Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
File: HQ2zVo5FXz2isidKnVJcrAkxx9U.mft (raw, json)
Hash identifier: liJ/EB5t7eXQj9r1w6BcjQn0zqk2sdfIT/YIk8XP/Lc=
Subject key identifier: 33:CD:BC:04:56:22:CD:35:C5:E3:A3:A6:06:DA:6E:E9:14:E7:E6:71
Authority key identifier: 1D:0D:B3:56:8E:45:5F:3D:A2:B2:27:4A:9D:52:5C:AC:09:31:C7:D5
Certificate issuer: /CN=1d0db3568e455f3da2b2274a9d525cac0931c7d5
Certificate serial: 01967ED8B705B05D7CE8C0D5542E4786D32B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
Manifest number: 034E
Signing time: Tue 29 Apr 2025 00:00:53 +0000
Manifest this update: Tue 29 Apr 2025 00:00:53 +0000
Manifest next update: Wed 30 Apr 2025 00:00:53 +0000
Files and hashes: 1: HQ2zVo5FXz2isidKnVJcrAkxx9U.crl (hash: ZRGbODnz5GxvT9vt/Kz1C945+uFep/sM9/qm3NPCdtI=)
2: yht62Ehavo3uZINByDHEHOjVZVw.roa (hash: mqAvN4VPlszrLeatuKNPPUoNf7NdmTA8jofCmdZ20jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:d8:b7:05:b0:5d:7c:e8:c0:d5:54:2e:47:86:d3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0db3568e455f3da2b2274a9d525cac0931c7d5
Validity
Not Before: Apr 29 00:00:53 2025 GMT
Not After : Apr 30 00:00:53 2025 GMT
Subject: CN=33cdbc045622cd35c5e3a3a606da6ee914e7e671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b5:29:b1:e4:32:0f:11:e8:16:19:a9:73:5d:
4c:12:da:76:cb:65:b4:69:c2:39:99:2e:ae:10:21:
d9:93:84:7a:2f:7b:8d:fa:23:0b:ee:ed:3b:23:e4:
ab:b3:fe:08:9a:5e:59:8f:6f:a3:1c:98:7c:1a:3c:
00:75:45:05:1d:35:d7:45:81:3e:12:65:72:7b:cc:
cd:88:df:f2:49:4e:9d:12:24:cf:53:5b:8c:95:63:
b2:1c:17:6e:99:b9:8a:96:63:84:50:52:45:d3:bb:
3c:28:0b:b8:42:74:3a:df:19:a6:08:27:10:8f:f1:
c3:b3:7f:93:90:cc:a6:25:19:8a:5a:70:9c:03:2e:
71:5f:03:e4:2d:d2:ac:04:9b:51:12:48:77:a4:b3:
d6:9d:ce:38:e6:fa:92:5d:5b:30:30:db:5b:40:70:
ae:6c:9c:b0:18:e6:61:14:56:cb:89:bb:d5:c8:c7:
36:b9:b1:14:b1:70:de:8a:10:63:c0:3f:cd:23:f4:
07:9d:ad:24:16:a7:9c:be:bc:1f:b8:b5:35:9e:07:
7a:6c:f9:29:3b:9e:c2:6e:43:f7:95:e5:81:5a:a3:
ac:30:92:ab:b8:6b:ea:73:fa:6b:c2:fc:30:51:a6:
a8:49:b0:0d:f1:33:ca:c0:66:97:6e:d1:43:8d:d7:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CD:BC:04:56:22:CD:35:C5:E3:A3:A6:06:DA:6E:E9:14:E7:E6:71
X509v3 Authority Key Identifier:
keyid:1D:0D:B3:56:8E:45:5F:3D:A2:B2:27:4A:9D:52:5C:AC:09:31:C7:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQ2zVo5FXz2isidKnVJcrAkxx9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bcf09a-7c8e-4e20-8450-e088aa0aa8dd/1/HQ2zVo5FXz2isidKnVJcrAkxx9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:5f:d5:48:a0:70:83:23:2d:95:25:d6:18:89:b2:e7:37:fc:
6f:77:9b:02:cc:0e:d3:ac:bc:21:a1:a5:e3:88:0b:91:42:86:
80:68:6f:ff:b8:31:cb:48:6f:1c:e1:c6:2f:2d:70:32:2a:a7:
66:12:8a:67:1a:d3:30:a1:61:78:3a:07:88:ea:50:bb:9c:75:
74:25:61:9b:0b:6b:4d:51:bd:78:6e:06:86:42:7f:7e:77:0f:
c7:34:38:5e:27:b3:20:49:f8:e0:9c:8a:e2:cc:1f:0d:e5:70:
3e:4c:20:a6:df:ac:7d:e1:06:b2:5c:8d:c6:05:ba:5d:b4:2f:
c8:6d:1c:da:e9:54:54:41:ad:d9:96:a8:f9:31:79:63:48:07:
a8:8f:8f:f6:8a:82:f6:e5:70:a3:ad:28:ae:64:80:94:28:a3:
e2:d7:85:7f:db:77:3f:79:e2:44:c9:9d:79:c1:35:de:10:f7:
c5:37:66:e4:9f:67:f6:30:49:bc:ff:04:89:88:62:2c:6f:69:
6e:31:47:80:7d:1e:a3:70:a9:9d:fc:c8:6a:5d:e5:9d:5d:00:
ab:47:98:3e:27:f6:61:58:da:52:28:c5:10:73:b9:74:b8:b8:
87:73:cb:0b:55:e8:56:b5:49:6a:d4:8d:8c:d6:e1:f1:8f:3b:
1d:6c:3e:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+2LcFsF186MDVVC5HhtMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGRiMzU2OGU0NTVmM2RhMmIyMjc0YTlkNTI1Y2FjMDkz
MWM3ZDUwHhcNMjUwNDI5MDAwMDUzWhcNMjUwNDMwMDAwMDUzWjAzMTEwLwYDVQQD
EygzM2NkYmMwNDU2MjJjZDM1YzVlM2EzYTYwNmRhNmVlOTE0ZTdlNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrUpseQyDxHoFhmpc11MEtp2y2W0
acI5mS6uECHZk4R6L3uN+iML7u07I+Srs/4Iml5Zj2+jHJh8GjwAdUUFHTXXRYE+
EmVye8zNiN/ySU6dEiTPU1uMlWOyHBdumbmKlmOEUFJF07s8KAu4QnQ63xmmCCcQ
j/HDs3+TkMymJRmKWnCcAy5xXwPkLdKsBJtREkh3pLPWnc445vqSXVswMNtbQHCu
bJywGOZhFFbLibvVyMc2ubEUsXDeihBjwD/NI/QHna0kFqecvrwfuLU1ngd6bPkp
O57CbkP3leWBWqOsMJKruGvqc/prwvwwUaaoSbAN8TPKwGaXbtFDjddbUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPNvARWIs01xeOjpgbabukU5+ZxMB8GA1UdIwQY
MBaAFB0Ns1aORV89orInSp1SXKwJMcfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iY2YwOWEtN2M4ZS00ZTIwLTg0NTAt
ZTA4OGFhMGFhOGRkLzEvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iY2YwOWEtN2M4ZS00ZTIwLTg0NTAtZTA4OGFhMGFhOGRk
LzEvSFEyelZvNUZYejJpc2lkS25WSmNyQWt4eDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1/VSKBw
gyMtlSXWGImy5zf8b3ebAswO06y8IaGl44gLkUKGgGhv/7gxy0hvHOHGLy1wMiqn
ZhKKZxrTMKFheDoHiOpQu5x1dCVhmwtrTVG9eG4GhkJ/fncPxzQ4XiezIEn44JyK
4swfDeVwPkwgpt+sfeEGslyNxgW6XbQvyG0c2ulUVEGt2Zao+TF5Y0gHqI+P9oqC
9uVwo60ormSAlCij4teFf9t3P3niRMmdecE13hD3xTdm5J9n9jBJvP8EiYhiLG9p
bjFHgH0eo3CpnfzIal3lnV0Aq0eYPif2YVjaUijFEHO5dLi4h3PLC1XoVrVJatSN
jNbh8Y87HWw+FA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:45:03 2025 by rpki-client