Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
File: hw4qIH9pdyFKlXqOFI0fi1pc0II.mft (raw, json)
Hash identifier: aDpntxxDWKr2UDpTg/ttBLIFbWdUvUZz93ZoxzVsbSI=
Subject key identifier: 5F:54:65:89:24:49:40:78:ED:5B:80:93:61:45:5E:7E:C7:37:9A:B3
Authority key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
Certificate issuer: /CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Certificate serial: 01964632D3B6B4562A836948FA96192D06E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
Manifest number: 01D5
Signing time: Fri 18 Apr 2025 00:00:58 +0000
Manifest this update: Fri 18 Apr 2025 00:00:58 +0000
Manifest next update: Sat 19 Apr 2025 00:00:58 +0000
Files and hashes: 1: hw4qIH9pdyFKlXqOFI0fi1pc0II.crl (hash: pm3OCoxW2mQ6GXDTH0WMoD1MbzBwe80yTsHux69SYRA=)
2: nKTvZPJPqdCXiSwzyA9j5IjgzXg.roa (hash: IlnUSzXgTeo7Aecj19DyZcjG2TpAU9jXATfOU6kk97U=)
3: zNxBSM9LhOTwYtAP52MRH2hzZ_o.roa (hash: 51C5X4gm2WkYmwXfFe/uw6oyIL71jLkdgjDOyTD+5rc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:46:32:d3:b6:b4:56:2a:83:69:48:fa:96:19:2d:06:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Validity
Not Before: Apr 18 00:00:58 2025 GMT
Not After : Apr 19 00:00:58 2025 GMT
Subject: CN=5f54658924494078ed5b809361455e7ec7379ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9d:58:d0:68:44:e0:ec:22:1f:d8:73:6e:c2:
07:f9:75:51:9a:7e:aa:29:4e:75:fb:8c:0f:a2:e2:
54:52:29:ec:a9:6c:13:08:93:75:af:83:e3:d3:93:
84:19:5f:ef:32:f5:5b:29:91:f8:64:84:4f:6a:65:
c1:d2:f7:13:c6:74:9c:8b:6a:e1:09:b8:21:89:29:
ec:e3:b9:e4:b1:21:0e:c1:4e:ca:f3:af:dc:ce:aa:
ff:cc:ec:ab:98:a2:57:39:d6:b1:a2:d0:e1:2c:7e:
64:a0:a0:6e:a2:ec:ae:7a:ba:86:a9:a0:3f:80:7d:
93:32:16:52:03:ed:11:58:02:e7:9d:cb:92:07:57:
30:5e:9e:37:fe:a9:76:08:5f:34:7d:ad:dd:8b:1c:
fc:09:4e:33:22:93:0d:93:8b:1d:d9:38:72:72:c4:
68:66:82:92:a4:50:32:ad:02:32:74:46:01:bc:7d:
4c:82:83:da:45:cb:39:9f:b0:5f:ed:46:4a:ac:f9:
91:ab:a9:a0:be:49:cb:cb:93:d2:4f:5a:11:7d:32:
4a:58:2b:c9:9e:9d:f5:b0:1b:94:e6:7e:45:35:17:
8b:b2:65:03:cb:f8:d4:11:2d:e6:34:45:82:7b:7c:
49:8d:2b:28:ce:d4:da:b7:58:13:26:f2:4c:ab:df:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:54:65:89:24:49:40:78:ED:5B:80:93:61:45:5E:7E:C7:37:9A:B3
X509v3 Authority Key Identifier:
keyid:87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:b7:ac:3a:f2:3b:99:93:97:b4:34:0e:7b:88:4f:22:1f:30:
7e:bb:aa:4f:0d:54:0a:2c:de:e2:a8:f4:a1:fa:08:de:36:76:
39:1d:ee:b8:ae:48:ae:f4:2c:e5:b3:7d:c7:18:41:a9:ed:21:
b8:c2:47:0b:32:cc:f7:57:05:6c:f8:e0:1e:88:b7:21:7f:ad:
b9:74:dc:56:c1:99:c5:8b:8b:c6:ac:28:56:17:5c:53:e2:d6:
52:2a:9c:3b:b4:3e:27:73:12:28:38:d0:cc:89:8d:14:00:18:
a6:57:41:b3:3b:ad:b6:2a:ad:55:8c:fb:cd:a7:cd:52:3e:c3:
36:fa:35:89:45:1d:11:47:62:cc:60:a9:5d:39:74:bb:d9:a6:
21:23:98:d7:e1:5f:28:b9:0c:eb:5d:12:6f:0c:4b:4b:ce:1d:
86:b2:c5:bf:d9:1c:dd:96:cd:a6:17:16:94:ea:68:45:b8:f1:
51:88:58:49:d4:a2:df:87:f5:89:f9:12:15:3e:3a:9c:f4:28:
ae:bb:3e:a6:57:de:7c:4a:c9:ff:72:ca:c9:ca:64:5d:71:4e:
12:a9:51:de:47:ad:d2:5b:79:0f:83:4b:13:a2:c7:27:4f:c9:
f9:12:53:9c:e4:e8:52:06:ca:4a:83:e9:4e:2c:ee:45:ad:28:
aa:e2:c5:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGMtO2tFYqg2lI+pYZLQbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGUyYTIwN2Y2OTc3MjE0YTk1N2E4ZTE0OGQxZjhiNWE1
Y2QwODIwHhcNMjUwNDE4MDAwMDU4WhcNMjUwNDE5MDAwMDU4WjAzMTEwLwYDVQQD
Eyg1ZjU0NjU4OTI0NDk0MDc4ZWQ1YjgwOTM2MTQ1NWU3ZWM3Mzc5YWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp1Y0GhE4OwiH9hzbsIH+XVRmn6q
KU51+4wPouJUUinsqWwTCJN1r4Pj05OEGV/vMvVbKZH4ZIRPamXB0vcTxnSci2rh
CbghiSns47nksSEOwU7K86/czqr/zOyrmKJXOdaxotDhLH5koKBuouyuerqGqaA/
gH2TMhZSA+0RWALnncuSB1cwXp43/ql2CF80fa3dixz8CU4zIpMNk4sd2ThycsRo
ZoKSpFAyrQIydEYBvH1MgoPaRcs5n7Bf7UZKrPmRq6mgvknLy5PST1oRfTJKWCvJ
np31sBuU5n5FNReLsmUDy/jUES3mNEWCe3xJjSsoztTat1gTJvJMq98rNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9UZYkkSUB47VuAk2FFXn7HN5qzMB8GA1UdIwQY
MBaAFIcOKiB/aXchSpV6jhSNH4taXNCCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUt
OGE5NDY4N2RiYTZmLzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUtOGE5NDY4N2RiYTZm
LzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADresOvI7
mZOXtDQOe4hPIh8wfruqTw1UCize4qj0ofoI3jZ2OR3uuK5IrvQs5bN9xxhBqe0h
uMJHCzLM91cFbPjgHoi3IX+tuXTcVsGZxYuLxqwoVhdcU+LWUiqcO7Q+J3MSKDjQ
zImNFAAYpldBszuttiqtVYz7zafNUj7DNvo1iUUdEUdizGCpXTl0u9mmISOY1+Ff
KLkM610SbwxLS84dhrLFv9kc3ZbNphcWlOpoRbjxUYhYSdSi34f1ifkSFT46nPQo
rrs+plfefErJ/3LKycpkXXFOEqlR3ket0lt5D4NLE6LHJ0/J+RJTnOToUgbKSoPp
TizuRa0oquLFRQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:50:16 2025 by rpki-client