Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json)
Hash identifier: kKx8S1qfsodiPpecshuQeTaI2nR0Gjb3AIWNVDlffpk=
Subject key identifier: DE:24:6E:F0:EE:AC:E5:20:9A:5A:A1:3F:CA:8B:73:A1:ED:25:81:42
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 0196771EC69B5622E524F7A0144BDC1BC5E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
Manifest number: 11A4
Signing time: Sun 27 Apr 2025 12:00:27 +0000
Manifest this update: Sun 27 Apr 2025 12:00:27 +0000
Manifest next update: Mon 28 Apr 2025 12:00:27 +0000
Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=)
2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: /GVojjoZ3ZOQRdZs/WAbwQ2tyR4et6N1NFTcHLglKMA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 12:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:1e:c6:9b:56:22:e5:24:f7:a0:14:4b:dc:1b:c5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Apr 27 12:00:27 2025 GMT
Not After : Apr 28 12:00:27 2025 GMT
Subject: CN=de246ef0eeace5209a5aa13fca8b73a1ed258142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a4:30:7f:6f:c7:5c:64:bf:1f:da:66:91:a0:
5c:5d:ba:82:9d:df:78:77:cd:c5:3e:40:dd:c2:d3:
57:8b:3d:5c:af:c6:24:ef:49:86:03:c2:32:7e:95:
a3:56:d4:15:82:6f:3f:9c:8a:55:cf:48:c6:91:8f:
bc:9d:84:a8:7a:3c:de:f3:c4:38:56:78:24:8b:29:
1a:f0:39:5f:f6:7c:94:58:99:fa:d4:10:97:ed:ad:
c9:54:12:31:f1:e7:c2:91:bd:36:52:8b:67:5e:cb:
3d:ac:ce:dd:b4:29:0b:5e:92:ff:46:04:0f:a3:a4:
b6:76:28:c1:d2:80:a2:1b:ac:ec:74:3c:48:32:bd:
c7:eb:23:c9:3f:42:84:86:42:32:6a:15:66:e3:f7:
d4:05:5c:49:ed:3b:d4:28:24:72:59:c0:b5:66:d9:
80:27:27:b9:82:f1:32:c8:67:cc:b1:3c:aa:8d:ee:
7e:a1:8f:af:e8:fb:ab:4a:ef:59:ab:3a:0d:a3:6c:
90:68:5d:96:5d:62:f3:43:44:34:b4:26:dd:05:66:
5e:73:86:19:ae:1a:eb:7a:2d:a3:ae:a2:e7:7f:ad:
fe:36:64:59:87:6b:e0:35:7d:e3:ea:bf:f3:ca:6c:
9f:90:08:02:4c:0e:4c:40:f0:fe:43:ce:51:d4:eb:
d6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:24:6E:F0:EE:AC:E5:20:9A:5A:A1:3F:CA:8B:73:A1:ED:25:81:42
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:62:e2:98:c1:48:ac:6c:69:30:8c:83:ae:74:dc:89:79:55:
ba:2b:61:dc:42:c4:f4:bb:90:38:22:74:86:86:58:bc:bf:f3:
c4:55:26:50:76:46:16:97:86:f3:2a:0f:67:06:a3:40:d3:59:
93:82:f2:fb:51:17:1d:43:56:19:fd:6d:71:d1:55:1d:b6:d1:
03:6b:49:b9:49:42:81:34:67:36:0e:85:a4:ab:6c:54:48:e5:
75:ac:71:5e:a6:9e:b3:cc:47:60:23:3f:a1:12:76:2c:d0:0a:
c1:08:53:56:6c:0a:52:55:58:38:1e:95:29:92:6a:38:fc:58:
af:06:b2:d7:c8:42:ae:9b:4b:16:b6:ee:55:f4:4b:ce:3d:48:
af:ae:d4:8a:3b:10:12:41:86:7e:9c:ff:f4:d4:c4:6e:a5:ad:
9d:35:e9:6b:c8:a4:4e:5c:87:4c:f2:c8:f1:a3:b0:48:2c:4a:
c3:78:04:8c:b2:8f:9b:f8:7b:3f:30:25:eb:bf:c0:dd:97:5a:
47:05:5c:5d:41:42:b9:4a:d9:ee:77:fd:6f:4e:b2:8f:e8:0b:
0b:3e:7f:34:23:45:c6:59:d0:5a:d6:ba:5b:e3:e7:3a:d7:76:
cd:fb:3a:8c:66:79:1c:91:59:6e:cf:98:95:cf:8b:23:1a:37:
46:1e:4d:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3HsabViLlJPegFEvcG8XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjUwNDI3MTIwMDI3WhcNMjUwNDI4MTIwMDI3WjAzMTEwLwYDVQQD
EyhkZTI0NmVmMGVlYWNlNTIwOWE1YWExM2ZjYThiNzNhMWVkMjU4MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66Qwf2/HXGS/H9pmkaBcXbqCnd94
d83FPkDdwtNXiz1cr8Yk70mGA8IyfpWjVtQVgm8/nIpVz0jGkY+8nYSoejze88Q4
Vngkiyka8Dlf9nyUWJn61BCX7a3JVBIx8efCkb02UotnXss9rM7dtCkLXpL/RgQP
o6S2dijB0oCiG6zsdDxIMr3H6yPJP0KEhkIyahVm4/fUBVxJ7TvUKCRyWcC1ZtmA
Jye5gvEyyGfMsTyqje5+oY+v6PurSu9ZqzoNo2yQaF2WXWLzQ0Q0tCbdBWZec4YZ
rhrrei2jrqLnf63+NmRZh2vgNX3j6r/zymyfkAgCTA5MQPD+Q85R1OvWRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4kbvDurOUgmlqhP8qLc6HtJYFCMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJmLimMFI
rGxpMIyDrnTciXlVuith3ELE9LuQOCJ0hoZYvL/zxFUmUHZGFpeG8yoPZwajQNNZ
k4Ly+1EXHUNWGf1tcdFVHbbRA2tJuUlCgTRnNg6FpKtsVEjldaxxXqaes8xHYCM/
oRJ2LNAKwQhTVmwKUlVYOB6VKZJqOPxYrway18hCrptLFrbuVfRLzj1Ir67UijsQ
EkGGfpz/9NTEbqWtnTXpa8ikTlyHTPLI8aOwSCxKw3gEjLKPm/h7PzAl67/A3Zda
RwVcXUFCuUrZ7nf9b06yj+gLCz5/NCNFxlnQWta6W+PnOtd2zfs6jGZ5HJFZbs+Y
lc+LIxo3Rh5NCg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:05:15 2025 by rpki-client