Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: MeNJ1qW9Y5L0lHkceEpzKcSngNMcK7wGReienAdWxjE=
Subject key identifier: 86:4B:E8:B5:5F:20:83:5E:E1:59:C6:BB:20:67:EC:14:73:78:57:8B
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 01964B2225A7C4BCA5431438EA30B7ABC8E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 14FD
Signing time: Fri 18 Apr 2025 23:00:51 +0000
Manifest this update: Fri 18 Apr 2025 23:00:51 +0000
Manifest next update: Sat 19 Apr 2025 23:00:51 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: 9SPimIFd3x6mvHhdHYbZxwuZvVxgv19ID9Cnn+ToQPM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4b:22:25:a7:c4:bc:a5:43:14:38:ea:30:b7:ab:c8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Apr 18 23:00:51 2025 GMT
Not After : Apr 19 23:00:51 2025 GMT
Subject: CN=864be8b55f20835ee159c6bb2067ec147378578b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:39:84:f1:bc:f2:92:2e:ad:23:e3:32:23:84:
fb:99:54:84:64:23:69:7d:64:61:fb:c3:7b:58:70:
3f:78:15:8f:66:4c:8f:50:3e:0d:9c:b8:8b:8b:a4:
c0:30:1b:91:7e:79:e7:1d:2a:b4:8f:5b:e5:c3:d3:
82:84:08:35:7c:a1:db:f8:4a:48:0f:8f:0e:7a:44:
15:a6:d1:e5:a5:49:13:27:09:1f:15:80:4f:c3:e7:
25:9b:0a:43:8d:ea:0c:07:95:c9:16:02:7a:3d:b2:
21:88:8a:d1:5c:6b:a9:fe:ea:b7:c5:79:f1:db:66:
b6:0a:01:d6:d6:c2:79:e3:18:d7:1e:53:87:ff:49:
6f:de:e7:7e:b4:fb:de:6d:58:6e:45:0e:84:f6:45:
bc:70:02:25:ad:d4:07:03:96:90:9b:37:d5:62:8d:
b0:88:a6:e3:57:64:46:37:c3:8f:ed:4f:7c:7b:d8:
c4:42:89:20:ab:1c:88:58:07:5b:54:6f:8a:da:a8:
10:48:a3:27:c5:1f:65:2d:88:4d:44:90:b7:dd:50:
3d:bf:ee:a7:00:3e:3b:f0:f9:0f:30:f0:aa:50:fa:
ee:b6:88:08:ea:5b:15:94:6f:1b:49:06:0e:74:5b:
37:30:3a:c2:b9:90:2b:38:78:ff:ad:3d:f4:8b:a1:
d1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4B:E8:B5:5F:20:83:5E:E1:59:C6:BB:20:67:EC:14:73:78:57:8B
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:d1:b9:62:ab:70:82:5c:71:4c:39:1b:1c:2b:8f:67:fc:7d:
ff:4b:ee:49:c7:37:28:68:a5:56:36:8e:be:a9:24:23:93:72:
e6:42:bd:f3:d0:31:8d:5d:6a:56:5c:b0:90:dd:73:eb:1a:c8:
0b:a7:66:a5:a4:61:63:08:2b:ae:04:a7:45:8e:45:da:c2:36:
ef:97:7a:ac:47:98:a4:8e:5b:81:7e:6a:2a:2b:4a:fa:dd:ff:
f8:69:e3:37:00:5d:00:37:c6:7b:f0:02:3c:02:59:b1:1a:e8:
fa:04:e5:b9:3c:08:2c:44:b5:76:fe:3a:6b:5f:af:57:12:fe:
5a:07:31:47:32:70:69:fb:f4:ec:b6:4b:85:e8:89:27:8b:e7:
81:8d:ab:9c:35:8d:b2:61:7a:aa:1c:e4:2e:e7:73:f9:cc:24:
e9:cb:f5:db:d0:b3:9d:e0:30:83:a0:f8:0f:1b:05:c6:55:be:
10:f5:29:ed:3f:69:6b:ac:1f:52:c9:19:87:0c:c4:11:4b:28:
1b:33:b5:c3:d5:2c:9a:7d:1f:2d:77:df:ce:63:7d:4a:a0:36:
8b:5f:54:b1:c6:6d:c4:c3:58:f7:7b:c7:40:86:e9:fd:ca:95:
66:0d:d6:2c:2c:a1:8a:fe:40:76:b9:9d:d1:86:f5:93:3c:01:
35:b4:f7:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLIiWnxLylQxQ46jC3q8jiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwNDE4MjMwMDUxWhcNMjUwNDE5MjMwMDUxWjAzMTEwLwYDVQQD
Eyg4NjRiZThiNTVmMjA4MzVlZTE1OWM2YmIyMDY3ZWMxNDczNzg1NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDmE8bzyki6tI+MyI4T7mVSEZCNp
fWRh+8N7WHA/eBWPZkyPUD4NnLiLi6TAMBuRfnnnHSq0j1vlw9OChAg1fKHb+EpI
D48OekQVptHlpUkTJwkfFYBPw+clmwpDjeoMB5XJFgJ6PbIhiIrRXGup/uq3xXnx
22a2CgHW1sJ54xjXHlOH/0lv3ud+tPvebVhuRQ6E9kW8cAIlrdQHA5aQmzfVYo2w
iKbjV2RGN8OP7U98e9jEQokgqxyIWAdbVG+K2qgQSKMnxR9lLYhNRJC33VA9v+6n
AD478PkPMPCqUPrutogI6lsVlG8bSQYOdFs3MDrCuZArOHj/rT30i6HRJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZL6LVfIINe4VnGuyBn7BRzeFeLMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNG5Yqtw
glxxTDkbHCuPZ/x9/0vuScc3KGilVjaOvqkkI5Ny5kK989AxjV1qVlywkN1z6xrI
C6dmpaRhYwgrrgSnRY5F2sI275d6rEeYpI5bgX5qKitK+t3/+GnjNwBdADfGe/AC
PAJZsRro+gTluTwILES1dv46a1+vVxL+WgcxRzJwafv07LZLheiJJ4vngY2rnDWN
smF6qhzkLudz+cwk6cv129CzneAwg6D4DxsFxlW+EPUp7T9pa6wfUskZhwzEEUso
GzO1w9Usmn0fLXffzmN9SqA2i19UscZtxMNY93vHQIbp/cqVZg3WLCyhiv5Adrmd
0Yb1kzwBNbT3Cw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:14:06 2025 by rpki-client