Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: j6pNZp+Ju0NN0coCRMkVcTbyIX6efWnq9oghiyOUpsg=
Subject key identifier: BF:95:3E:66:EA:CF:AF:32:B7:F0:34:57:AA:C8:69:AB:D8:93:20:5B
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 01968849DDF4DE577C9C9C7B057694638857
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 09BD
Signing time: Wed 30 Apr 2025 20:01:04 +0000
Manifest this update: Wed 30 Apr 2025 20:01:04 +0000
Manifest next update: Thu 01 May 2025 20:01:04 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: 5RQW8Eg6FiS1F9OVqG1qPXb+eGzFrTIN5eUOfjmBpbI=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 20:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:49:dd:f4:de:57:7c:9c:9c:7b:05:76:94:63:88:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Apr 30 20:01:04 2025 GMT
Not After : May 1 20:01:04 2025 GMT
Subject: CN=bf953e66eacfaf32b7f03457aac869abd893205b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:47:c8:2d:15:33:16:d2:9d:7c:1f:53:e5:
cc:d1:f4:28:b9:25:68:05:78:e7:66:17:ce:d3:52:
8c:cf:96:2c:e6:2d:92:e1:60:9e:29:51:e8:c7:49:
79:a7:94:78:3a:e5:7d:ad:37:91:cc:16:b0:a8:6f:
d9:fa:41:3e:bc:5b:e0:ad:fb:1b:3e:a4:da:f2:09:
6d:5c:90:b8:b8:6e:4f:3b:f9:99:76:8c:95:04:26:
2a:dc:45:6c:9c:fc:a2:02:65:f3:b4:c3:89:39:fb:
69:82:e1:8a:35:f2:0f:c8:76:d0:10:f7:48:57:ce:
42:ec:4e:99:ad:bb:96:e6:fc:45:88:94:11:11:0e:
35:8b:ca:6c:75:b3:c2:46:53:18:f8:48:9e:a5:fc:
85:1b:33:42:ed:a8:fd:94:80:bd:e2:07:d6:c1:05:
80:d0:15:77:fd:42:73:40:d7:9e:b8:52:2c:e2:6e:
04:c4:bd:d1:32:ce:55:10:e8:61:23:b3:36:b9:5b:
11:ae:f2:90:fc:e4:67:57:06:30:4e:8e:38:d2:56:
5d:61:6e:46:d5:66:11:74:48:b3:3e:83:fb:c7:7a:
41:4e:f2:c9:0e:5c:6e:26:fe:8e:68:f2:ca:a0:c9:
4b:6d:d3:04:e2:2a:3a:68:d5:13:78:3a:65:5b:62:
f5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:95:3E:66:EA:CF:AF:32:B7:F0:34:57:AA:C8:69:AB:D8:93:20:5B
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:14:0e:06:0a:25:a8:a2:2a:4d:63:80:3f:f3:9a:0a:5a:bb:
6a:b8:b4:48:95:9c:4b:27:9b:e5:ce:ce:35:ca:8b:cc:04:61:
dd:a1:ee:68:e2:0b:2a:7b:fc:fd:02:41:a4:c8:a6:73:56:31:
20:93:79:88:f0:1c:51:0a:06:0a:d3:bb:d3:1f:f4:3c:19:76:
89:99:b8:c3:37:0e:67:40:18:7c:0f:77:22:f7:1e:0b:e6:9f:
51:9e:c3:f6:1d:86:1d:a3:57:45:a2:e1:49:23:fd:8b:61:bc:
9b:10:72:53:09:7b:1f:7e:34:96:85:6c:89:5d:23:ed:d4:33:
ff:3a:bc:ed:87:74:4b:f1:00:ac:f3:0e:2b:6f:5b:63:37:f1:
a5:4d:a3:5b:11:04:e0:c0:b2:56:29:83:e2:1b:ca:04:f2:e1:
7a:03:d2:ca:2b:68:d7:a7:1f:b2:99:44:97:16:e4:a0:09:7c:
b2:7e:9e:39:be:44:27:12:4c:51:57:5f:d4:cf:ac:eb:3a:5f:
a1:65:a3:87:b4:fc:7c:8b:18:49:6b:a0:98:7c:1c:80:61:1d:
9a:f9:6e:99:4e:c2:43:e0:c3:f9:d9:e8:4b:93:2b:64:3f:e1:
f3:8a:28:32:13:37:87:96:61:fd:68:f1:45:9f:9f:cd:1a:d0:
37:ed:56:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaISd303ld8nJx7BXaUY4hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwNDMwMjAwMTA0WhcNMjUwNTAxMjAwMTA0WjAzMTEwLwYDVQQD
EyhiZjk1M2U2NmVhY2ZhZjMyYjdmMDM0NTdhYWM4NjlhYmQ4OTMyMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqRHyC0VMxbSnXwfU+XM0fQouSVo
BXjnZhfO01KMz5Ys5i2S4WCeKVHox0l5p5R4OuV9rTeRzBawqG/Z+kE+vFvgrfsb
PqTa8gltXJC4uG5PO/mZdoyVBCYq3EVsnPyiAmXztMOJOftpguGKNfIPyHbQEPdI
V85C7E6ZrbuW5vxFiJQREQ41i8psdbPCRlMY+EiepfyFGzNC7aj9lIC94gfWwQWA
0BV3/UJzQNeeuFIs4m4ExL3RMs5VEOhhI7M2uVsRrvKQ/ORnVwYwTo440lZdYW5G
1WYRdEizPoP7x3pBTvLJDlxuJv6OaPLKoMlLbdME4io6aNUTeDplW2L1CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+VPmbqz68yt/A0V6rIaavYkyBbMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchQOBgol
qKIqTWOAP/OaClq7ari0SJWcSyeb5c7ONcqLzARh3aHuaOILKnv8/QJBpMimc1Yx
IJN5iPAcUQoGCtO70x/0PBl2iZm4wzcOZ0AYfA93IvceC+afUZ7D9h2GHaNXRaLh
SSP9i2G8mxByUwl7H340loVsiV0j7dQz/zq87Yd0S/EArPMOK29bYzfxpU2jWxEE
4MCyVimD4hvKBPLhegPSyito16cfsplElxbkoAl8sn6eOb5EJxJMUVdf1M+s6zpf
oWWjh7T8fIsYSWugmHwcgGEdmvlumU7CQ+DD+dnoS5MrZD/h84ooMhM3h5Zh/Wjx
RZ+fzRrQN+1WgQ==
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:03 2025 by rpki-client