
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json)
Hash identifier: /AA76XE29F3yATo4yjHGg/mpqOBxsjAZq8q0EJortQY=
Subject key identifier: 8A:D4:73:67:95:C1:62:24:B7:14:C5:90:FE:6E:D7:31:41:93:1E:A1
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 01968E4B7D8D7177E1775C62D5D3D6E705D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
Manifest number: 101C
Signing time: Fri 02 May 2025 00:00:34 +0000
Manifest this update: Fri 02 May 2025 00:00:34 +0000
Manifest next update: Sat 03 May 2025 00:00:34 +0000
Files and hashes: 1: ZjB1G19DDx_6Q5oScLG5jMaC8XA.roa (hash: 7/c0oLP47xBtzbpIYR3dJCRfL58YizRnGJk+IU5Vsgc=)
2: bckQXnbwfKXBuJ2fgXGJ6V-6Qfk.roa (hash: v7e6EIu7w13jemXrMUjQBx6+ZKi093MMCQO7o8uB3rY=)
3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: N4ytAFXWzOtHVQuRRFSJEBLqCrEIqav4Ji4kYVQhwTU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8e:4b:7d:8d:71:77:e1:77:5c:62:d5:d3:d6:e7:05:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: May 2 00:00:34 2025 GMT
Not After : May 3 00:00:34 2025 GMT
Subject: CN=8ad4736795c16224b714c590fe6ed73141931ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:78:ec:62:53:70:36:a1:bc:ae:1d:59:cd:
8b:69:1f:b1:4c:2f:09:b0:16:7e:b2:87:59:fd:d7:
ac:a4:3e:90:5f:a8:0a:15:6f:ab:48:f6:de:58:66:
c8:d7:23:12:ef:65:74:86:91:53:20:6a:3b:ce:d3:
3b:5a:59:38:6f:c1:e7:76:e6:ad:7c:03:c0:e8:4e:
41:da:a9:01:08:6e:69:da:c8:06:08:47:77:31:85:
9c:78:1a:55:00:be:5f:0c:b5:ff:9a:97:9b:2e:55:
9f:91:17:1c:29:8d:b4:23:96:c7:be:1c:14:ba:dc:
77:80:b7:33:2e:37:f2:cb:4a:00:8d:46:db:51:d5:
a0:44:72:bd:b4:cb:52:7b:05:31:8a:14:4d:ae:96:
e6:58:07:bb:28:7f:72:8f:66:1e:0b:60:08:c8:f1:
55:e5:89:4c:64:b2:d3:b5:8d:b3:b8:00:5a:63:88:
a9:61:7d:6d:47:0c:28:ba:e0:e0:ce:3d:22:04:3d:
24:cd:d1:46:cd:26:9d:6d:51:39:46:5c:ef:cb:98:
37:f2:6a:7f:fe:62:48:e0:96:36:4b:f7:af:d0:55:
57:e5:2b:f7:f1:5a:68:6f:0c:77:50:f8:1b:ec:00:
5a:07:cc:f0:a1:50:d4:5b:1f:8e:66:88:fd:42:e0:
61:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D4:73:67:95:C1:62:24:B7:14:C5:90:FE:6E:D7:31:41:93:1E:A1
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:e4:9f:1e:0e:23:85:91:20:89:fd:13:fd:31:ff:70:39:d8:
44:4e:72:f3:17:db:85:39:5a:a3:b8:c7:b4:2b:28:df:bc:3c:
49:70:c9:fc:89:c0:07:5b:7c:c1:53:d8:f8:ab:1f:35:83:b9:
e2:56:aa:08:ab:1f:9a:2c:7d:0e:58:d4:fb:02:41:d8:c9:d5:
ab:74:71:67:39:50:91:be:c7:14:0d:d0:ba:f4:0a:67:7a:11:
80:d2:a9:50:14:05:78:f2:8a:90:0c:ca:20:0d:db:48:bf:99:
66:10:fc:5a:ba:84:39:c2:03:0a:d3:fb:2a:f3:87:dd:56:56:
7c:a3:45:6e:49:3b:f7:dc:69:f1:e0:e4:78:91:6d:ca:7b:61:
ef:13:8f:8e:27:d5:8f:3a:12:4c:d6:fd:9e:f9:8a:4d:f9:00:
6b:ce:94:a8:13:5f:ce:66:ce:7b:58:50:d9:db:34:c1:72:91:
5e:2c:b1:9e:58:2b:7d:ff:60:0b:58:5b:cc:45:7f:1a:c4:fa:
e0:3c:05:fa:cd:a0:97:19:cd:b0:e4:97:ff:d4:57:f5:6c:5b:
fd:50:98:b4:a6:6b:74:41:37:17:d9:bb:f8:b3:73:e1:9f:00:
51:93:e8:29:d4:d1:59:74:ec:b3:fd:db:18:0d:3c:97:09:04:
d2:f4:3e:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaOS32NcXfhd1xi1dPW5wXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjUwNTAyMDAwMDM0WhcNMjUwNTAzMDAwMDM0WjAzMTEwLwYDVQQD
Eyg4YWQ0NzM2Nzk1YzE2MjI0YjcxNGM1OTBmZTZlZDczMTQxOTMxZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArql47GJTcDahvK4dWc2LaR+xTC8J
sBZ+sodZ/despD6QX6gKFW+rSPbeWGbI1yMS72V0hpFTIGo7ztM7Wlk4b8Hnduat
fAPA6E5B2qkBCG5p2sgGCEd3MYWceBpVAL5fDLX/mpebLlWfkRccKY20I5bHvhwU
utx3gLczLjfyy0oAjUbbUdWgRHK9tMtSewUxihRNrpbmWAe7KH9yj2YeC2AIyPFV
5YlMZLLTtY2zuABaY4ipYX1tRwwouuDgzj0iBD0kzdFGzSadbVE5Rlzvy5g38mp/
/mJI4JY2S/ev0FVX5Sv38Vpobwx3UPgb7ABaB8zwoVDUWx+OZoj9QuBh2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrUc2eVwWIktxTFkP5u1zFBkx6hMB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs+SfHg4j
hZEgif0T/TH/cDnYRE5y8xfbhTlao7jHtCso37w8SXDJ/InAB1t8wVPY+KsfNYO5
4laqCKsfmix9DljU+wJB2MnVq3RxZzlQkb7HFA3QuvQKZ3oRgNKpUBQFePKKkAzK
IA3bSL+ZZhD8WrqEOcIDCtP7KvOH3VZWfKNFbkk799xp8eDkeJFtynth7xOPjifV
jzoSTNb9nvmKTfkAa86UqBNfzmbOe1hQ2ds0wXKRXiyxnlgrff9gC1hbzEV/GsT6
4DwF+s2glxnNsOSX/9RX9Wxb/VCYtKZrdEE3F9m7+LNz4Z8AUZPoKdTRWXTss/3b
GA08lwkE0vQ+sg==
-----END CERTIFICATE-----
Generated at Fri May 2 07:45:03 2025 by rpki-client