Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft
File: hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft (raw, json)
Hash identifier: iNUiVdSa7AQg1Eodd9jQrawuKHiAabCsIzFWJHRWE5g=
Subject key identifier: 79:0D:8D:A0:26:BE:D9:BD:3F:E7:59:8F:A1:A8:E5:CD:64:1D:B1:08
Authority key identifier: 85:2B:C1:45:C5:B2:23:94:D6:FE:AE:99:6B:C0:BB:25:25:48:01:C6
Certificate issuer: /CN=852bc145c5b22394d6feae996bc0bb25254801c6
Certificate serial: 01967BD718399F0D19AB553D2F175A70D6D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft
Manifest number: 0221
Signing time: Mon 28 Apr 2025 10:00:16 +0000
Manifest this update: Mon 28 Apr 2025 10:00:16 +0000
Manifest next update: Tue 29 Apr 2025 10:00:16 +0000
Files and hashes: 1: UUl9tjMfoZ7A5klfeBDKB274xTs.roa (hash: SBvHQQieYmwuldne0ESh4KLqZuA1XSHveZCrpCqrHvQ=)
2: hSvBRcWyI5TW_q6Za8C7JSVIAcY.crl (hash: PlZZmpOPAQjdE+YptF7h9il7mAsygfzPa7146MlIgxg=)
3: k3kU5aAomwikuRNdsT68Tqjcik4.roa (hash: wCPtZXM9gkCUtgXFEirTaWeSRaiZvXJy0sUEtKPb0ls=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:d7:18:39:9f:0d:19:ab:55:3d:2f:17:5a:70:d6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852bc145c5b22394d6feae996bc0bb25254801c6
Validity
Not Before: Apr 28 10:00:16 2025 GMT
Not After : Apr 29 10:00:16 2025 GMT
Subject: CN=790d8da026bed9bd3fe7598fa1a8e5cd641db108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f3:b1:31:51:4d:cf:b0:3a:65:9f:19:dd:63:
d8:91:73:f2:27:aa:d4:dd:cd:4c:79:a6:3f:56:75:
77:35:31:0f:47:36:be:c7:73:45:10:4d:ca:61:d3:
ad:30:97:6b:3a:3d:ce:6e:c1:78:73:fc:a3:1e:70:
10:a4:c2:a2:19:65:a0:af:2a:e6:b2:31:d6:39:04:
c3:07:f5:5b:ad:b3:29:ad:ed:3b:89:7f:8a:7e:06:
2a:47:ef:e2:33:ca:9b:6d:c6:92:ac:db:da:d8:55:
2a:6c:c6:e9:9b:58:66:1f:61:8e:f8:67:95:af:46:
95:5e:f7:63:0a:ac:71:72:5a:fb:05:86:8d:ee:06:
a5:4e:5b:3e:85:18:a3:87:b1:35:cf:65:30:e3:e0:
e2:59:91:41:b5:4d:12:ed:38:1c:88:da:49:c9:60:
71:b1:7e:4b:88:42:6d:c2:dd:e3:a2:33:70:99:d2:
00:0a:e3:70:89:77:42:25:38:01:55:d5:c6:2c:a0:
99:97:ab:8d:47:b9:75:15:88:4f:64:66:ec:ae:16:
fc:0e:72:6a:fd:4e:23:64:db:e9:b0:7b:f2:e4:f5:
57:2e:97:04:30:fe:c3:7c:de:e0:26:49:14:47:66:
0b:19:96:bc:72:26:76:27:7a:a4:10:b4:99:ca:53:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0D:8D:A0:26:BE:D9:BD:3F:E7:59:8F:A1:A8:E5:CD:64:1D:B1:08
X509v3 Authority Key Identifier:
keyid:85:2B:C1:45:C5:B2:23:94:D6:FE:AE:99:6B:C0:BB:25:25:48:01:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:2e:b7:5b:43:b6:1f:36:5d:5d:c9:71:33:e1:40:2e:7e:0d:
e6:bf:3c:e7:b3:eb:8c:f0:12:03:41:47:11:f3:c5:87:01:c6:
69:58:29:f2:f8:d7:e5:a8:16:83:93:0f:35:65:e3:c9:61:ef:
4d:a2:bf:ac:7c:79:c1:ed:3d:99:38:d2:16:2a:44:02:5e:d0:
69:88:9a:e2:94:22:12:fa:16:5a:23:82:85:b3:f9:af:02:cc:
fe:30:78:2b:54:21:b6:21:f7:4d:9b:5e:f8:1e:51:b7:f9:38:
89:fb:53:b0:87:cb:8e:21:4f:6a:77:4f:80:ba:e5:5f:a8:f9:
90:53:4e:ac:76:0e:02:64:a6:0e:cc:ae:71:ec:e1:b1:04:b4:
df:fb:65:4d:3b:7b:11:b1:7e:21:74:df:3c:a6:a3:3e:9a:af:
57:98:37:99:6c:d3:98:44:eb:b8:2d:a3:e8:20:9d:e3:d9:a4:
96:56:23:c8:93:ed:7e:1d:43:e5:8b:14:da:18:a5:7f:3e:38:
86:05:b3:45:97:31:22:41:b1:9c:04:c9:74:05:e4:0a:30:f1:
08:fb:d8:e2:4a:d0:2c:07:f8:8f:6e:b2:af:f1:8e:c1:4f:0d:
73:bb:9f:fd:c6:03:5e:0f:3e:7a:1e:73:5c:c4:e7:55:1b:c7:
71:59:f8:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ71xg5nw0Zq1U9LxdacNbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmJjMTQ1YzViMjIzOTRkNmZlYWU5OTZiYzBiYjI1MjU0
ODAxYzYwHhcNMjUwNDI4MTAwMDE2WhcNMjUwNDI5MTAwMDE2WjAzMTEwLwYDVQQD
Eyg3OTBkOGRhMDI2YmVkOWJkM2ZlNzU5OGZhMWE4ZTVjZDY0MWRiMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvOxMVFNz7A6ZZ8Z3WPYkXPyJ6rU
3c1MeaY/VnV3NTEPRza+x3NFEE3KYdOtMJdrOj3ObsF4c/yjHnAQpMKiGWWgryrm
sjHWOQTDB/VbrbMpre07iX+KfgYqR+/iM8qbbcaSrNva2FUqbMbpm1hmH2GO+GeV
r0aVXvdjCqxxclr7BYaN7galTls+hRijh7E1z2Uw4+DiWZFBtU0S7TgciNpJyWBx
sX5LiEJtwt3jojNwmdIACuNwiXdCJTgBVdXGLKCZl6uNR7l1FYhPZGbsrhb8DnJq
/U4jZNvpsHvy5PVXLpcEMP7DfN7gJkkUR2YLGZa8ciZ2J3qkELSZylNqYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkNjaAmvtm9P+dZj6Go5c1kHbEIMB8GA1UdIwQY
MBaAFIUrwUXFsiOU1v6umWvAuyUlSAHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFN2QlJjV3lJNVRXX3E2WmE4QzdKU1ZJQWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jYTRmZjUtNDhhOC00ZWNjLWJhNzMt
OGQwNzEwZjNkMjc2LzEvaFN2QlJjV3lJNVRXX3E2WmE4QzdKU1ZJQWNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jYTRmZjUtNDhhOC00ZWNjLWJhNzMtOGQwNzEwZjNkMjc2
LzEvaFN2QlJjV3lJNVRXX3E2WmE4QzdKU1ZJQWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcC63W0O2
HzZdXclxM+FALn4N5r8857PrjPASA0FHEfPFhwHGaVgp8vjX5agWg5MPNWXjyWHv
TaK/rHx5we09mTjSFipEAl7QaYia4pQiEvoWWiOChbP5rwLM/jB4K1QhtiH3TZte
+B5Rt/k4iftTsIfLjiFPandPgLrlX6j5kFNOrHYOAmSmDsyucezhsQS03/tlTTt7
EbF+IXTfPKajPpqvV5g3mWzTmETruC2j6CCd49mkllYjyJPtfh1D5YsU2hilfz44
hgWzRZcxIkGxnATJdAXkCjDxCPvY4krQLAf4j26yr/GOwU8Nc7uf/cYDXg8+eh5z
XMTnVRvHcVn43A==
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:06:58 2025 by rpki-client