Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json)
Hash identifier: MdiDLykgXhzEKMymawOWaBqX//AD689YydxvJRCLehA=
Subject key identifier: 1E:F8:68:FE:02:FE:01:05:27:4A:54:E9:D6:8E:04:E7:88:11:64:BF
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 01967CE9EF42BD26BEB83AACEFA3F21ED9EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
Manifest number: 08FB
Signing time: Mon 28 Apr 2025 15:00:28 +0000
Manifest this update: Mon 28 Apr 2025 15:00:28 +0000
Manifest next update: Tue 29 Apr 2025 15:00:28 +0000
Files and hashes: 1: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (hash: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=)
2: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: OTtl1nbhKDnTQEI5w17A/jFDA1A5tvn/9G/Xrjl+7mQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:e9:ef:42:bd:26:be:b8:3a:ac:ef:a3:f2:1e:d9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Apr 28 15:00:28 2025 GMT
Not After : Apr 29 15:00:28 2025 GMT
Subject: CN=1ef868fe02fe0105274a54e9d68e04e7881164bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:84:95:9d:1c:73:d7:48:76:e3:3f:12:e0:b6:
c4:3e:75:61:5c:18:eb:28:d9:42:ed:b6:1c:bd:85:
44:00:f2:d9:dd:eb:4e:65:85:f6:79:e8:2e:fe:e0:
dd:8f:20:1b:c2:91:f1:13:b9:8c:93:3f:21:0e:bd:
7b:7f:f3:c6:ed:9d:e5:20:20:8a:e9:25:30:92:2a:
06:20:6f:2c:62:00:62:06:01:f4:27:58:cc:fc:f9:
48:60:50:48:2c:84:63:d5:61:7c:ce:3e:9b:8c:99:
c4:09:c7:8a:db:72:33:fd:b3:bf:87:1a:c4:09:da:
ce:e3:0d:74:30:0a:5e:1e:54:92:f8:0c:a2:48:97:
62:f2:37:b4:d6:9c:a5:fe:cd:c2:bb:1f:b5:d3:35:
2e:79:54:ec:41:49:b9:43:a2:42:26:57:8e:4b:60:
8f:81:95:f3:83:32:61:90:2a:9e:aa:9a:a0:cf:16:
85:2f:b8:1f:c7:68:ce:95:b4:8a:e7:4b:43:b9:6c:
3e:cb:c5:57:4e:d6:37:c3:a7:d5:aa:ec:04:c6:68:
b7:be:ea:b7:e2:06:e0:c3:96:6a:d4:97:27:23:be:
d2:42:5a:4e:25:05:96:74:f7:74:3b:60:c9:0e:b4:
af:d2:22:27:be:87:dd:0e:6c:82:5c:c1:e7:05:9f:
05:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F8:68:FE:02:FE:01:05:27:4A:54:E9:D6:8E:04:E7:88:11:64:BF
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:8b:b2:54:f2:e4:b3:43:b5:d0:44:3b:2c:37:3e:a4:d5:d2:
b3:74:58:2b:b7:49:48:fe:a0:a5:72:3e:e0:1b:37:f8:b6:06:
4e:d0:23:2f:f6:94:99:8b:51:83:7a:e1:e2:59:c0:c0:54:77:
d8:29:c1:c8:28:3d:a8:87:37:eb:ed:af:f9:ff:83:83:00:f8:
57:b9:6a:a8:0d:33:b7:d5:eb:da:7b:75:4e:a4:5c:8a:6d:b3:
73:10:5f:61:5d:3b:1e:79:5f:15:ea:8b:4a:29:79:e1:c8:c4:
61:6d:33:cb:f6:bb:92:01:c9:30:77:76:b9:f1:2c:ed:70:70:
f4:a0:e1:04:e1:ce:6f:58:b5:b4:44:81:a8:19:7c:c4:38:c6:
0c:9c:d5:38:5c:1e:a3:fd:33:56:5a:5e:59:2c:5d:56:bf:0c:
1f:de:2e:68:16:c5:d8:7a:3f:6e:39:d2:33:84:78:8e:8d:76:
f1:e1:e8:cd:61:c0:28:4f:89:37:28:56:90:2c:5f:e7:24:5c:
64:00:3a:ae:a9:5e:9a:b1:a0:75:e3:7c:1d:7d:a9:91:59:50:
0a:20:68:79:17:d1:96:78:1e:95:9b:d5:77:51:d6:c0:96:2a:
fd:70:a9:ff:3d:eb:4f:79:f0:30:23:13:e1:fa:ad:52:ea:5d:
08:d2:00:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ86e9CvSa+uDqs76PyHtnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjUwNDI4MTUwMDI4WhcNMjUwNDI5MTUwMDI4WjAzMTEwLwYDVQQD
EygxZWY4NjhmZTAyZmUwMTA1Mjc0YTU0ZTlkNjhlMDRlNzg4MTE2NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4SVnRxz10h24z8S4LbEPnVhXBjr
KNlC7bYcvYVEAPLZ3etOZYX2eegu/uDdjyAbwpHxE7mMkz8hDr17f/PG7Z3lICCK
6SUwkioGIG8sYgBiBgH0J1jM/PlIYFBILIRj1WF8zj6bjJnECceK23Iz/bO/hxrE
CdrO4w10MApeHlSS+AyiSJdi8je01pyl/s3Cux+10zUueVTsQUm5Q6JCJleOS2CP
gZXzgzJhkCqeqpqgzxaFL7gfx2jOlbSK50tDuWw+y8VXTtY3w6fVquwExmi3vuq3
4gbgw5Zq1JcnI77SQlpOJQWWdPd0O2DJDrSv0iInvofdDmyCXMHnBZ8FuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB74aP4C/gEFJ0pU6daOBOeIEWS/MB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs4uyVPLk
s0O10EQ7LDc+pNXSs3RYK7dJSP6gpXI+4Bs3+LYGTtAjL/aUmYtRg3rh4lnAwFR3
2CnByCg9qIc36+2v+f+DgwD4V7lqqA0zt9Xr2nt1TqRcim2zcxBfYV07HnlfFeqL
Sil54cjEYW0zy/a7kgHJMHd2ufEs7XBw9KDhBOHOb1i1tESBqBl8xDjGDJzVOFwe
o/0zVlpeWSxdVr8MH94uaBbF2Ho/bjnSM4R4jo128eHozWHAKE+JNyhWkCxf5yRc
ZAA6rqlemrGgdeN8HX2pkVlQCiBoeRfRlngelZvVd1HWwJYq/XCp/z3rT3nwMCMT
4fqtUupdCNIAQg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:29:17 2025 by rpki-client