Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json)
Hash identifier: 9u8HbViBUxVVYEtRkLAbGeBvpMMckTz/IevTS8Lso+c=
Subject key identifier: 1C:8F:C5:41:C7:8B:3E:B2:5E:E0:A7:C6:51:7F:53:4E:84:1C:27:4C
Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06
Certificate serial: 01963FFA58F7FF8B3DC8517046C05E5D29AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
Manifest number: 0D9D
Signing time: Wed 16 Apr 2025 19:01:33 +0000
Manifest this update: Wed 16 Apr 2025 19:01:33 +0000
Manifest next update: Thu 17 Apr 2025 19:01:33 +0000
Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: 7yCr72JdaI37asjlUNqYq1eEPVYXhsdK/CTVlGso5DE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 19:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:fa:58:f7:ff:8b:3d:c8:51:70:46:c0:5e:5d:29:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287b50125517944274a146bbacd64e691a20fa06
Validity
Not Before: Apr 16 19:01:33 2025 GMT
Not After : Apr 17 19:01:33 2025 GMT
Subject: CN=1c8fc541c78b3eb25ee0a7c6517f534e841c274c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:dd:a0:4f:6e:24:e4:6b:df:84:fa:54:fa:
97:e7:53:04:f6:82:77:c2:21:e5:e5:f9:d4:e5:af:
62:cb:9c:cd:35:76:7d:16:32:ff:a5:af:17:83:10:
a5:3c:b7:71:54:11:22:03:0b:91:23:96:8d:8e:38:
3c:9a:2e:d4:cd:58:46:fc:55:a7:7a:09:aa:62:39:
a3:3c:4f:96:10:eb:d0:a6:5b:d2:2a:b5:2a:95:ca:
9e:e0:6b:22:0a:58:44:e2:91:90:52:c0:60:69:84:
af:27:7f:5f:57:ee:fb:11:de:95:de:59:d4:40:2d:
46:03:d6:30:08:79:8a:f0:07:80:15:8f:64:b8:b0:
bd:ac:68:f0:b8:8b:99:91:ee:25:13:60:0a:81:13:
5c:e2:0b:2b:99:61:6b:48:e3:b7:93:89:3c:5c:88:
0f:51:50:05:7d:0b:c8:c3:ee:35:3a:70:ca:71:25:
3d:a2:c4:a0:5d:03:99:2f:3f:56:70:25:58:73:6f:
0a:4a:2b:3e:72:d1:c6:73:25:22:29:d1:d2:70:4a:
e8:58:7a:fb:86:43:97:65:e8:0f:00:20:67:b2:86:
74:0b:55:9f:7b:4c:5b:54:93:42:1d:98:74:c6:65:
5c:8c:0d:98:86:1a:91:78:2f:c9:57:90:d8:a6:96:
17:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8F:C5:41:C7:8B:3E:B2:5E:E0:A7:C6:51:7F:53:4E:84:1C:27:4C
X509v3 Authority Key Identifier:
keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:84:df:5f:c8:a1:52:0c:2a:56:99:cc:0e:ba:a6:72:56:2c:
00:df:9e:ce:cc:a9:6c:3a:de:6b:9d:87:04:20:94:4e:c9:65:
ce:7a:ba:77:ce:e8:53:2c:a6:4d:33:10:a5:b8:4a:dc:5c:07:
37:00:d1:c2:ec:2c:2f:2e:3f:95:6d:99:b5:50:fc:95:f4:87:
18:c7:e4:e1:d2:bd:aa:16:c6:c3:b3:6e:eb:98:2a:b6:6f:72:
ca:47:12:61:e2:21:c8:d7:d6:3f:49:94:39:d3:36:66:07:f2:
81:ab:e9:8b:2d:6b:96:78:4d:c3:7c:62:86:8c:fd:5d:5e:cd:
a3:c0:4c:29:c2:be:8c:da:eb:2b:43:51:5a:b8:7e:ba:72:4e:
40:f0:4a:b6:9b:4e:10:b4:48:46:51:e6:37:cd:f2:33:8b:48:
6c:82:35:1b:b7:54:dd:26:6b:46:a4:76:52:7b:4f:0e:fd:b8:
62:36:c1:ed:af:a9:ad:0d:29:bb:b3:85:96:3a:1f:24:eb:89:
5e:a1:ff:ba:23:30:89:46:bd:9b:45:02:2e:d9:98:ce:b6:a0:
07:fe:66:65:d3:10:20:cd:08:07:26:fa:34:22:10:c4:5d:cb:
7b:2f:fa:68:c9:ac:c5:3d:1c:f7:fc:68:e7:e5:2f:dd:6b:c8:
d7:e9:7d:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+lj3/4s9yFFwRsBeXSmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy
MGZhMDYwHhcNMjUwNDE2MTkwMTMzWhcNMjUwNDE3MTkwMTMzWjAzMTEwLwYDVQQD
EygxYzhmYzU0MWM3OGIzZWIyNWVlMGE3YzY1MTdmNTM0ZTg0MWMyNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM3doE9uJORr34T6VPqX51ME9oJ3
wiHl5fnU5a9iy5zNNXZ9FjL/pa8XgxClPLdxVBEiAwuRI5aNjjg8mi7UzVhG/FWn
egmqYjmjPE+WEOvQplvSKrUqlcqe4GsiClhE4pGQUsBgaYSvJ39fV+77Ed6V3lnU
QC1GA9YwCHmK8AeAFY9kuLC9rGjwuIuZke4lE2AKgRNc4gsrmWFrSOO3k4k8XIgP
UVAFfQvIw+41OnDKcSU9osSgXQOZLz9WcCVYc28KSis+ctHGcyUiKdHScEroWHr7
hkOXZegPACBnsoZ0C1Wfe0xbVJNCHZh0xmVcjA2YhhqReC/JV5DYppYXCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByPxUHHiz6yXuCnxlF/U06EHCdMMB8GA1UdIwQY
MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt
YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0
LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcITfX8ih
UgwqVpnMDrqmclYsAN+ezsypbDrea52HBCCUTsllznq6d87oUyymTTMQpbhK3FwH
NwDRwuwsLy4/lW2ZtVD8lfSHGMfk4dK9qhbGw7Nu65gqtm9yykcSYeIhyNfWP0mU
OdM2Zgfygavpiy1rlnhNw3xihoz9XV7No8BMKcK+jNrrK0NRWrh+unJOQPBKtptO
ELRIRlHmN83yM4tIbII1G7dU3SZrRqR2UntPDv24YjbB7a+prQ0pu7OFljofJOuJ
XqH/uiMwiUa9m0UCLtmYzragB/5mZdMQIM0IByb6NCIQxF3Ley/6aMmsxT0c9/xo
5+Uv3WvI1+l99w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:55 2025 by rpki-client