Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: opA2m6BxFMCyz8TU5X5yO+0Iu3MMpNzS1LU3Nih7nE0=
Subject key identifier: AB:6A:37:25:2D:5B:2C:9C:46:84:F5:C4:78:92:D3:A8:45:A3:7B:25
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 01965A273A534845D4FC4B5A072490836AE8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 1504
Signing time: Mon 21 Apr 2025 21:00:42 +0000
Manifest this update: Mon 21 Apr 2025 21:00:42 +0000
Manifest next update: Tue 22 Apr 2025 21:00:42 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: aoRDuXh5fnrGKEtVKdRc1U+r2wEYiN1BfMBX9rdo63c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:27:3a:53:48:45:d4:fc:4b:5a:07:24:90:83:6a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Apr 21 21:00:42 2025 GMT
Not After : Apr 22 21:00:42 2025 GMT
Subject: CN=ab6a37252d5b2c9c4684f5c47892d3a845a37b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:25:6f:9d:34:35:df:3d:ce:c5:c6:18:05:fd:
b4:26:59:8c:aa:39:18:b3:13:e7:11:c3:6f:97:82:
26:0a:eb:4c:8d:05:88:7b:5a:56:b8:93:cf:e5:52:
f1:02:33:a6:6c:46:07:3f:36:a2:a6:94:54:9a:f9:
4b:30:1f:51:0e:f6:31:c1:22:10:cd:6a:46:e4:5f:
c2:3f:65:cd:49:b1:fd:7a:d0:9a:5f:62:8b:0c:24:
ba:b8:d9:e1:d9:27:9d:0c:73:be:52:32:66:51:c9:
8f:8c:d5:1e:44:41:7a:e7:21:0f:6e:92:c9:59:7a:
9d:a4:4e:52:6e:9d:23:fb:e4:07:a4:49:47:c7:5f:
87:5c:fa:9d:ee:7a:4e:24:54:5a:f4:45:b9:2f:78:
21:88:89:8f:83:89:1e:a0:33:38:b9:4e:f2:38:da:
1d:1b:91:5e:1f:05:43:d6:72:42:89:e5:16:80:46:
44:ec:5a:49:30:69:a3:2d:4c:34:24:24:21:8e:8d:
42:5b:70:c5:a7:6e:a8:cd:88:da:ec:94:b7:a7:73:
af:a6:7e:c5:c2:81:50:59:d3:40:da:ba:60:b3:a3:
76:9b:a0:ee:9d:23:1a:16:a2:27:2f:6e:7a:92:14:
7d:d9:6a:5c:cd:cf:15:b4:66:0c:65:eb:0d:d8:c6:
a4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6A:37:25:2D:5B:2C:9C:46:84:F5:C4:78:92:D3:A8:45:A3:7B:25
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:ca:60:22:ad:02:f7:52:d3:8c:61:4e:ee:4d:98:8c:cf:72:
37:ab:39:74:5e:40:42:a2:2c:28:88:24:96:ee:d2:d4:ff:27:
16:8b:6f:ff:a1:4a:d1:fa:74:8f:41:70:a6:a3:4d:c5:e1:53:
65:12:cc:35:4e:34:e8:90:a5:1a:3a:47:9f:82:ee:22:79:76:
71:b2:04:2c:a6:04:b6:ce:6c:e6:38:ab:85:4d:27:ae:5f:e4:
1d:c5:02:ce:d2:5b:4a:35:81:27:03:f5:26:57:8e:4d:6f:80:
68:4e:11:07:ed:41:9e:ef:70:b2:74:f3:ae:c7:c2:10:f3:d6:
6a:2d:86:18:9f:ed:45:68:d6:41:93:79:aa:c8:c0:d9:81:70:
b6:a6:00:8e:73:ee:e7:63:d3:ce:3d:e3:20:6d:33:32:86:47:
a2:7c:6a:73:72:78:71:6f:86:aa:c7:aa:f2:fc:5b:9e:2e:40:
0d:8a:61:dd:fd:04:f5:1b:57:70:fc:8b:ad:19:52:91:a3:54:
69:63:35:76:eb:71:a0:1e:e0:70:f5:c5:2a:09:0d:07:cc:a8:
7e:d7:e6:47:85:8a:76:7a:12:86:05:08:75:5d:c4:61:e1:56:
ba:e0:e7:63:d1:86:c7:02:44:99:91:c5:28:55:a6:97:68:35:
df:6e:49:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJzpTSEXU/EtaBySQg2roMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNDIxMjEwMDQyWhcNMjUwNDIyMjEwMDQyWjAzMTEwLwYDVQQD
EyhhYjZhMzcyNTJkNWIyYzljNDY4NGY1YzQ3ODkyZDNhODQ1YTM3YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySVvnTQ13z3OxcYYBf20JlmMqjkY
sxPnEcNvl4ImCutMjQWIe1pWuJPP5VLxAjOmbEYHPzaippRUmvlLMB9RDvYxwSIQ
zWpG5F/CP2XNSbH9etCaX2KLDCS6uNnh2SedDHO+UjJmUcmPjNUeREF65yEPbpLJ
WXqdpE5Sbp0j++QHpElHx1+HXPqd7npOJFRa9EW5L3ghiImPg4keoDM4uU7yONod
G5FeHwVD1nJCieUWgEZE7FpJMGmjLUw0JCQhjo1CW3DFp26ozYja7JS3p3Ovpn7F
woFQWdNA2rpgs6N2m6DunSMaFqInL256khR92Wpczc8VtGYMZesN2MakQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtqNyUtWyycRoT1xHiS06hFo3slMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm8pgIq0C
91LTjGFO7k2YjM9yN6s5dF5AQqIsKIgklu7S1P8nFotv/6FK0fp0j0FwpqNNxeFT
ZRLMNU406JClGjpHn4LuInl2cbIELKYEts5s5jirhU0nrl/kHcUCztJbSjWBJwP1
JleOTW+AaE4RB+1Bnu9wsnTzrsfCEPPWai2GGJ/tRWjWQZN5qsjA2YFwtqYAjnPu
52PTzj3jIG0zMoZHonxqc3J4cW+Gqseq8vxbni5ADYph3f0E9RtXcPyLrRlSkaNU
aWM1dutxoB7gcPXFKgkNB8yoftfmR4WKdnoShgUIdV3EYeFWuuDnY9GGxwJEmZHF
KFWml2g1325J5A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:05:41 2025 by rpki-client