Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File: h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier: 2QfJsR2I20WuDSF9zzGvKaO6C9TuZXWByVgXryN9i+E=
Subject key identifier: 68:2B:BF:1C:0B:07:74:93:79:C0:81:0E:05:6E:D8:D9:51:FE:B2:8F
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial: 0196760D17DCBC12715DE637AA4E2158AE64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number: 0FF1
Signing time: Sun 27 Apr 2025 07:01:31 +0000
Manifest this update: Sun 27 Apr 2025 07:01:31 +0000
Manifest next update: Mon 28 Apr 2025 07:01:31 +0000
Files and hashes: 1: b2XsYiMu1xHQndcNQ0ucXkzeN7E.roa (hash: uYxfaCmhcw362gqaEMF6PdCZbjIYOfXpyFCpshaBqpM=)
2: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: YFlYJJwHjiH8C7/ZZHMi0vO/1mopP8IZXFdaRUlsxxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0d:17:dc:bc:12:71:5d:e6:37:aa:4e:21:58:ae:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Validity
Not Before: Apr 27 07:01:31 2025 GMT
Not After : Apr 28 07:01:31 2025 GMT
Subject: CN=682bbf1c0b07749379c0810e056ed8d951feb28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:ee:ad:62:53:c8:c0:a9:86:c2:02:ed:da:
cc:7b:19:56:23:3b:0d:5f:e3:37:c6:3b:29:72:70:
68:bb:6a:87:57:43:77:1f:01:b3:2c:92:7c:9e:7d:
9b:79:03:66:b4:d2:73:98:95:ee:3b:68:2b:f1:5c:
77:56:56:e2:42:06:76:5b:70:f1:06:02:bb:80:63:
d9:96:27:f8:60:b1:40:a9:59:3e:46:09:d2:6e:55:
88:93:f7:8e:d9:1b:01:4f:00:18:f6:16:f7:f5:99:
27:93:5d:08:31:8a:71:4b:91:d3:04:e2:ee:ad:01:
6e:9f:0a:38:65:dd:e4:31:33:fa:99:07:bb:01:f1:
2f:24:5d:d3:10:1e:98:43:88:c4:b8:41:ba:92:2d:
63:8c:e7:1b:e5:8d:01:b4:fe:a0:07:5c:22:d7:23:
af:70:7b:53:3a:ff:4a:bf:46:19:10:55:ab:8d:00:
f9:82:40:29:b5:83:e8:ed:13:69:2a:04:cc:9d:74:
a5:07:a8:3e:42:fb:d2:e8:77:37:6b:d6:71:a0:21:
b4:7d:c9:88:a2:31:9d:fe:cf:0c:b3:44:56:59:43:
c3:36:cd:fc:4e:1b:c8:75:5b:4c:7a:d0:82:c8:80:
af:ac:bd:8a:cb:ba:3b:54:e3:60:9c:e1:a2:66:3e:
b6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2B:BF:1C:0B:07:74:93:79:C0:81:0E:05:6E:D8:D9:51:FE:B2:8F
X509v3 Authority Key Identifier:
keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:66:d9:ec:82:cf:5a:cd:95:b8:18:4f:79:9b:53:24:b6:ee:
37:e0:d1:0c:f0:70:c2:c0:dd:ab:6b:0b:b2:9e:ff:71:87:e8:
c1:c3:73:8f:1e:eb:f4:a2:a4:1b:56:67:26:3f:22:d3:79:7e:
da:99:26:1f:94:4e:9c:c7:c1:20:8b:68:70:b6:72:56:93:45:
3b:7e:6f:d2:f5:9b:9f:27:da:8b:8e:aa:e4:e9:5f:e4:1a:61:
9f:14:c3:71:2d:eb:5f:7d:82:c3:f8:2e:25:ab:82:2f:d6:de:
8f:0f:9d:bf:53:60:07:93:e8:1a:8e:04:47:ea:54:69:f9:0b:
36:96:a4:bf:e6:50:35:91:9e:d1:7b:da:2f:8d:5e:72:cb:ab:
85:cb:72:20:3b:bf:e0:60:66:a8:24:ec:bc:6f:90:60:d0:56:
c8:c6:36:8e:f2:ad:ba:c7:58:e3:be:d2:09:d2:0a:8a:bd:96:
5c:ce:93:06:82:00:21:97:ea:1a:a6:ec:68:41:f3:29:81:16:
94:a2:e4:5e:b0:68:6d:8a:ab:16:9c:06:c0:39:63:0f:bc:d9:
be:2a:4f:55:7d:ce:85:5a:89:9b:15:2e:6c:03:0e:1d:bd:60:
35:f5:f9:e5:44:27:d3:ab:11:6f:9a:c9:4c:e0:27:a6:36:af:
34:d0:bb:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DRfcvBJxXeY3qk4hWK5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUwNDI3MDcwMTMxWhcNMjUwNDI4MDcwMTMxWjAzMTEwLwYDVQQD
Eyg2ODJiYmYxYzBiMDc3NDkzNzljMDgxMGUwNTZlZDhkOTUxZmViMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraDurWJTyMCphsIC7drMexlWIzsN
X+M3xjspcnBou2qHV0N3HwGzLJJ8nn2beQNmtNJzmJXuO2gr8Vx3VlbiQgZ2W3Dx
BgK7gGPZlif4YLFAqVk+RgnSblWIk/eO2RsBTwAY9hb39Zknk10IMYpxS5HTBOLu
rQFunwo4Zd3kMTP6mQe7AfEvJF3TEB6YQ4jEuEG6ki1jjOcb5Y0BtP6gB1wi1yOv
cHtTOv9Kv0YZEFWrjQD5gkAptYPo7RNpKgTMnXSlB6g+QvvS6Hc3a9ZxoCG0fcmI
ojGd/s8Ms0RWWUPDNs38ThvIdVtMetCCyICvrL2Ky7o7VONgnOGiZj62FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgrvxwLB3STecCBDgVu2NlR/rKPMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2bZ7ILP
Ws2VuBhPeZtTJLbuN+DRDPBwwsDdq2sLsp7/cYfowcNzjx7r9KKkG1ZnJj8i03l+
2pkmH5ROnMfBIItocLZyVpNFO35v0vWbnyfai46q5Olf5BphnxTDcS3rX32Cw/gu
JauCL9bejw+dv1NgB5PoGo4ER+pUafkLNpakv+ZQNZGe0XvaL41ecsurhctyIDu/
4GBmqCTsvG+QYNBWyMY2jvKtusdY477SCdIKir2WXM6TBoIAIZfqGqbsaEHzKYEW
lKLkXrBobYqrFpwGwDljD7zZvipPVX3OhVqJmxUubAMOHb1gNfX55UQn06sRb5rJ
TOAnpjavNNC7Rw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:15:26 2025 by rpki-client