Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: rr1ILpDU7S/X9rA2lTOKE75R+90zQ8vdegChf6GHebs=
Subject key identifier: DB:13:E3:43:53:1D:76:5E:C4:27:0F:EE:4F:49:4D:C5:6E:E1:DE:D0
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 01975BA5649C76D4DA3DCEDB0F5BFFC48793
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 1085
Signing time: Tue 10 Jun 2025 21:00:55 +0000
Manifest this update: Tue 10 Jun 2025 21:00:55 +0000
Manifest next update: Wed 11 Jun 2025 21:00:55 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: Sg8+wPMwCd5icj373JwoUor3ATY1sTXX6JuLhqYWeI8=)
2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 20:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5b:a5:64:9c:76:d4:da:3d:ce:db:0f:5b:ff:c4:87:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Jun 10 21:00:55 2025 GMT
Not After : Jun 11 21:00:55 2025 GMT
Subject: CN=db13e343531d765ec4270fee4f494dc56ee1ded0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:51:c0:e6:8a:db:89:75:35:34:7e:79:dc:
06:f3:34:34:6c:ff:6d:e1:32:31:7f:55:25:be:27:
da:6f:94:a6:84:66:c5:5c:15:bf:0a:f4:c6:7a:8d:
8d:96:28:3c:f2:94:6f:3a:04:41:3f:49:3b:95:d3:
0a:71:cd:84:56:2d:f2:42:18:5b:cf:23:67:12:2b:
09:f5:86:70:f9:c3:d8:42:3c:63:76:d2:23:26:f4:
cf:8a:48:78:d7:3a:52:01:04:a2:41:ff:40:0e:51:
7f:cf:cd:46:d3:20:39:0e:c7:39:5a:37:a7:f9:a6:
37:33:af:af:5d:58:7f:1f:1b:27:a9:d5:d5:24:25:
29:09:c8:e6:9d:fc:51:05:1e:f5:f3:41:20:48:44:
3f:1e:31:31:40:75:c2:32:56:23:8d:6c:52:4f:d8:
45:d6:29:09:fe:a0:66:eb:60:e4:17:0c:99:18:c5:
a7:8c:ef:30:dc:49:d2:02:c6:f7:80:f7:45:68:b4:
32:3b:91:39:c8:b1:f9:d9:45:96:01:d0:2d:5e:19:
c6:73:19:4d:34:3b:8f:b4:a3:fc:bd:63:75:14:f8:
06:c7:f4:b9:24:e8:83:af:70:92:40:9a:1e:fc:cb:
1e:3e:e5:59:15:28:2e:8a:30:e5:cf:45:f1:9c:2f:
a2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:13:E3:43:53:1D:76:5E:C4:27:0F:EE:4F:49:4D:C5:6E:E1:DE:D0
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:4d:40:f2:bb:00:92:8e:e8:8d:39:af:02:7b:5c:8f:2c:cd:
8f:a1:2b:08:55:b5:f4:27:7b:31:c3:e3:b1:ff:5e:f2:69:f2:
40:ce:c4:1a:39:1b:02:ba:3d:39:be:2c:2a:d6:6c:33:fa:90:
64:54:71:7f:e5:6c:d3:b5:0f:29:46:7e:84:9d:e2:18:00:48:
a0:5c:55:bc:6b:92:f9:52:54:49:94:2c:78:0f:dd:12:58:a7:
b6:45:65:9d:23:ce:fa:b7:bc:c3:42:7b:f5:b1:20:ab:84:45:
aa:ef:74:c6:4c:e0:b3:d3:47:6d:a3:7b:22:14:72:41:8c:35:
8d:f3:70:aa:10:02:ff:71:f0:f0:7c:8e:d7:a1:c4:43:8e:7f:
a6:de:44:ad:32:45:3a:c4:62:37:57:a9:10:d4:a4:fe:12:ec:
18:66:42:cd:85:12:29:8d:9b:16:b0:2a:40:db:c2:7b:df:57:
eb:86:7b:da:dc:d6:e9:90:bc:42:94:74:8a:a7:a1:1e:b7:95:
0c:df:84:d9:17:78:05:5b:22:b2:6a:cc:09:16:63:69:72:a4:
7a:6d:26:3b:54:05:ef:54:72:3d:e4:9f:fd:84:ef:06:e0:db:
6a:85:4f:4c:cb:c8:dc:60:7e:42:29:60:27:4b:e6:1b:03:41:
5a:70:72:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbpWScdtTaPc7bD1v/xIeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjUwNjEwMjEwMDU1WhcNMjUwNjExMjEwMDU1WjAzMTEwLwYDVQQD
EyhkYjEzZTM0MzUzMWQ3NjVlYzQyNzBmZWU0ZjQ5NGRjNTZlZTFkZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWdRwOaK24l1NTR+edwG8zQ0bP9t
4TIxf1Ulvifab5SmhGbFXBW/CvTGeo2Nlig88pRvOgRBP0k7ldMKcc2EVi3yQhhb
zyNnEisJ9YZw+cPYQjxjdtIjJvTPikh41zpSAQSiQf9ADlF/z81G0yA5Dsc5Wjen
+aY3M6+vXVh/HxsnqdXVJCUpCcjmnfxRBR7180EgSEQ/HjExQHXCMlYjjWxST9hF
1ikJ/qBm62DkFwyZGMWnjO8w3EnSAsb3gPdFaLQyO5E5yLH52UWWAdAtXhnGcxlN
NDuPtKP8vWN1FPgGx/S5JOiDr3CSQJoe/MsePuVZFSguijDlz0XxnC+iSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsT40NTHXZexCcP7k9JTcVu4d7QMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaU1A8rsA
ko7ojTmvAntcjyzNj6ErCFW19Cd7McPjsf9e8mnyQM7EGjkbAro9Ob4sKtZsM/qQ
ZFRxf+Vs07UPKUZ+hJ3iGABIoFxVvGuS+VJUSZQseA/dElintkVlnSPO+re8w0J7
9bEgq4RFqu90xkzgs9NHbaN7IhRyQYw1jfNwqhAC/3Hw8HyO16HEQ45/pt5ErTJF
OsRiN1epENSk/hLsGGZCzYUSKY2bFrAqQNvCe99X64Z72tzW6ZC8QpR0iqehHreV
DN+E2Rd4BVsismrMCRZjaXKkem0mO1QF71RyPeSf/YTvBuDbaoVPTMvI3GB+Qilg
J0vmGwNBWnByOg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:37:17 2025 by rpki-client