Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: ImfMzx0QZ5lMuviV1mSzDsQn+f/7awtf+yu+AgTb30Q=
Subject key identifier: 55:B2:40:F4:CE:C5:C3:51:0F:6E:C8:B7:8F:D4:BC:9E:59:A2:3F:3A
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 019659B93231B9FEBA8B15A84A0DBEADAFD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 10CD
Signing time: Mon 21 Apr 2025 19:00:31 +0000
Manifest this update: Mon 21 Apr 2025 19:00:31 +0000
Manifest next update: Tue 22 Apr 2025 19:00:31 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: 4CZ9cOEgb6JmFikBwTf0/6Ixq2NKHfE6xs0A4UCEoJw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:b9:32:31:b9:fe:ba:8b:15:a8:4a:0d:be:ad:af:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Apr 21 19:00:31 2025 GMT
Not After : Apr 22 19:00:31 2025 GMT
Subject: CN=55b240f4cec5c3510f6ec8b78fd4bc9e59a23f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:30:fa:ff:f6:a0:21:bf:d2:8c:0e:0d:cb:
c7:8b:b5:b5:6b:0e:67:4d:cc:8d:99:5d:7a:04:cc:
34:3c:b0:e7:b3:d4:9f:01:88:2e:93:37:39:10:da:
70:f7:b7:68:dd:51:4f:c3:4a:b3:7b:89:52:d8:ac:
16:3a:7e:99:6a:0f:11:23:e1:a2:e5:e9:79:a4:a3:
24:58:90:b8:89:e4:f1:b4:02:1f:65:cd:b0:79:0b:
e2:e8:47:19:ab:cc:88:d5:8a:ee:0f:42:fa:54:c4:
2a:74:88:a0:b4:a5:9d:b4:2c:95:6b:96:d6:6b:6b:
12:59:02:04:6d:13:69:72:ba:e3:44:6f:8a:eb:23:
d5:e8:ec:d4:cc:46:c7:5a:a3:f0:e7:30:fa:a3:d1:
ee:dc:80:50:19:13:61:7e:83:4f:3d:e2:a4:64:b9:
7f:93:55:93:ea:86:18:8e:21:8e:03:f3:d8:e4:e9:
dd:3c:3c:46:45:83:a4:0a:1d:e2:08:4b:4f:53:49:
3d:20:06:c7:20:e9:f6:80:8a:17:a0:7e:c9:0c:37:
ed:ed:23:3c:d9:48:99:88:74:ac:14:a7:e5:d4:2e:
af:fd:c7:5f:dc:ce:00:18:4e:fc:bd:57:d5:2f:57:
2e:49:51:be:6d:3c:ab:ef:90:a7:3a:19:13:ea:e4:
fb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B2:40:F4:CE:C5:C3:51:0F:6E:C8:B7:8F:D4:BC:9E:59:A2:3F:3A
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:74:80:8b:6a:6d:32:9d:ec:1c:fa:4a:32:2a:a1:36:9a:49:
a7:6e:c0:d0:5e:d0:8c:54:89:67:f5:22:27:44:56:8d:40:c9:
20:b2:13:54:63:07:d3:f7:d2:0d:63:35:d8:dc:70:6a:19:82:
c9:3a:30:10:67:bd:ce:6d:54:9f:ce:12:0a:f9:18:46:f2:f9:
3e:13:c1:92:c9:3d:cc:b7:35:d1:08:f8:e1:9d:d0:4a:0b:c8:
fa:dc:78:c7:c9:b5:e8:27:e1:15:9e:d4:b2:4f:0c:4c:11:43:
76:12:be:11:9f:99:5a:4d:f5:94:0a:ff:64:b2:fd:39:60:ed:
17:23:49:5f:e4:8e:7f:63:38:e9:da:23:48:bd:5f:4d:13:59:
f1:34:69:9d:11:3b:16:3f:4e:d3:73:f5:42:ee:e4:a4:b3:04:
d3:16:c1:04:e1:dc:57:fe:39:68:c0:cf:ed:e6:c4:ac:cd:6f:
f8:e8:56:37:0c:fb:4f:4b:cb:f2:03:07:15:6d:a9:2e:ff:1c:
0b:e4:c1:ae:0a:cc:ab:9f:45:82:0d:52:c4:4c:b7:60:44:bb:
1b:b5:fe:54:5d:95:a5:32:9a:5d:d3:97:f9:e0:c0:f9:c8:71:
53:f7:03:1e:f7:48:64:c8:ac:98:23:32:f0:b5:1e:2e:8e:f1:
8a:0b:60:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZuTIxuf66ixWoSg2+ra/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUwNDIxMTkwMDMxWhcNMjUwNDIyMTkwMDMxWjAzMTEwLwYDVQQD
Eyg1NWIyNDBmNGNlYzVjMzUxMGY2ZWM4Yjc4ZmQ0YmM5ZTU5YTIzZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXgw+v/2oCG/0owODcvHi7W1aw5n
TcyNmV16BMw0PLDns9SfAYgukzc5ENpw97do3VFPw0qze4lS2KwWOn6Zag8RI+Gi
5el5pKMkWJC4ieTxtAIfZc2weQvi6EcZq8yI1YruD0L6VMQqdIigtKWdtCyVa5bW
a2sSWQIEbRNpcrrjRG+K6yPV6OzUzEbHWqPw5zD6o9Hu3IBQGRNhfoNPPeKkZLl/
k1WT6oYYjiGOA/PY5OndPDxGRYOkCh3iCEtPU0k9IAbHIOn2gIoXoH7JDDft7SM8
2UiZiHSsFKfl1C6v/cdf3M4AGE78vVfVL1cuSVG+bTyr75CnOhkT6uT7GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWyQPTOxcNRD27It4/UvJ5Zoj86MB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARHSAi2pt
Mp3sHPpKMiqhNppJp27A0F7QjFSJZ/UiJ0RWjUDJILITVGMH0/fSDWM12NxwahmC
yTowEGe9zm1Un84SCvkYRvL5PhPBksk9zLc10Qj44Z3QSgvI+tx4x8m16CfhFZ7U
sk8MTBFDdhK+EZ+ZWk31lAr/ZLL9OWDtFyNJX+SOf2M46dojSL1fTRNZ8TRpnRE7
Fj9O03P1Qu7kpLME0xbBBOHcV/45aMDP7ebErM1v+OhWNwz7T0vL8gMHFW2pLv8c
C+TBrgrMq59Fgg1SxEy3YES7G7X+VF2VpTKaXdOX+eDA+chxU/cDHvdIZMismCMy
8LUeLo7xigtg4A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:10:29 2025 by rpki-client