb:1c:21:1f:92:cb:81:a7:5e:2d:5b:4a:89:
09:a4:9d:0d:df:94:6d:e5:34:01:93:b2:f5:08:a0:f2:bc:8a:
f3:4c:36:63:77:8a:b0:23:7b:ec:d9:44:20:48:ca:a9:81:f5:
20:49:85:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpZPKgccqfKlXQa420KBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjUwNDIxMDAwMDM2WhcNMjUwNDIyMDAwMDM2WjAzMTEwLwYDVQQD
EygyYWZiMzdlMzhjZmY5MDM1OGNjYjI4ZDM4ODQ1ZmNlY2M2OGFiYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgb5YkJqJRyyhTZhFcpNpRy4v2Hx
6ssNxyMjYJsWDuoyY3tKZfu9ez/NwpFR213g4TnOEkAjGR9P1Rdy/EAP4GNZtFxr
OgPMHYr9X/ptdhHSGKi4tmOu3Bn0S/80A+iHpujhtaCqO2sI08jHjBuQAhN/XNQ4
iaIcS6OroFQn8ahwCpL1ibR5DLFEHV+Q3Fclqm1DwRxbDBHA7YxgVYN4pnSP8Zh/
OTwztj1BCpu2Bk12xz5O3J8s2ZnvmtKCUInh5tsE5FNc4ry2ZOXBJcbEntyouMd1
meOE7TVFTLCBkh3hSBhGiXymAcv0JP8RXY730GfM8uVzWMqsVD+C4zTvswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCr7N+OM/5A1jMso04hF/OzGirwKMB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZaB5HmU
3UGIhH0nPG8kGNDH/9q0Se28kwGHHPXZ5yP0kklEGFeB/wfsKV13yW/l4e+SMD0/
3A5hgUkiCBs+yBbXvQjmkgivPc3fPhvVNz6h580WCBsu/+eE3LyIElyWNhA93/H2
xmni2N0kCJyGZ9ShfT2Tv7D3jcP66PfnybWDpohvneLbYK013hYLgPuKP6VD26rF
kuLMoQ7SfntIYUWtneubF048+jNgGfEfxVDV1OUh75M0Xuoon3d0EkpEM6PzThh0
uhqHxsfrHCEfksuBp14tW0qJCaSdDd+UbeU0AZOy9Qig8ryK80w2Y3eKsCN77NlE
IEjKqYH1IEmFTw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:06:17 2025 by rpki-client