Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
File: x0heKfEYwBvobBnmaPrPpIXecYw.mft (raw, json)
Hash identifier: nzmu8WSA3kBe84zAtKWeUT76uXioSfbprYCqhqCi9JQ=
Subject key identifier: D5:36:C1:9C:DC:10:A8:3A:09:11:9B:20:1D:EA:1F:F6:33:E2:73:E3
Authority key identifier: C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
Certificate issuer: /CN=c7485e29f118c01be86c19e668facfa485de718c
Certificate serial: 0196545BB08FFADDB8DE6282636BF3D6D76A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
Manifest number: 0C23
Signing time: Sun 20 Apr 2025 18:00:16 +0000
Manifest this update: Sun 20 Apr 2025 18:00:16 +0000
Manifest next update: Mon 21 Apr 2025 18:00:16 +0000
Files and hashes: 1: t18UoHeAEcZ6Yu4NKG2nAheiZEs.roa (hash: RypsXYxji2dJaH2ZVLBlo3yRoSbmcerkP3rshZoohgo=)
2: x0heKfEYwBvobBnmaPrPpIXecYw.crl (hash: NI5DQe4xHydo5YVUQgBsggdYeoF/NguOcHqrwwvUdhc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:5b:b0:8f:fa:dd:b8:de:62:82:63:6b:f3:d6:d7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7485e29f118c01be86c19e668facfa485de718c
Validity
Not Before: Apr 20 18:00:16 2025 GMT
Not After : Apr 21 18:00:16 2025 GMT
Subject: CN=d536c19cdc10a83a09119b201dea1ff633e273e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:54:1a:20:81:25:1f:b6:92:ee:51:70:ba:
e5:76:62:e6:93:a9:49:eb:7b:a1:1e:af:c9:cb:01:
04:18:a5:c9:58:3f:f0:74:0f:ba:8b:90:6d:6e:c5:
6f:1b:4d:70:b0:8a:88:48:f6:b7:f2:65:c5:af:f0:
f0:aa:07:94:81:66:b4:39:d8:df:06:db:32:d8:e1:
04:71:44:73:80:3a:4b:ee:21:32:f8:5e:51:40:3f:
1b:42:0f:e0:dc:13:38:27:07:44:b3:d6:b4:20:3f:
86:2a:42:93:95:e2:a1:0c:eb:0c:44:0a:4c:30:24:
06:01:01:79:42:b5:dc:73:a2:b5:bf:56:7a:9d:61:
09:c0:22:d5:4e:2e:e2:0c:f8:e3:6d:14:c9:0c:0e:
0b:12:ae:b9:29:73:27:db:b1:0a:d8:26:e5:13:45:
89:08:7d:9d:5b:14:25:42:4c:47:bb:9b:95:c6:35:
53:7c:da:9f:38:89:b8:04:b1:6e:e8:20:6a:43:05:
2d:55:38:50:50:69:14:e1:e3:f1:b0:6d:0a:4d:54:
92:84:fe:ac:78:ba:b6:86:92:95:ed:2b:9a:e4:93:
b5:4d:d8:da:27:08:13:95:f7:39:75:ae:c5:3d:39:
d2:82:de:bf:86:87:8e:44:ad:f6:9b:1f:cf:98:09:
71:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:36:C1:9C:DC:10:A8:3A:09:11:9B:20:1D:EA:1F:F6:33:E2:73:E3
X509v3 Authority Key Identifier:
keyid:C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:36:c6:d9:42:d0:71:fa:ef:ad:08:1b:5e:2d:03:5f:16:23:
75:a5:6c:f6:ad:e5:34:2a:c5:c0:7b:70:f0:78:09:93:1b:6b:
f1:e0:d3:7e:a8:15:13:11:83:9d:70:e2:7b:e3:3e:12:31:ee:
84:87:04:cb:79:01:98:6a:df:37:f0:83:60:3b:b5:11:d7:91:
43:2b:e7:fc:57:f9:4d:eb:46:3c:47:7c:2c:52:24:d6:b0:da:
66:1c:c0:46:12:48:c0:de:08:11:33:38:8d:19:7f:db:ea:58:
02:24:bf:2d:96:ca:ca:31:ce:59:12:14:5d:de:70:d2:f9:40:
64:89:e1:c4:12:58:84:49:56:f1:3f:6a:75:54:c0:fb:33:6f:
98:9c:57:8d:bc:3d:44:a5:76:ac:9f:39:f6:f9:69:c2:40:5a:
a3:60:59:45:bf:6c:2e:6a:b5:64:cd:0c:0b:70:4c:14:12:0f:
8f:62:2e:18:00:6a:16:6e:85:0d:86:21:0f:4e:d9:e2:50:07:
20:c0:6b:f3:d7:9a:a7:d0:14:9c:b2:f1:1b:db:1b:f6:e8:e3:
0c:45:67:12:24:51:a8:49:d6:fc:b2:9d:29:2f:2a:76:fa:71:
92:d4:6a:bd:f5:91:43:9b:f7:06:d4:c7:af:69:a3:47:f7:11:
46:60:90:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUW7CP+t243mKCY2vz1tdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NDg1ZTI5ZjExOGMwMWJlODZjMTllNjY4ZmFjZmE0ODVk
ZTcxOGMwHhcNMjUwNDIwMTgwMDE2WhcNMjUwNDIxMTgwMDE2WjAzMTEwLwYDVQQD
EyhkNTM2YzE5Y2RjMTBhODNhMDkxMTliMjAxZGVhMWZmNjMzZTI3M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNZUGiCBJR+2ku5RcLrldmLmk6lJ
63uhHq/JywEEGKXJWD/wdA+6i5BtbsVvG01wsIqISPa38mXFr/DwqgeUgWa0Odjf
Btsy2OEEcURzgDpL7iEy+F5RQD8bQg/g3BM4JwdEs9a0ID+GKkKTleKhDOsMRApM
MCQGAQF5QrXcc6K1v1Z6nWEJwCLVTi7iDPjjbRTJDA4LEq65KXMn27EK2CblE0WJ
CH2dWxQlQkxHu5uVxjVTfNqfOIm4BLFu6CBqQwUtVThQUGkU4ePxsG0KTVSShP6s
eLq2hpKV7Sua5JO1TdjaJwgTlfc5da7FPTnSgt6/hoeORK32mx/PmAlxLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNU2wZzcEKg6CRGbIB3qH/Yz4nPjMB8GA1UdIwQY
MBaAFMdIXinxGMAb6GwZ5mj6z6SF3nGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQt
NTdmOWJjNmE1YzMwLzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQtNTdmOWJjNmE1YzMw
LzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApjbG2ULQ
cfrvrQgbXi0DXxYjdaVs9q3lNCrFwHtw8HgJkxtr8eDTfqgVExGDnXDie+M+EjHu
hIcEy3kBmGrfN/CDYDu1EdeRQyvn/Ff5TetGPEd8LFIk1rDaZhzARhJIwN4IETM4
jRl/2+pYAiS/LZbKyjHOWRIUXd5w0vlAZInhxBJYhElW8T9qdVTA+zNvmJxXjbw9
RKV2rJ859vlpwkBao2BZRb9sLmq1ZM0MC3BMFBIPj2IuGABqFm6FDYYhD07Z4lAH
IMBr89eap9AUnLLxG9sb9ujjDEVnEiRRqEnW/LKdKS8qdvpxktRqvfWRQ5v3BtTH
r2mjR/cRRmCQOQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:22 2025 by rpki-client