Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
File: hlEiwOVi5AeXaCPZThnip5T4y2I.mft (raw, json)
Hash identifier: J7t072S7AElRMhpp+c2HvJoKMa1roSscOtBdRpnXC3g=
Subject key identifier: 3D:02:7B:EB:B8:34:F1:BA:12:DD:C0:ED:C9:BF:F0:7C:A3:9A:C6:0F
Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62
Certificate serial: 0196301981C9B206DFA742F60BB6C5C0CBAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
Manifest number: 147A
Signing time: Sun 13 Apr 2025 17:01:40 +0000
Manifest this update: Sun 13 Apr 2025 17:01:40 +0000
Manifest next update: Mon 14 Apr 2025 17:01:40 +0000
Files and hashes: 1: hlEiwOVi5AeXaCPZThnip5T4y2I.crl (hash: vKSRmN2Dh1ZLgujphHO8vg/PGSKytClHeeDrH9kex9A=)
2: w-uN_1VCR8_SOj5bY-QHNqktijQ.roa (hash: 0MkMfXtYvuQQQ2rI12rE9KqS+DI9qKcacxegwXpKbvg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:30:19:81:c9:b2:06:df:a7:42:f6:0b:b6:c5:c0:cb:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62
Validity
Not Before: Apr 13 17:01:40 2025 GMT
Not After : Apr 14 17:01:40 2025 GMT
Subject: CN=3d027bebb834f1ba12ddc0edc9bff07ca39ac60f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:65:25:3f:01:09:ac:8c:b5:53:ba:ed:21:19:
e8:8b:37:c3:c2:65:37:ca:a3:13:12:c2:06:e3:6b:
f3:3f:a5:62:2c:20:90:75:35:fe:98:75:2a:58:2b:
5a:3d:2b:23:ba:c0:aa:18:0d:a7:c1:3c:2e:95:2c:
69:c0:05:46:c6:94:68:ca:58:8f:f1:f0:30:8d:22:
14:8e:75:93:c6:09:63:34:24:c8:71:9c:f4:f3:93:
bd:92:13:c5:61:1d:b0:af:50:d3:7b:92:dc:35:96:
0b:57:fd:31:8a:7a:18:d6:63:4a:73:51:8f:e8:9a:
8f:ce:56:d7:ef:03:77:94:a8:b8:3f:d0:49:7e:f9:
d5:93:0e:28:35:07:3a:b1:f0:71:9c:37:02:51:a5:
5a:ef:62:91:4a:b0:8f:18:19:1a:68:13:a9:7b:77:
92:4f:e1:14:bd:ef:2d:93:f6:96:47:c1:81:c7:4c:
2e:a5:c2:e4:11:5e:c7:fa:2b:95:0b:e1:35:60:6d:
d5:aa:c2:0f:60:c2:33:44:91:0a:92:7e:6d:e4:c3:
34:57:e5:f5:a5:b6:e0:df:b0:65:c3:1f:a3:5a:0a:
95:90:ee:93:45:13:70:b3:a6:7c:8e:fe:c6:dd:e2:
80:6f:38:e6:b3:73:ec:46:b7:74:7c:e7:8b:35:50:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:02:7B:EB:B8:34:F1:BA:12:DD:C0:ED:C9:BF:F0:7C:A3:9A:C6:0F
X509v3 Authority Key Identifier:
keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:fb:eb:c3:24:4e:11:59:1b:0e:99:74:43:31:e6:85:db:cc:
f5:5d:cd:e1:64:b7:44:28:3a:5c:a4:f0:70:f0:a0:05:e4:d9:
4a:e8:1f:1e:da:d4:7b:f2:46:52:ae:55:3a:0e:f5:68:27:e0:
7b:5d:e3:a7:4d:59:a4:4a:f3:e6:43:c8:3b:08:bc:30:54:f6:
d3:83:23:ca:cd:ea:d0:c7:0e:7b:93:8e:82:78:a5:f5:da:49:
8b:ed:e2:e6:60:6a:cb:07:45:33:42:a7:38:32:35:bb:7b:9b:
8e:d2:1a:cd:af:a7:7b:79:06:67:a6:ad:7d:3b:e4:73:c1:4e:
3d:ce:b8:99:2c:32:3e:dd:f3:d2:4b:2f:62:f4:8c:b5:ee:87:
65:ec:2c:9c:7f:47:4a:da:ee:8c:8f:40:7f:0f:de:8c:7f:d6:
5a:9a:4e:9a:60:b5:ad:d6:b2:6e:91:c0:d7:77:0c:cd:7c:0d:
55:14:c8:d4:96:0f:b5:ca:cf:4b:ae:bd:8f:b3:39:3a:cd:71:
fb:27:53:50:94:c3:82:1e:df:69:3e:b6:df:39:b7:a7:42:37:
10:6d:77:51:2a:52:f5:be:66:9a:2d:bb:6e:85:1b:45:30:2a:
92:77:fb:55:f0:b9:a0:d4:77:c1:a2:74:f8:6e:cf:c0:3e:cd:
24:0c:26:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYwGYHJsgbfp0L2C7bFwMuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NTEyMmMwZTU2MmU0MDc5NzY4MjNkOTRlMTllMmE3OTRm
OGNiNjIwHhcNMjUwNDEzMTcwMTQwWhcNMjUwNDE0MTcwMTQwWjAzMTEwLwYDVQQD
EygzZDAyN2JlYmI4MzRmMWJhMTJkZGMwZWRjOWJmZjA3Y2EzOWFjNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmUlPwEJrIy1U7rtIRnoizfDwmU3
yqMTEsIG42vzP6ViLCCQdTX+mHUqWCtaPSsjusCqGA2nwTwulSxpwAVGxpRoyliP
8fAwjSIUjnWTxgljNCTIcZz085O9khPFYR2wr1DTe5LcNZYLV/0xinoY1mNKc1GP
6JqPzlbX7wN3lKi4P9BJfvnVkw4oNQc6sfBxnDcCUaVa72KRSrCPGBkaaBOpe3eS
T+EUve8tk/aWR8GBx0wupcLkEV7H+iuVC+E1YG3VqsIPYMIzRJEKkn5t5MM0V+X1
pbbg37Blwx+jWgqVkO6TRRNws6Z8jv7G3eKAbzjms3PsRrd0fOeLNVAr8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0Ce+u4NPG6Et3A7cm/8HyjmsYPMB8GA1UdIwQY
MBaAFIZRIsDlYuQHl2gj2U4Z4qeU+MtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUt
YjhkZDE4ZTQ4ZTg2LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUtYjhkZDE4ZTQ4ZTg2
LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArfvrwyRO
EVkbDpl0QzHmhdvM9V3N4WS3RCg6XKTwcPCgBeTZSugfHtrUe/JGUq5VOg71aCfg
e13jp01ZpErz5kPIOwi8MFT204Mjys3q0McOe5OOgnil9dpJi+3i5mBqywdFM0Kn
ODI1u3ubjtIaza+ne3kGZ6atfTvkc8FOPc64mSwyPt3z0ksvYvSMte6HZewsnH9H
StrujI9Afw/ejH/WWppOmmC1rdaybpHA13cMzXwNVRTI1JYPtcrPS669j7M5Os1x
+ydTUJTDgh7faT623zm3p0I3EG13USpS9b5mmi27boUbRTAqknf7VfC5oNR3waJ0
+G7PwD7NJAwmWQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:59:50 2025 by rpki-client