Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
File: GheAknBHDXwlZxEvtAqe9xJgBRY.mft (raw, json)
Hash identifier: Q/Mz1dkvK1EqxErIVvNec56a1GBBdq9txFp+9ND2wu0=
Subject key identifier: C4:CA:97:28:43:60:5F:CC:27:38:FD:B1:C2:C5:86:4F:F9:0F:1A:77
Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516
Certificate serial: 019655DCE4CB7FD070610511ABA654209565
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
Manifest number: 1500
Signing time: Mon 21 Apr 2025 01:01:01 +0000
Manifest this update: Mon 21 Apr 2025 01:01:01 +0000
Manifest next update: Tue 22 Apr 2025 01:01:01 +0000
Files and hashes: 1: 3n_Nd4cUj6teASapK4pWavXgfU0.roa (hash: KngeXtbNNWR05hMf2WkynvKsVClU9oGlPMx0Mk7lMOM=)
2: GheAknBHDXwlZxEvtAqe9xJgBRY.crl (hash: smQuDpJ+Y9j/Iwnx7kXz4iHc1bJUnT+vyrGmBMPVh2s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:dc:e4:cb:7f:d0:70:61:05:11:ab:a6:54:20:95:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516
Validity
Not Before: Apr 21 01:01:01 2025 GMT
Not After : Apr 22 01:01:01 2025 GMT
Subject: CN=c4ca972843605fcc2738fdb1c2c5864ff90f1a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:61:d9:6f:b9:fb:69:aa:04:82:11:3f:00:14:
f2:e1:fc:fc:22:26:fc:e8:d9:82:2b:29:bc:f3:93:
7c:3b:9e:ce:19:c0:ef:6e:33:64:1f:1f:66:9a:20:
d8:47:d7:40:fa:8f:ae:4d:70:1c:e9:ef:2e:90:cd:
a3:de:52:44:b7:e5:67:2f:fc:f4:5a:bb:b5:c4:3a:
aa:85:b8:18:ee:f4:40:09:40:dc:aa:b3:e1:8b:97:
c0:24:08:8b:1c:5f:a0:69:5d:d3:35:d6:f9:eb:a3:
16:3e:3b:ea:d5:24:60:6f:4b:94:2f:84:cc:d0:19:
8a:f4:a0:9e:33:70:00:f2:2a:2d:72:de:50:75:72:
f9:d9:4f:f5:18:79:a3:1e:2d:88:35:c7:16:0c:5d:
39:87:a9:d4:40:7b:5e:08:fe:21:c0:e7:5a:0a:32:
8d:83:8e:09:e7:a5:ea:06:05:7a:ec:fc:a5:2c:68:
46:5d:4a:a6:7b:00:ee:bc:f6:c5:92:85:de:19:1d:
4f:a2:6f:ce:0d:03:48:ea:84:df:4f:c9:d3:24:88:
25:73:97:f8:00:e9:7d:f5:48:d6:0c:d2:91:b4:00:
0b:53:b1:b9:b8:a4:5e:3e:89:e7:5d:cd:ce:03:a5:
02:12:91:21:43:0d:85:1d:43:9b:3b:90:b0:d6:77:
c0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CA:97:28:43:60:5F:CC:27:38:FD:B1:C2:C5:86:4F:F9:0F:1A:77
X509v3 Authority Key Identifier:
keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:43:43:d6:17:ea:bf:fb:7c:b8:03:46:66:a4:06:4b:e1:a2:
cd:0d:c2:40:68:22:52:b6:d6:af:a9:10:dc:12:12:31:e0:15:
64:6c:4a:75:e0:3d:62:b6:1a:7a:50:1a:f5:bb:b7:95:3e:c0:
5d:2b:16:83:aa:2a:57:cf:bc:b3:26:ca:e9:c2:e8:79:6e:38:
3b:26:10:e5:66:10:76:31:7a:33:54:c9:17:6a:01:00:49:0b:
28:d8:3a:9e:3f:f3:a9:5a:7a:77:25:bc:8f:0c:ca:ad:0d:d9:
a9:10:5d:8b:ab:3d:64:70:3c:fe:f8:90:db:6d:78:09:4e:e4:
ec:67:94:1d:b8:06:8b:fb:72:a7:22:76:6a:27:79:28:ce:8d:
17:d4:eb:24:36:0b:c1:b5:be:52:d1:48:2d:87:cb:87:62:d6:
6f:db:cd:cb:31:29:6f:6b:a6:ef:4b:c0:2d:ee:81:da:ce:6c:
02:e3:c4:df:74:13:70:44:b3:9d:83:e0:80:c3:46:6e:c2:99:
3b:d9:32:01:0f:56:1e:3d:33:9a:52:bf:bc:2e:7a:2a:0b:50:
87:90:8d:15:3d:a1:f4:b8:a2:af:ef:bb:3b:51:b0:1e:17:d5:
a0:44:93:b6:ae:bc:e1:c9:33:75:e7:b8:e5:06:55:f3:3a:85:
b5:72:0c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3OTLf9BwYQURq6ZUIJVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2
MDA1MTYwHhcNMjUwNDIxMDEwMTAxWhcNMjUwNDIyMDEwMTAxWjAzMTEwLwYDVQQD
EyhjNGNhOTcyODQzNjA1ZmNjMjczOGZkYjFjMmM1ODY0ZmY5MGYxYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GHZb7n7aaoEghE/ABTy4fz8Iib8
6NmCKym885N8O57OGcDvbjNkHx9mmiDYR9dA+o+uTXAc6e8ukM2j3lJEt+VnL/z0
Wru1xDqqhbgY7vRACUDcqrPhi5fAJAiLHF+gaV3TNdb566MWPjvq1SRgb0uUL4TM
0BmK9KCeM3AA8iotct5QdXL52U/1GHmjHi2INccWDF05h6nUQHteCP4hwOdaCjKN
g44J56XqBgV67PylLGhGXUqmewDuvPbFkoXeGR1Pom/ODQNI6oTfT8nTJIglc5f4
AOl99UjWDNKRtAALU7G5uKRePonnXc3OA6UCEpEhQw2FHUObO5Cw1nfAcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTKlyhDYF/MJzj9scLFhk/5Dxp3MB8GA1UdIwQY
MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt
OGFmYTc0ZDg3NjlmLzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm
LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckND1hfq
v/t8uANGZqQGS+GizQ3CQGgiUrbWr6kQ3BISMeAVZGxKdeA9YrYaelAa9bu3lT7A
XSsWg6oqV8+8sybK6cLoeW44OyYQ5WYQdjF6M1TJF2oBAEkLKNg6nj/zqVp6dyW8
jwzKrQ3ZqRBdi6s9ZHA8/viQ2214CU7k7GeUHbgGi/typyJ2aid5KM6NF9TrJDYL
wbW+UtFILYfLh2LWb9vNyzEpb2um70vALe6B2s5sAuPE33QTcESznYPggMNGbsKZ
O9kyAQ9WHj0zmlK/vC56KgtQh5CNFT2h9Liir++7O1GwHhfVoESTtq684ckzdee4
5QZV8zqFtXIMeQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:08:25 2025 by rpki-client