Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: a1cEO8Wfphthqcww7GBBmdWK57CRTrtfhAVp4MDu9Y4=
Subject key identifier: DE:B7:68:21:BC:EC:6A:E8:42:FA:75:86:CF:E9:E9:4F:F9:FD:70:D9
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019683C7DC18FFE55332603D17BDF6455EB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 14A7
Signing time: Tue 29 Apr 2025 23:00:35 +0000
Manifest this update: Tue 29 Apr 2025 23:00:35 +0000
Manifest next update: Wed 30 Apr 2025 23:00:35 +0000
Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: ShUFyI54yPaRgKeF+BFaiKU0JHG25klHny++ZKl7PTk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 23:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:c7:dc:18:ff:e5:53:32:60:3d:17:bd:f6:45:5e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Apr 29 23:00:35 2025 GMT
Not After : Apr 30 23:00:35 2025 GMT
Subject: CN=deb76821bcec6ae842fa7586cfe9e94ff9fd70d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:a1:4c:32:f0:3e:1b:46:59:b1:8b:a9:2e:
bd:ab:81:f7:09:d5:77:fe:7c:2c:bd:44:a9:3b:13:
1e:5e:97:bf:5a:3f:b7:1b:c9:9a:40:e7:31:65:0e:
97:30:55:26:6d:3f:47:48:ab:bf:1d:f7:97:30:45:
bd:87:be:a4:b8:7f:90:34:a4:74:03:3f:d8:6d:95:
b3:2d:e4:57:f9:fb:0d:bb:65:72:da:f4:89:97:e6:
06:58:e3:8b:91:2b:85:07:da:b3:02:df:d9:34:f0:
80:f0:62:be:d7:5d:8f:75:18:26:17:41:87:df:33:
fa:dc:21:f3:f2:3c:20:1b:3f:c8:44:e4:57:1d:cc:
01:4b:e2:c8:8e:5e:9c:ae:09:b7:ca:0f:af:f0:8c:
d3:c2:9b:6f:1f:67:b9:54:4d:40:d4:04:4e:8d:e6:
0c:27:56:30:d3:01:c0:c8:0f:ae:7f:21:cc:f9:f5:
f0:99:a5:6a:9e:83:d4:ac:f5:1f:89:bb:9b:31:0d:
1c:5a:2d:d3:5f:39:49:9d:77:cf:44:3e:39:f6:66:
bf:57:b1:b1:39:86:66:65:df:a8:4e:b3:8f:18:4e:
fa:42:bc:60:21:d3:50:e4:a6:a3:b6:68:69:e6:e3:
0a:c2:82:2f:e0:dd:bf:3a:af:f5:1a:f0:b4:14:95:
13:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B7:68:21:BC:EC:6A:E8:42:FA:75:86:CF:E9:E9:4F:F9:FD:70:D9
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:88:1a:c1:a2:33:98:54:87:10:d6:39:5a:1e:82:62:7c:7d:
54:8d:44:68:d7:6f:7e:ac:59:cf:3a:62:3c:c0:b6:57:50:1c:
a5:6c:1c:0c:4f:84:bb:b9:43:10:d6:8d:38:11:6a:64:58:00:
f3:4e:46:20:40:49:22:21:41:03:f0:05:50:db:44:e7:d7:00:
9b:7d:25:e3:1a:05:6f:49:02:34:8a:30:d5:3b:47:1d:2f:89:
e6:c4:b0:f1:db:30:b6:f1:ee:8d:18:d5:f5:8f:40:da:7f:c1:
a8:a8:cb:b4:9c:39:15:a2:dc:0e:f4:3e:60:19:2d:17:32:ac:
d3:07:40:e0:b8:af:60:36:03:8c:24:e0:04:cf:e9:a4:0b:1c:
fb:a6:77:d7:43:a6:30:ec:e3:e6:8f:d9:25:3d:2d:96:6c:5b:
c9:f1:50:01:cd:66:59:8f:51:92:f5:a6:47:90:9b:23:48:a5:
bf:34:52:50:66:ee:5a:3d:d0:10:0b:47:a4:ca:df:9c:e2:66:
31:b5:24:0d:36:05:73:62:d5:91:a4:ee:a2:c1:27:6d:bc:54:
95:19:6f:b3:ec:71:92:a8:55:a1:af:13:3a:2f:54:19:1f:0e:
9a:77:cc:60:60:d2:34:99:5a:6e:db:b2:91:83:bc:e8:17:8a:
23:01:f4:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDx9wY/+VTMmA9F732RV6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUwNDI5MjMwMDM1WhcNMjUwNDMwMjMwMDM1WjAzMTEwLwYDVQQD
EyhkZWI3NjgyMWJjZWM2YWU4NDJmYTc1ODZjZmU5ZTk0ZmY5ZmQ3MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIuhTDLwPhtGWbGLqS69q4H3CdV3
/nwsvUSpOxMeXpe/Wj+3G8maQOcxZQ6XMFUmbT9HSKu/HfeXMEW9h76kuH+QNKR0
Az/YbZWzLeRX+fsNu2Vy2vSJl+YGWOOLkSuFB9qzAt/ZNPCA8GK+112PdRgmF0GH
3zP63CHz8jwgGz/IRORXHcwBS+LIjl6crgm3yg+v8IzTwptvH2e5VE1A1AROjeYM
J1Yw0wHAyA+ufyHM+fXwmaVqnoPUrPUfibubMQ0cWi3TXzlJnXfPRD459ma/V7Gx
OYZmZd+oTrOPGE76QrxgIdNQ5Kajtmhp5uMKwoIv4N2/Oq/1GvC0FJUT+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN63aCG87GroQvp1hs/p6U/5/XDZMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYgawaIz
mFSHENY5Wh6CYnx9VI1EaNdvfqxZzzpiPMC2V1AcpWwcDE+Eu7lDENaNOBFqZFgA
805GIEBJIiFBA/AFUNtE59cAm30l4xoFb0kCNIow1TtHHS+J5sSw8dswtvHujRjV
9Y9A2n/BqKjLtJw5FaLcDvQ+YBktFzKs0wdA4LivYDYDjCTgBM/ppAsc+6Z310Om
MOzj5o/ZJT0tlmxbyfFQAc1mWY9RkvWmR5CbI0ilvzRSUGbuWj3QEAtHpMrfnOJm
MbUkDTYFc2LVkaTuosEnbbxUlRlvs+xxkqhVoa8TOi9UGR8OmnfMYGDSNJlabtuy
kYO86BeKIwH0Ug==
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:15:12 2025 by rpki-client