Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
File: x02iHagDioIFQrOvr76qqmZreyc.mft (raw, json)
Hash identifier: SJ4Z+b+gIHtoq6CAotZ+nrznt0UnMyFyF6bU7h/NIEY=
Subject key identifier: 84:13:D9:5C:19:5E:24:7B:59:6A:85:DF:24:3D:63:12:23:A5:E7:AF
Authority key identifier: C7:4D:A2:1D:A8:03:8A:82:05:42:B3:AF:AF:BE:AA:AA:66:6B:7B:27
Certificate issuer: /CN=c74da21da8038a820542b3afafbeaaaa666b7b27
Certificate serial: 0196808FE8979FA8CFB395521997F199C451
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
Manifest number: 14A8
Signing time: Tue 29 Apr 2025 08:00:36 +0000
Manifest this update: Tue 29 Apr 2025 08:00:36 +0000
Manifest next update: Wed 30 Apr 2025 08:00:36 +0000
Files and hashes: 1: 2t0GWwoe7mmFS83bQQPX5JNcD34.roa (hash: hxRzouLeq4ys7uUoj+7mRAVC8MeKAFWBUYqAcz4n5d0=)
2: x02iHagDioIFQrOvr76qqmZreyc.crl (hash: k2l8ZvIRvK8TnNukvekS2JQBcvSXK1+lGSY/iJWhE6k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:8f:e8:97:9f:a8:cf:b3:95:52:19:97:f1:99:c4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74da21da8038a820542b3afafbeaaaa666b7b27
Validity
Not Before: Apr 29 08:00:36 2025 GMT
Not After : Apr 30 08:00:36 2025 GMT
Subject: CN=8413d95c195e247b596a85df243d631223a5e7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:0d:aa:c3:c4:41:26:1a:44:e8:a4:d4:98:
c4:1e:f9:08:6f:12:62:de:09:7d:ec:7d:62:ec:ae:
7b:c4:f4:05:eb:30:1f:34:82:9d:3d:bc:60:60:4c:
29:7d:f0:66:81:13:f9:d5:d0:2e:19:65:d8:22:6e:
cf:e7:35:74:11:9f:d7:06:a1:39:9d:a5:c5:34:45:
20:67:32:42:b6:34:91:ce:b4:2a:8a:e4:d6:ae:14:
7f:42:d5:9a:7b:6a:55:cc:64:81:78:b5:18:8c:01:
4b:4e:1c:66:1e:56:a0:8a:0b:2c:88:6a:fc:19:65:
93:0f:a1:4d:9d:73:a9:d5:c1:cb:29:8b:f0:b4:48:
8c:14:76:69:83:78:8f:fb:4c:54:66:93:de:8c:0e:
4d:80:86:00:74:d2:fa:9e:eb:19:de:7d:32:80:e7:
2d:7e:2e:d6:64:06:04:a2:d9:a8:46:cc:20:b3:cb:
88:a9:d3:09:df:d7:8a:a9:bc:5e:8c:d0:ab:d5:76:
96:8a:14:a3:50:60:b0:7d:e1:d9:02:3c:66:52:d7:
13:d6:f5:a3:40:4b:71:d9:73:a3:be:b6:ef:27:dd:
a6:26:56:53:56:5b:5f:59:e2:c5:5f:6e:8e:be:e6:
47:5c:cb:29:ec:49:63:59:7f:c0:9b:d9:0d:89:ed:
98:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:D9:5C:19:5E:24:7B:59:6A:85:DF:24:3D:63:12:23:A5:E7:AF
X509v3 Authority Key Identifier:
keyid:C7:4D:A2:1D:A8:03:8A:82:05:42:B3:AF:AF:BE:AA:AA:66:6B:7B:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x02iHagDioIFQrOvr76qqmZreyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/4f8444-2c3d-4592-9458-801d89d7366d/1/x02iHagDioIFQrOvr76qqmZreyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:72:a6:fb:82:72:70:52:60:24:0b:db:e8:c0:d5:60:ca:57:
3a:85:9b:82:6f:39:83:cc:88:b3:6a:4f:47:8e:c7:89:a6:bd:
dd:aa:14:9e:16:5e:18:a3:45:71:85:35:8c:22:c2:81:33:8a:
72:02:3b:39:17:a4:c3:3f:36:32:a3:ee:d5:f0:32:4b:b9:59:
4d:f9:72:49:8b:85:b1:6a:ac:2b:ce:33:f0:8e:cb:fd:48:88:
d5:a3:40:0b:90:7e:6f:ce:38:df:cc:2a:f7:c3:80:96:73:6d:
9e:1b:fd:72:ff:05:d1:e2:3b:6e:ee:29:e4:86:0e:15:07:18:
60:4d:63:ea:24:3b:a2:e9:3a:b2:07:0a:1c:d5:5c:4c:b3:a3:
70:b6:d0:25:68:bc:45:b2:e4:01:35:03:32:4f:66:72:ff:bb:
23:15:46:81:1a:aa:16:60:12:a2:f4:fd:15:e6:8b:b4:61:ef:
eb:ce:e9:ed:64:1c:8b:74:0d:c0:4c:ed:22:f0:fc:18:d4:25:
82:35:3a:6d:32:93:f9:1c:92:ec:08:a0:c0:b2:6a:a0:2f:9e:
92:4d:9b:9d:73:dd:67:a9:59:8d:a2:13:43:2a:9c:a7:af:44:
ae:0b:a4:57:ea:1b:4e:74:e1:bf:31:59:6a:76:10:9b:af:ad:
0b:99:24:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAj+iXn6jPs5VSGZfxmcRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGRhMjFkYTgwMzhhODIwNTQyYjNhZmFmYmVhYWFhNjY2
YjdiMjcwHhcNMjUwNDI5MDgwMDM2WhcNMjUwNDMwMDgwMDM2WjAzMTEwLwYDVQQD
Eyg4NDEzZDk1YzE5NWUyNDdiNTk2YTg1ZGYyNDNkNjMxMjIzYTVlN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5oNqsPEQSYaROik1JjEHvkIbxJi
3gl97H1i7K57xPQF6zAfNIKdPbxgYEwpffBmgRP51dAuGWXYIm7P5zV0EZ/XBqE5
naXFNEUgZzJCtjSRzrQqiuTWrhR/QtWae2pVzGSBeLUYjAFLThxmHlagigssiGr8
GWWTD6FNnXOp1cHLKYvwtEiMFHZpg3iP+0xUZpPejA5NgIYAdNL6nusZ3n0ygOct
fi7WZAYEotmoRswgs8uIqdMJ39eKqbxejNCr1XaWihSjUGCwfeHZAjxmUtcT1vWj
QEtx2XOjvrbvJ92mJlZTVltfWeLFX26OvuZHXMsp7EljWX/Am9kNie2YgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQT2VwZXiR7WWqF3yQ9YxIjpeevMB8GA1UdIwQY
MBaAFMdNoh2oA4qCBUKzr6++qqpma3snMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Zjg0NDQtMmMzZC00NTkyLTk0NTgt
ODAxZDg5ZDczNjZkLzEveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Zjg0NDQtMmMzZC00NTkyLTk0NTgtODAxZDg5ZDczNjZk
LzEveDAyaUhhZ0Rpb0lGUXJPdnI3NnFxbVpyZXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3Km+4Jy
cFJgJAvb6MDVYMpXOoWbgm85g8yIs2pPR47Hiaa93aoUnhZeGKNFcYU1jCLCgTOK
cgI7ORekwz82MqPu1fAyS7lZTflySYuFsWqsK84z8I7L/UiI1aNAC5B+b84438wq
98OAlnNtnhv9cv8F0eI7bu4p5IYOFQcYYE1j6iQ7ouk6sgcKHNVcTLOjcLbQJWi8
RbLkATUDMk9mcv+7IxVGgRqqFmASovT9FeaLtGHv687p7WQci3QNwEztIvD8GNQl
gjU6bTKT+RyS7AigwLJqoC+ekk2bnXPdZ6lZjaITQyqcp69ErgukV+obTnThvzFZ
anYQm6+tC5kkWg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:29:12 2025 by rpki-client