Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
File: k7Hqu-XuDASWgOKryVU0OexkPAs.mft (raw, json)
Hash identifier: 2u5/5Gywq+o/AK0MAA1EobQe7n7z5muEUegxtxNvI0s=
Subject key identifier: 54:AA:21:E2:B0:56:03:7E:99:E5:8E:E4:FB:18:92:BA:57:3B:E4:ED
Authority key identifier: 93:B1:EA:BB:E5:EE:0C:04:96:80:E2:AB:C9:55:34:39:EC:64:3C:0B
Certificate issuer: /CN=93b1eabbe5ee0c049680e2abc9553439ec643c0b
Certificate serial: 019651FFD76501734CF423170C7713E95142
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
Manifest number: 0EAF
Signing time: Sun 20 Apr 2025 07:00:43 +0000
Manifest this update: Sun 20 Apr 2025 07:00:43 +0000
Manifest next update: Mon 21 Apr 2025 07:00:43 +0000
Files and hashes: 1: PQ_yvQsZl8a1BJZelz18O8KYziI.roa (hash: a9+EgNIf1zhqdc2reiY/K2IYhXxlOzKE9JswUeuIGNI=)
2: k7Hqu-XuDASWgOKryVU0OexkPAs.crl (hash: lM0ckxGgOvfsjYcG8GEDT3QHGbgehrsFDafn+wH12zo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:ff:d7:65:01:73:4c:f4:23:17:0c:77:13:e9:51:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b1eabbe5ee0c049680e2abc9553439ec643c0b
Validity
Not Before: Apr 20 07:00:43 2025 GMT
Not After : Apr 21 07:00:43 2025 GMT
Subject: CN=54aa21e2b056037e99e58ee4fb1892ba573be4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d9:e8:68:d7:a9:c2:85:fe:d9:75:f1:4a:08:
c9:20:52:51:eb:1b:00:24:cc:2f:9b:d4:d7:96:11:
f4:ea:c5:6d:6a:96:fe:32:17:33:1a:ce:80:ef:32:
5e:52:dc:a3:f8:d9:19:11:b2:75:ee:11:7a:36:bd:
22:d7:43:70:50:b4:44:e1:47:96:9b:24:22:e1:27:
62:1f:c3:65:97:8b:50:7d:12:e4:ac:47:4e:2e:02:
bf:9f:14:a0:02:bc:31:27:e5:76:46:de:79:b1:19:
98:8c:5c:c0:b9:47:f2:fa:a7:6f:6d:f2:84:1b:77:
0a:ac:04:07:7b:1d:56:80:54:cb:da:51:e2:d9:aa:
34:8f:c8:b7:11:b3:38:2c:6a:39:20:60:3f:10:15:
63:de:f7:5b:db:1a:14:65:23:52:d4:43:07:64:3e:
87:d1:29:6c:ea:60:50:98:46:a4:83:eb:27:d8:56:
da:86:9c:34:3b:6c:a7:e4:98:83:10:9b:14:06:de:
75:f1:55:d0:fe:12:07:ad:6c:d6:99:fd:07:db:a9:
eb:2c:0b:06:b6:8a:0a:d7:b6:77:5c:ef:b4:cd:6e:
05:30:8c:db:78:2c:c0:33:11:95:d9:49:68:6a:52:
07:12:50:23:fd:d8:c1:3d:26:9f:1d:e7:f3:c7:8c:
97:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AA:21:E2:B0:56:03:7E:99:E5:8E:E4:FB:18:92:BA:57:3B:E4:ED
X509v3 Authority Key Identifier:
keyid:93:B1:EA:BB:E5:EE:0C:04:96:80:E2:AB:C9:55:34:39:EC:64:3C:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:56:aa:ba:f9:9f:27:7a:cd:47:10:bf:bf:5d:39:96:43:d1:
92:91:de:ca:fc:fd:6b:81:f2:36:8c:bc:d3:87:63:73:5a:8e:
b1:e4:88:50:47:81:5b:7c:3d:0d:a3:53:c6:57:2d:31:a6:d5:
12:cd:bd:9a:ed:f7:fc:8a:d5:a3:9a:b5:11:bc:12:af:c0:61:
b6:00:36:d4:82:63:2e:ba:c9:09:d5:3b:c8:43:fa:0b:e9:52:
b8:69:63:90:a9:15:c6:ae:a4:6a:f0:40:a9:71:eb:d2:c6:b7:
90:90:d9:ba:67:16:44:11:39:f7:ee:5f:f0:94:d9:22:71:1a:
88:40:4e:9c:7b:e8:9a:e3:6f:13:84:99:98:e9:56:bd:0b:c9:
b4:69:2e:19:13:dc:5d:2a:44:3e:01:b6:10:13:76:87:08:42:
6e:c0:2c:5d:4b:97:53:9d:8c:44:c1:2c:d3:b3:37:fa:9d:fe:
3b:20:74:8a:aa:63:58:2b:6c:f1:3b:29:c0:9a:3b:57:ae:2d:
a4:14:1d:71:c0:e7:84:93:a6:d8:5a:a0:e1:2e:e5:82:0d:cf:
0a:e9:79:91:8d:5f:b7:69:ea:0c:59:7c:c8:70:08:50:f4:4f:
71:1a:10:17:4d:73:6e:4c:bf:a9:b9:66:cc:3d:59:9f:fc:65:
8c:43:cf:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/9dlAXNM9CMXDHcT6VFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjFlYWJiZTVlZTBjMDQ5NjgwZTJhYmM5NTUzNDM5ZWM2
NDNjMGIwHhcNMjUwNDIwMDcwMDQzWhcNMjUwNDIxMDcwMDQzWjAzMTEwLwYDVQQD
Eyg1NGFhMjFlMmIwNTYwMzdlOTllNThlZTRmYjE4OTJiYTU3M2JlNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9noaNepwoX+2XXxSgjJIFJR6xsA
JMwvm9TXlhH06sVtapb+MhczGs6A7zJeUtyj+NkZEbJ17hF6Nr0i10NwULRE4UeW
myQi4SdiH8Nll4tQfRLkrEdOLgK/nxSgArwxJ+V2Rt55sRmYjFzAuUfy+qdvbfKE
G3cKrAQHex1WgFTL2lHi2ao0j8i3EbM4LGo5IGA/EBVj3vdb2xoUZSNS1EMHZD6H
0Sls6mBQmEakg+sn2Fbahpw0O2yn5JiDEJsUBt518VXQ/hIHrWzWmf0H26nrLAsG
tooK17Z3XO+0zW4FMIzbeCzAMxGV2UloalIHElAj/djBPSafHefzx4yX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSqIeKwVgN+meWO5PsYkrpXO+TtMB8GA1UdIwQY
MBaAFJOx6rvl7gwEloDiq8lVNDnsZDwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xYjUxMmItMjE1OS00ZjljLWEwYmYt
OWQyOGJmNWVmM2MxLzEvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xYjUxMmItMjE1OS00ZjljLWEwYmYtOWQyOGJmNWVmM2Mx
LzEvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVaquvmf
J3rNRxC/v105lkPRkpHeyvz9a4HyNoy804djc1qOseSIUEeBW3w9DaNTxlctMabV
Es29mu33/IrVo5q1EbwSr8BhtgA21IJjLrrJCdU7yEP6C+lSuGljkKkVxq6kavBA
qXHr0sa3kJDZumcWRBE59+5f8JTZInEaiEBOnHvomuNvE4SZmOlWvQvJtGkuGRPc
XSpEPgG2EBN2hwhCbsAsXUuXU52MRMEs07M3+p3+OyB0iqpjWCts8TspwJo7V64t
pBQdccDnhJOm2Fqg4S7lgg3PCul5kY1ft2nqDFl8yHAIUPRPcRoQF01zbky/qblm
zD1Zn/xljEPPJg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:35 2025 by rpki-client