Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
File: hGzXvBkUIFasr5VzyqGvjehxgVY.mft (raw, json)
Hash identifier: +tc/a7fINAC5x9dZb+CU8UlodCEGHEk7j82fU9POr50=
Subject key identifier: 37:FC:BC:8D:04:E4:30:44:79:48:92:8B:AF:16:8E:30:A0:71:FA:17
Authority key identifier: 84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
Certificate issuer: /CN=846cd7bc19142056acaf9573caa1af8de8718156
Certificate serial: 019686241E88B9B514E8123BB1B2B8249CE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
Manifest number: 63
Signing time: Wed 30 Apr 2025 10:00:35 +0000
Manifest this update: Wed 30 Apr 2025 10:00:35 +0000
Manifest next update: Thu 01 May 2025 10:00:35 +0000
Files and hashes: 1: O5dJ1P8qPLvqN1TFZCJv-BCHVwE.roa (hash: 3xRQqmBaiPMEC6+BvwWE12p1a9per8d/4WLoxHZdLwY=)
2: hGzXvBkUIFasr5VzyqGvjehxgVY.crl (hash: Ey9t/Iq8z2SHCAlCM0bw3MswfKvTYc1fSP/V2of8BtQ=)
3: hs1Ttmuuy8oKm2rJqVYgyDXaPIw.roa (hash: Byo6rO4TnKOVrKw6LlKH8flPLRHULJLiFuZMsf82Wv4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 10:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:24:1e:88:b9:b5:14:e8:12:3b:b1:b2:b8:24:9c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846cd7bc19142056acaf9573caa1af8de8718156
Validity
Not Before: Apr 30 10:00:35 2025 GMT
Not After : May 1 10:00:35 2025 GMT
Subject: CN=37fcbc8d04e430447948928baf168e30a071fa17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7d:5f:1b:f2:88:7e:9d:c7:8c:ad:e8:81:57:
38:f3:e8:95:64:16:1a:b9:74:b6:7f:d4:bc:ab:ba:
58:8e:4c:ee:ed:e5:f9:c1:8e:1e:a0:c4:53:01:02:
e2:c6:3c:1f:f3:e3:2c:ff:6a:8b:3d:ce:31:95:a1:
4a:7e:eb:05:d1:30:51:68:28:eb:48:1f:69:0c:7c:
85:45:16:1e:5f:04:52:38:68:e5:5c:94:d5:b1:dd:
c5:78:07:20:d2:c0:cc:7d:0f:ee:0c:eb:85:bd:95:
d2:6b:d0:d9:c8:7c:33:12:6f:21:c6:8f:d2:31:cb:
d8:7a:78:cc:82:3c:1b:70:67:9d:33:92:7c:41:f0:
54:2c:56:dd:35:7a:f0:16:24:a1:71:46:65:16:ce:
6b:65:f4:5d:58:c4:5c:dd:1c:e3:76:f4:ea:f2:d3:
cb:3f:37:ff:0d:a5:5f:f8:4e:57:f9:82:be:d4:c7:
81:54:86:2c:5b:e0:b1:23:fd:7d:a4:ae:6c:6c:94:
f0:65:a7:e1:7d:c2:89:7b:75:b8:bf:0c:8c:ff:92:
aa:95:94:30:01:be:e7:c1:f1:57:44:b0:39:9d:b2:
4d:d6:d3:a0:b2:a2:cb:70:e4:c2:b8:60:56:bc:01:
4e:da:cc:04:16:5d:9a:8e:d2:a2:b5:d5:b0:6e:bb:
ac:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FC:BC:8D:04:E4:30:44:79:48:92:8B:AF:16:8E:30:A0:71:FA:17
X509v3 Authority Key Identifier:
keyid:84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:29:87:88:04:31:f0:62:e9:69:1b:e6:29:d5:28:37:c5:ad:
77:a4:03:79:33:20:f1:35:68:83:ae:8a:26:0b:d6:31:46:50:
01:cd:df:a0:1e:af:f2:6a:ea:49:31:d7:1d:55:34:25:90:ea:
8c:45:75:55:27:a6:5f:b5:7b:be:5b:df:9d:91:e0:df:10:56:
29:bf:f8:13:d9:94:11:20:cd:4c:20:d9:7e:47:50:01:1b:12:
0c:01:a9:40:38:a8:9c:36:46:88:62:61:80:21:1b:6e:9b:cc:
07:7a:b9:f5:c7:43:f0:51:b8:f4:51:a8:f3:cf:d8:78:47:9b:
b6:7e:c8:d1:bb:e6:3c:c7:90:41:8a:bf:be:d5:41:56:e8:52:
76:6c:a0:77:b6:53:b3:a3:b9:ff:c2:f3:f4:2c:f0:82:95:56:
cb:5d:39:8a:cb:13:4a:c5:d1:53:36:b9:01:09:5f:8f:d1:8f:
c6:c8:01:f8:0f:ef:2d:8e:75:e3:09:49:41:50:6c:5f:70:4f:
1d:f5:0f:66:ce:6d:0f:df:64:f2:7d:3e:b4:27:30:03:94:00:
b0:99:99:51:72:f4:72:23:88:70:9f:d3:be:83:76:3f:49:ca:
e0:59:e9:9c:42:89:22:f0:1d:e4:67:f1:e0:ad:33:9d:f5:ae:
c4:93:e5:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGJB6IubUU6BI7sbK4JJzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNkN2JjMTkxNDIwNTZhY2FmOTU3M2NhYTFhZjhkZTg3
MTgxNTYwHhcNMjUwNDMwMTAwMDM1WhcNMjUwNTAxMTAwMDM1WjAzMTEwLwYDVQQD
EygzN2ZjYmM4ZDA0ZTQzMDQ0Nzk0ODkyOGJhZjE2OGUzMGEwNzFmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X1fG/KIfp3HjK3ogVc48+iVZBYa
uXS2f9S8q7pYjkzu7eX5wY4eoMRTAQLixjwf8+Ms/2qLPc4xlaFKfusF0TBRaCjr
SB9pDHyFRRYeXwRSOGjlXJTVsd3FeAcg0sDMfQ/uDOuFvZXSa9DZyHwzEm8hxo/S
McvYenjMgjwbcGedM5J8QfBULFbdNXrwFiShcUZlFs5rZfRdWMRc3RzjdvTq8tPL
Pzf/DaVf+E5X+YK+1MeBVIYsW+CxI/19pK5sbJTwZafhfcKJe3W4vwyM/5KqlZQw
Ab7nwfFXRLA5nbJN1tOgsqLLcOTCuGBWvAFO2swEFl2ajtKitdWwbrus3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDf8vI0E5DBEeUiSi68WjjCgcfoXMB8GA1UdIwQY
MBaAFIRs17wZFCBWrK+Vc8qhr43ocYFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMt
ZDE5NTlmM2UyZjc2LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMtZDE5NTlmM2UyZjc2
LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEimHiAQx
8GLpaRvmKdUoN8Wtd6QDeTMg8TVog66KJgvWMUZQAc3foB6v8mrqSTHXHVU0JZDq
jEV1VSemX7V7vlvfnZHg3xBWKb/4E9mUESDNTCDZfkdQARsSDAGpQDionDZGiGJh
gCEbbpvMB3q59cdD8FG49FGo88/YeEebtn7I0bvmPMeQQYq/vtVBVuhSdmygd7ZT
s6O5/8Lz9CzwgpVWy105issTSsXRUza5AQlfj9GPxsgB+A/vLY514wlJQVBsX3BP
HfUPZs5tD99k8n0+tCcwA5QAsJmZUXL0ciOIcJ/TvoN2P0nK4FnpnEKJIvAd5Gfx
4K0znfWuxJPl2A==
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:45:48 2025 by rpki-client