Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
File: hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft (raw, json)
Hash identifier: k0O2rdOxT5AV4EdlBErdi9qZEgMyHSb1DB1mxEpJiWY=
Subject key identifier: B4:E0:46:44:06:B8:50:5B:28:18:FC:55:D9:F2:1F:04:D0:55:27:B0
Authority key identifier: 85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
Certificate issuer: /CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Certificate serial: 01961CC93C50065D3C4B82EEDD5B75419431
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
Manifest number: 14E3
Signing time: Wed 09 Apr 2025 23:01:12 +0000
Manifest this update: Wed 09 Apr 2025 23:01:12 +0000
Manifest next update: Thu 10 Apr 2025 23:01:12 +0000
Files and hashes: 1: 4NKKaipkT34nKtWhfa19D74f25c.roa (hash: YTaiys0RSHABRCWEassKEE2Fqko+03tYIMHlBHkZyig=)
2: hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl (hash: Z2GFCbjWYrLPAlVX7Wsz9bhxPr1Gd0vTZeskYDUz/5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1c:c9:3c:50:06:5d:3c:4b:82:ee:dd:5b:75:41:94:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Validity
Not Before: Apr 9 23:01:12 2025 GMT
Not After : Apr 10 23:01:12 2025 GMT
Subject: CN=b4e0464406b8505b2818fc55d9f21f04d05527b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:95:4b:d5:86:77:87:ef:71:f6:8a:f3:66:
ae:24:05:e6:92:3b:82:19:d2:1d:f7:f5:57:0f:03:
a2:f6:9e:4d:82:a1:d7:e0:e3:e0:6b:f7:77:c9:99:
c8:df:37:b0:d0:46:88:8f:3f:08:2b:b8:86:18:61:
c1:e7:f5:98:2f:12:67:96:8d:69:78:8b:17:94:2c:
aa:97:35:6b:4a:a2:c2:23:94:c3:7c:3e:99:0f:06:
97:6d:0d:4b:29:22:d2:55:fa:06:34:87:eb:98:2b:
19:f6:86:ee:3c:de:28:7a:84:1f:51:1f:b3:2e:4e:
5a:5e:98:97:97:e5:63:16:ae:d7:f2:75:92:8a:12:
74:83:70:93:a0:cb:44:cb:d8:36:f4:ac:6f:dc:a6:
01:1c:ac:2f:0d:9b:d8:5f:a4:bf:c1:5d:67:29:82:
85:22:b6:64:92:f2:fa:34:f6:23:3f:48:d7:7e:d0:
fb:02:26:9c:fc:57:20:82:75:7f:7d:b8:a6:50:be:
78:3b:c9:fb:4d:03:ef:6c:80:75:69:af:71:fc:c8:
97:ef:4a:02:1b:0f:65:be:87:ed:b8:a2:7b:73:a2:
af:5a:46:72:03:72:4e:98:0f:24:f8:d2:f9:4a:0e:
08:30:7d:50:7d:3e:b0:49:ce:8f:69:04:61:cc:3a:
83:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E0:46:44:06:B8:50:5B:28:18:FC:55:D9:F2:1F:04:D0:55:27:B0
X509v3 Authority Key Identifier:
keyid:85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:d5:55:49:af:f9:94:fe:b7:b0:dd:89:72:9b:c7:da:25:3d:
1d:c1:7e:76:19:5a:71:53:de:cc:86:4b:fb:9d:af:75:5c:ff:
df:e9:0d:c8:fe:82:84:05:3d:81:8e:7f:bc:24:ef:42:b3:05:
61:f3:a4:d3:d2:00:f6:5e:0f:d2:1c:72:06:4b:58:b2:6e:ad:
2e:86:70:06:74:49:08:48:bf:2e:5d:c3:8a:38:d1:29:63:0f:
d5:83:ca:fd:7a:5d:0a:55:a7:02:f2:6b:34:45:aa:56:a3:cb:
eb:0f:33:2f:5f:7f:1a:36:55:60:52:10:d6:e7:93:cd:2e:15:
c2:fa:ea:f0:12:fb:9b:f7:5e:02:9b:92:ff:16:44:29:0f:dc:
b9:0d:be:dd:17:c7:c0:4d:56:f8:c0:2f:93:84:ae:c1:ab:e4:
bb:42:0a:b5:22:40:39:4c:60:41:ca:33:d8:80:e8:fd:57:cf:
cd:2e:e7:05:83:1f:67:6d:1f:2b:57:66:78:73:81:da:34:ad:
07:ce:b1:2a:ef:e5:5e:a5:ce:d5:7c:e1:85:1e:95:67:2c:08:
1f:a4:54:3f:4b:25:a1:00:6b:be:ee:c1:bb:53:09:9b:43:71:
62:ad:9a:c6:c6:bd:c6:02:0f:b6:69:d6:b7:90:c6:bb:23:c7:
bd:06:e4:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYcyTxQBl08S4Lu3Vt1QZQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDRlYmY5ZGIxNzEwYTQ3YmFlNDUwOGNkYWY4MTMxZTE2
NzRhNTQwHhcNMjUwNDA5MjMwMTEyWhcNMjUwNDEwMjMwMTEyWjAzMTEwLwYDVQQD
EyhiNGUwNDY0NDA2Yjg1MDViMjgxOGZjNTVkOWYyMWYwNGQwNTUyN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XmVS9WGd4fvcfaK82auJAXmkjuC
GdId9/VXDwOi9p5NgqHX4OPga/d3yZnI3zew0EaIjz8IK7iGGGHB5/WYLxJnlo1p
eIsXlCyqlzVrSqLCI5TDfD6ZDwaXbQ1LKSLSVfoGNIfrmCsZ9obuPN4oeoQfUR+z
Lk5aXpiXl+VjFq7X8nWSihJ0g3CToMtEy9g29Kxv3KYBHKwvDZvYX6S/wV1nKYKF
IrZkkvL6NPYjP0jXftD7Aiac/FcggnV/fbimUL54O8n7TQPvbIB1aa9x/MiX70oC
Gw9lvoftuKJ7c6KvWkZyA3JOmA8k+NL5Sg4IMH1QfT6wSc6PaQRhzDqDuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTgRkQGuFBbKBj8VdnyHwTQVSewMB8GA1UdIwQY
MBaAFIUE6/nbFxCke65FCM2vgTHhZ0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgt
YTliMWRmNDRjZTJmLzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgtYTliMWRmNDRjZTJm
LzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWtVVSa/5
lP63sN2JcpvH2iU9HcF+dhlacVPezIZL+52vdVz/3+kNyP6ChAU9gY5/vCTvQrMF
YfOk09IA9l4P0hxyBktYsm6tLoZwBnRJCEi/Ll3DijjRKWMP1YPK/XpdClWnAvJr
NEWqVqPL6w8zL19/GjZVYFIQ1ueTzS4Vwvrq8BL7m/deApuS/xZEKQ/cuQ2+3RfH
wE1W+MAvk4Suwavku0IKtSJAOUxgQcoz2IDo/VfPzS7nBYMfZ20fK1dmeHOB2jSt
B86xKu/lXqXO1XzhhR6VZywIH6RUP0sloQBrvu7Bu1MJm0NxYq2axsa9xgIPtmnW
t5DGuyPHvQbkzQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 03:44:17 2025 by rpki-client