Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: I43dXFOjMu8czkKERNKjV2Cn/NVIibO+AL7ivR/xzYU=
Subject key identifier: 5C:1F:A2:FD:B6:D4:48:DB:EA:CD:DF:5E:82:44:CB:FA:61:B7:4F:CA
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 0196526D76CFAD1F2ABAE94326BAEFB28C52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 0EF7
Signing time: Sun 20 Apr 2025 09:00:27 +0000
Manifest this update: Sun 20 Apr 2025 09:00:27 +0000
Manifest next update: Mon 21 Apr 2025 09:00:27 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: AB91W2gKL+REYBU2O+6l8G/qxCmjlG+vGCFnKStGji4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:6d:76:cf:ad:1f:2a:ba:e9:43:26:ba:ef:b2:8c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Apr 20 09:00:27 2025 GMT
Not After : Apr 21 09:00:27 2025 GMT
Subject: CN=5c1fa2fdb6d448dbeacddf5e8244cbfa61b74fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:29:1b:bb:1f:3b:89:40:66:4f:cf:10:9a:
05:27:a3:5d:b5:66:05:aa:e4:ce:ee:91:53:b7:25:
71:46:cc:dd:80:77:98:41:95:5f:76:b5:fa:ae:31:
3a:61:bb:48:37:64:3e:16:cb:6d:0b:24:5b:22:ac:
4c:95:6b:06:73:de:79:cc:da:76:2c:18:5c:d2:e4:
c9:5b:59:18:91:3f:05:47:dc:e3:53:59:a3:d2:82:
30:05:90:a9:ef:0a:84:de:50:1d:b3:77:07:25:2d:
65:e8:f6:62:fc:ce:6a:e4:10:eb:48:94:93:06:55:
da:e5:2c:a4:11:43:01:e6:18:69:63:75:5f:1a:78:
a7:23:fc:95:e1:ed:f2:f4:a4:54:f3:fa:b6:71:6f:
19:d6:b4:ad:86:73:fa:d7:fb:7b:bb:3a:08:dd:11:
3d:ac:ff:2c:80:44:e5:3a:65:e2:ae:61:06:c5:bf:
0e:17:e2:50:85:98:ee:1a:76:4b:88:7c:2c:53:cf:
9e:24:5d:51:ad:0b:b8:ff:b1:4a:e0:02:08:06:86:
94:0c:be:f4:eb:b2:1c:23:3c:5e:b7:4b:a4:24:4b:
0e:b5:48:da:3d:ad:e9:bc:09:c3:10:71:04:45:1f:
94:9d:37:15:44:e2:ac:51:6f:61:e0:dd:ee:ea:25:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1F:A2:FD:B6:D4:48:DB:EA:CD:DF:5E:82:44:CB:FA:61:B7:4F:CA
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:f4:f9:b5:7b:2a:cf:40:8e:b5:2a:14:82:d5:f9:71:9c:95:
93:57:90:2b:35:c0:f4:9f:0d:81:71:87:a3:86:3c:b7:2c:78:
23:89:da:d1:61:a3:90:58:38:00:f5:fb:89:93:d3:2b:f2:c4:
ab:99:f4:dd:43:c6:aa:bf:b3:38:c0:92:cd:24:8c:13:9d:38:
f1:46:d1:2d:af:8e:ba:68:74:58:4e:3a:57:b3:fd:7f:51:1d:
e7:49:8e:d2:fa:45:d1:10:5d:8f:1f:67:7f:21:00:ea:1b:5a:
55:8a:60:8b:12:76:d7:84:85:d9:05:ea:45:3b:1d:1d:44:16:
fc:9e:4f:5a:ab:c9:9c:12:c2:00:ec:7f:5b:9c:fa:30:28:e9:
ca:a6:4f:d5:4e:24:af:d4:b2:2f:11:57:75:d0:80:7d:48:b4:
23:58:3f:91:77:ea:15:5a:6f:1c:c5:e4:98:6c:bb:b1:08:bf:
88:5a:db:20:4d:8f:32:d9:0a:b0:12:74:c1:dc:25:c1:93:24:
ed:3c:7a:3c:ec:df:c1:01:31:0a:44:91:96:0a:76:5d:a6:2e:
4f:6f:26:0f:41:33:26:2d:40:5d:0f:35:09:47:4a:8b:15:49:
fc:dc:69:f8:d5:1f:f1:50:e2:f2:54:f1:c8:72:5e:c7:2d:07:
3a:67:64:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbXbPrR8quulDJrrvsoxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUwNDIwMDkwMDI3WhcNMjUwNDIxMDkwMDI3WjAzMTEwLwYDVQQD
Eyg1YzFmYTJmZGI2ZDQ0OGRiZWFjZGRmNWU4MjQ0Y2JmYTYxYjc0ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTcpG7sfO4lAZk/PEJoFJ6NdtWYF
quTO7pFTtyVxRszdgHeYQZVfdrX6rjE6YbtIN2Q+FsttCyRbIqxMlWsGc955zNp2
LBhc0uTJW1kYkT8FR9zjU1mj0oIwBZCp7wqE3lAds3cHJS1l6PZi/M5q5BDrSJST
BlXa5SykEUMB5hhpY3VfGninI/yV4e3y9KRU8/q2cW8Z1rSthnP61/t7uzoI3RE9
rP8sgETlOmXirmEGxb8OF+JQhZjuGnZLiHwsU8+eJF1RrQu4/7FK4AIIBoaUDL70
67IcIzxet0ukJEsOtUjaPa3pvAnDEHEERR+UnTcVROKsUW9h4N3u6iWbQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwfov221Ejb6s3fXoJEy/pht0/KMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa/T5tXsq
z0COtSoUgtX5cZyVk1eQKzXA9J8NgXGHo4Y8tyx4I4na0WGjkFg4APX7iZPTK/LE
q5n03UPGqr+zOMCSzSSME5048UbRLa+Oumh0WE46V7P9f1Ed50mO0vpF0RBdjx9n
fyEA6htaVYpgixJ214SF2QXqRTsdHUQW/J5PWqvJnBLCAOx/W5z6MCjpyqZP1U4k
r9SyLxFXddCAfUi0I1g/kXfqFVpvHMXkmGy7sQi/iFrbIE2PMtkKsBJ0wdwlwZMk
7Tx6POzfwQExCkSRlgp2XaYuT28mD0EzJi1AXQ81CUdKixVJ/Nxp+NUf8VDi8lTx
yHJexy0HOmdk2Q==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:19 2025 by rpki-client