Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: rGPXyitAlEgvPTVWTFTodsmwUNSOiKnl53Ys0t5QAE8=
Subject key identifier: A2:37:10:1B:8E:06:1A:89:55:B7:01:38:DC:EA:B1:BC:93:91:32:39
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 019658387EAD8AB523EC6B0EA18F63DA80C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 1503
Signing time: Mon 21 Apr 2025 12:00:19 +0000
Manifest this update: Mon 21 Apr 2025 12:00:19 +0000
Manifest next update: Tue 22 Apr 2025 12:00:19 +0000
Files and hashes: 1: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (hash: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: Lb6+hvb9LMKExVqQXbtsvtj9z9O/K9d8BhZtdsMFepQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:38:7e:ad:8a:b5:23:ec:6b:0e:a1:8f:63:da:80:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Apr 21 12:00:19 2025 GMT
Not After : Apr 22 12:00:19 2025 GMT
Subject: CN=a237101b8e061a8955b70138dceab1bc93913239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:a3:e8:8b:9d:cf:6a:c5:01:81:31:b7:49:
33:77:65:d9:b5:22:25:23:bc:de:dc:a8:31:60:c8:
0a:b8:81:6c:bc:12:f8:fc:82:00:c6:9a:92:6c:3d:
df:12:f3:2d:61:86:db:d0:f5:cf:41:57:50:4d:94:
90:ad:ca:ec:e7:a7:e1:77:ef:11:c2:aa:00:0b:a7:
f7:f3:a6:8c:d8:f0:ab:8f:2c:4a:88:4b:71:7b:6f:
6b:71:97:e4:b4:67:f5:fc:74:6c:f9:8e:51:cc:b3:
e8:78:78:19:cf:75:03:d7:f8:f4:1b:23:79:1a:42:
a0:86:4d:8a:dd:49:fe:48:9f:33:85:69:fb:79:b2:
06:74:85:66:58:96:5b:e4:ff:7c:3f:ea:8d:a8:ae:
5d:36:18:25:a6:c0:4f:43:56:45:b8:11:93:ca:b5:
a2:04:80:b0:7b:f5:d8:a4:46:d9:35:84:5c:2c:be:
4a:d1:ec:c8:5e:40:8a:5f:f2:67:b2:d6:1b:b0:ae:
02:60:2b:f2:2d:9c:21:0b:f7:36:de:3e:1e:4d:09:
e0:ab:28:5b:34:ce:b1:7c:48:3b:dd:51:9f:b0:7b:
93:3d:54:25:5d:cc:f0:60:cd:e9:13:8b:21:db:01:
dd:f3:20:ac:cc:81:e3:bc:62:0f:15:51:83:e2:65:
cb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:37:10:1B:8E:06:1A:89:55:B7:01:38:DC:EA:B1:BC:93:91:32:39
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:b6:6b:76:aa:ce:f5:70:1f:32:3d:8d:07:61:b1:08:6a:1d:
ba:6f:92:b8:eb:9e:aa:36:f7:8f:72:36:e4:86:56:df:3b:74:
bd:41:fb:dd:b9:bd:54:55:45:a5:34:ca:33:22:4f:84:8b:63:
13:73:5e:a0:45:1b:d3:9b:e7:61:48:38:49:de:b2:4e:48:b4:
f1:c1:aa:87:cf:bf:88:72:df:00:60:10:db:6b:f6:0e:ae:ca:
8f:40:01:31:90:24:70:89:0f:5f:05:e5:f6:c1:d8:83:d9:33:
14:ea:a5:b9:b1:a7:8a:90:64:23:e7:92:a5:74:e7:10:bc:ae:
0c:b5:ca:bd:55:c0:18:32:36:b2:3d:1b:66:f7:e2:b1:a2:24:
8d:7a:44:df:65:36:fa:a4:48:cc:78:9e:4a:3d:31:3a:e8:82:
e7:d7:72:c3:28:ee:bc:cc:a4:a8:75:ab:10:0a:8f:d3:4e:e5:
99:9b:d4:ab:44:10:ca:8b:02:86:10:26:e0:0c:95:11:8a:be:
fd:77:96:17:fa:67:e6:e7:bc:78:d5:6e:c9:f2:e4:da:da:d0:
18:b9:61:b2:21:90:39:a0:0d:d3:1c:2a:5c:fb:d8:e0:14:ce:
de:76:4b:cb:9b:c4:0c:f3:4c:33:90:44:5a:ba:9e:79:a4:f2:
2e:d2:79:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYOH6tirUj7GsOoY9j2oDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUwNDIxMTIwMDE5WhcNMjUwNDIyMTIwMDE5WjAzMTEwLwYDVQQD
EyhhMjM3MTAxYjhlMDYxYTg5NTViNzAxMzhkY2VhYjFiYzkzOTEzMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVqj6Iudz2rFAYExt0kzd2XZtSIl
I7ze3KgxYMgKuIFsvBL4/IIAxpqSbD3fEvMtYYbb0PXPQVdQTZSQrcrs56fhd+8R
wqoAC6f386aM2PCrjyxKiEtxe29rcZfktGf1/HRs+Y5RzLPoeHgZz3UD1/j0GyN5
GkKghk2K3Un+SJ8zhWn7ebIGdIVmWJZb5P98P+qNqK5dNhglpsBPQ1ZFuBGTyrWi
BICwe/XYpEbZNYRcLL5K0ezIXkCKX/JnstYbsK4CYCvyLZwhC/c23j4eTQngqyhb
NM6xfEg73VGfsHuTPVQlXczwYM3pE4sh2wHd8yCszIHjvGIPFVGD4mXLUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI3EBuOBhqJVbcBONzqsbyTkTI5MB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7ZrdqrO
9XAfMj2NB2GxCGodum+SuOueqjb3j3I25IZW3zt0vUH73bm9VFVFpTTKMyJPhItj
E3NeoEUb05vnYUg4Sd6yTki08cGqh8+/iHLfAGAQ22v2Dq7Kj0ABMZAkcIkPXwXl
9sHYg9kzFOqlubGnipBkI+eSpXTnELyuDLXKvVXAGDI2sj0bZvfisaIkjXpE32U2
+qRIzHieSj0xOuiC59dywyjuvMykqHWrEAqP007lmZvUq0QQyosChhAm4AyVEYq+
/XeWF/pn5ue8eNVuyfLk2trQGLlhsiGQOaAN0xwqXPvY4BTO3nZLy5vEDPNMM5BE
WrqeeaTyLtJ5iA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:13 2025 by rpki-client