Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
File: h9OLoS9GKcITH8YOiVDWwwO-fSI.mft (raw, json)
Hash identifier: 497BP5jMrEgbyitvyu8Klz+4jrvrpyrVSiMoeoJReaY=
Subject key identifier: A0:34:48:2D:BA:DE:C4:61:C1:75:22:B0:A5:CE:77:1E:96:5C:CB:03
Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Certificate serial: 0196556E8D7891C7E68DBA077E134D9FB16D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
Manifest number: 0660
Signing time: Sun 20 Apr 2025 23:00:30 +0000
Manifest this update: Sun 20 Apr 2025 23:00:30 +0000
Manifest next update: Mon 21 Apr 2025 23:00:30 +0000
Files and hashes: 1: NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa (hash: UBan9KbEcKtiRn9epXoesYMRtYi5lW0QY6/c4yNUKv8=)
2: h9OLoS9GKcITH8YOiVDWwwO-fSI.crl (hash: 6NdpKXiF4v0rmTupTpStARd3eGj0+Gr7nRkoOOBVW7g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 23:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:6e:8d:78:91:c7:e6:8d:ba:07:7e:13:4d:9f:b1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Validity
Not Before: Apr 20 23:00:30 2025 GMT
Not After : Apr 21 23:00:30 2025 GMT
Subject: CN=a034482dbadec461c17522b0a5ce771e965ccb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:09:ae:2f:05:88:96:18:b2:f4:de:5b:27:61:
92:86:3f:e7:ff:9d:39:30:f2:a7:ab:cb:88:71:5a:
32:82:7b:26:ae:77:f8:b1:35:55:50:42:51:25:d4:
05:7b:73:1c:fc:4b:9e:d2:ab:28:50:07:e9:d7:04:
b5:75:7d:3d:f2:ed:a9:50:5d:1a:db:34:91:5f:2f:
ac:10:83:f2:69:53:bb:41:99:d1:73:c9:9c:aa:9a:
84:be:aa:2b:d3:41:ff:63:c0:95:aa:70:e8:9e:ed:
cd:ff:8a:cf:f0:70:fd:92:01:0d:9f:fe:93:3e:ca:
3a:ad:1d:75:49:01:55:56:23:9d:3f:e4:6d:f5:82:
76:dc:fb:cd:5a:59:ee:e1:c1:70:9e:03:9a:78:12:
ec:61:b3:14:b4:a9:a5:96:e6:19:9d:d5:0f:1a:03:
fa:aa:c1:f6:b6:ee:e5:bc:0b:38:2d:1d:24:2b:84:
12:2c:bf:b0:11:1f:b3:1a:5a:87:0b:4f:98:0f:7d:
d3:01:0b:4d:20:bb:3c:a2:d6:2b:0b:da:2d:ea:39:
35:3d:bd:c1:94:b7:30:ac:59:77:16:a1:a2:71:53:
db:97:53:10:9d:cf:40:1b:47:81:ba:ec:9b:5d:a3:
77:d0:28:c7:5c:7b:30:46:28:f1:61:28:55:56:39:
2a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:34:48:2D:BA:DE:C4:61:C1:75:22:B0:A5:CE:77:1E:96:5C:CB:03
X509v3 Authority Key Identifier:
keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:81:ce:8b:af:df:a4:19:2b:bc:44:5e:f1:28:e0:88:44:9a:
e7:2c:e8:57:c7:09:5a:42:5f:f8:a6:ea:b2:7d:17:f7:23:c7:
ce:b6:31:78:41:36:14:68:25:55:fc:7b:1d:dc:da:bc:95:b9:
93:af:c1:f4:16:da:de:30:ff:a4:79:10:fd:6a:15:61:2e:d6:
1b:df:b2:e3:cb:7d:2d:b4:8c:e5:5d:d2:bb:f5:3b:f1:b4:d5:
a9:c3:43:83:ac:68:ec:6f:8d:0d:e7:c5:e2:69:1e:90:0d:d9:
1c:07:87:72:ee:bd:0c:30:4d:3a:31:21:f2:15:98:a5:4c:10:
0b:83:77:6d:9c:02:7b:10:fc:21:57:7e:62:c9:77:ea:87:51:
03:c9:fd:b5:8f:db:8d:ab:50:24:cf:af:95:04:5e:27:13:e7:
1f:95:cd:e5:61:d8:62:61:f3:7f:9b:dc:c8:9b:1d:46:5e:7f:
1a:87:96:5f:77:f3:89:5c:2b:9e:e4:ea:38:ed:1c:27:15:f7:
49:22:92:83:a0:05:97:23:2e:a0:fc:da:31:3a:e4:c0:ab:fb:
4a:fc:2a:38:b5:73:d9:5f:05:b1:86:b1:d3:05:1b:d4:96:34:
b0:da:a5:b7:bd:6f:6f:14:92:3e:57:8c:19:de:0f:32:70:a2:
29:d3:56:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVbo14kcfmjboHfhNNn7FtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi
ZTdkMjIwHhcNMjUwNDIwMjMwMDMwWhcNMjUwNDIxMjMwMDMwWjAzMTEwLwYDVQQD
EyhhMDM0NDgyZGJhZGVjNDYxYzE3NTIyYjBhNWNlNzcxZTk2NWNjYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwmuLwWIlhiy9N5bJ2GShj/n/505
MPKnq8uIcVoygnsmrnf4sTVVUEJRJdQFe3Mc/Eue0qsoUAfp1wS1dX098u2pUF0a
2zSRXy+sEIPyaVO7QZnRc8mcqpqEvqor00H/Y8CVqnDonu3N/4rP8HD9kgENn/6T
Pso6rR11SQFVViOdP+Rt9YJ23PvNWlnu4cFwngOaeBLsYbMUtKmlluYZndUPGgP6
qsH2tu7lvAs4LR0kK4QSLL+wER+zGlqHC0+YD33TAQtNILs8otYrC9ot6jk1Pb3B
lLcwrFl3FqGicVPbl1MQnc9AG0eBuuybXaN30CjHXHswRijxYShVVjkqiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKA0SC263sRhwXUisKXOdx6WXMsDMB8GA1UdIwQY
MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt
ZmQ1NWM1OGVkYWY3LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3
LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHoHOi6/f
pBkrvERe8SjgiESa5yzoV8cJWkJf+Kbqsn0X9yPHzrYxeEE2FGglVfx7HdzavJW5
k6/B9Bba3jD/pHkQ/WoVYS7WG9+y48t9LbSM5V3Su/U78bTVqcNDg6xo7G+NDefF
4mkekA3ZHAeHcu69DDBNOjEh8hWYpUwQC4N3bZwCexD8IVd+Ysl36odRA8n9tY/b
jatQJM+vlQReJxPnH5XN5WHYYmHzf5vcyJsdRl5/GoeWX3fziVwrnuTqOO0cJxX3
SSKSg6AFlyMuoPzaMTrkwKv7SvwqOLVz2V8FsYax0wUb1JY0sNqlt71vbxSSPleM
Gd4PMnCiKdNWTw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:02:54 2025 by rpki-client