Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
File: NHkVOIV45h2IaEmiHXC6B1FJwaE.mft (raw, json)
Hash identifier: dbn3QzC1RqA+2Cd2p8M4JdqlXeKALB6nL5hXWB6rrX8=
Subject key identifier: A3:7E:FA:D0:F4:D8:62:29:B8:E6:AA:5D:70:7D:64:52:73:67:BF:94
Authority key identifier: 34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
Certificate issuer: /CN=347915388578e61d886849a21d70ba075149c1a1
Certificate serial: 0196857EF2606EB4378F3DAA5857E30E21E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
Manifest number: 0AA3
Signing time: Wed 30 Apr 2025 07:00:11 +0000
Manifest this update: Wed 30 Apr 2025 07:00:11 +0000
Manifest next update: Thu 01 May 2025 07:00:11 +0000
Files and hashes: 1: NHkVOIV45h2IaEmiHXC6B1FJwaE.crl (hash: tq9Dd2h9OOQlGpWFJNDylB3IWaptGu9WlyjNyMgIjzk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:7e:f2:60:6e:b4:37:8f:3d:aa:58:57:e3:0e:21:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347915388578e61d886849a21d70ba075149c1a1
Validity
Not Before: Apr 30 07:00:11 2025 GMT
Not After : May 1 07:00:11 2025 GMT
Subject: CN=a37efad0f4d86229b8e6aa5d707d64527367bf94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6f:b0:79:c9:72:6c:da:d2:82:d0:c8:3b:fe:
96:bc:ce:0f:2d:d1:7d:fc:34:9e:92:27:2d:2e:a5:
8b:fc:11:d5:12:04:3f:45:70:2c:a5:29:71:52:f6:
ed:23:c2:e8:8a:4c:23:f1:f2:fe:7b:cd:62:e9:1b:
98:a7:67:bc:0e:fd:0d:73:c9:96:3d:e7:fb:bf:36:
97:ab:15:84:d0:f7:b7:e4:05:5a:41:34:96:a7:99:
2f:7b:5f:d6:74:ce:2c:d8:a6:a8:cd:5e:8b:a0:a5:
b1:eb:6e:1a:d8:c0:c3:da:c8:c5:de:dd:82:98:fa:
46:51:2e:ad:64:65:fd:eb:ad:f8:75:ce:4c:50:55:
b3:33:e8:71:b4:a8:70:d1:ca:d2:46:78:7b:cb:7b:
57:23:45:81:82:98:e7:76:07:51:dd:8a:1e:1b:65:
50:dc:e8:a8:e7:94:d3:e2:7e:b5:61:b4:50:12:24:
f4:ef:6c:48:f4:02:99:f5:f9:cb:a0:ef:6c:81:3c:
c5:72:01:0e:84:1d:dc:52:11:38:89:a9:ea:19:c2:
77:74:37:d6:dc:7b:1d:e9:cf:38:b1:10:9f:e9:16:
20:1e:79:21:7b:aa:ab:34:6d:25:56:d7:ed:bb:13:
b0:ac:10:68:a7:e5:37:71:00:de:c2:a3:6b:d4:55:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7E:FA:D0:F4:D8:62:29:B8:E6:AA:5D:70:7D:64:52:73:67:BF:94
X509v3 Authority Key Identifier:
keyid:34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:24:e9:58:f4:34:c4:47:28:d0:1b:71:f2:f5:d1:ad:d1:ed:
56:91:a3:9a:f3:8b:78:f7:4f:85:c6:d2:4f:f4:bc:09:12:6f:
90:ed:56:03:17:72:44:9a:59:1d:0d:6f:c0:a1:1b:05:0e:14:
d3:b8:28:38:6d:40:e4:94:d6:a9:74:b3:90:d6:a5:fb:fe:ae:
a3:fd:ee:e1:9e:04:9e:05:39:a5:e4:c0:8c:17:d9:80:a3:22:
fa:2e:62:c6:02:36:87:08:ef:0d:2c:f6:fc:b0:cf:33:6d:c5:
75:76:89:c5:79:04:be:a7:7e:e5:c2:fd:53:32:01:68:cb:fc:
92:f3:90:41:43:eb:77:fa:9e:4b:d6:3f:c0:a9:7a:49:bd:c1:
85:5e:13:2c:e3:f6:61:d1:b4:de:5d:39:cc:8c:1a:42:0c:f6:
d2:21:b1:77:d1:9a:98:a9:cd:17:7b:f1:66:52:77:ab:f6:dd:
04:7c:da:9a:8e:09:b2:2c:01:f6:3f:c5:07:94:a9:8f:24:13:
d2:bb:26:5f:5c:04:4a:61:05:2d:91:f5:e6:92:9d:8b:29:d2:
86:ff:d1:46:df:e6:cb:43:c8:71:2e:7c:d9:08:7e:21:b4:79:
57:88:b6:60:5e:f4:c0:7f:27:85:29:c7:d3:2a:eb:28:f2:22:
cc:89:d7:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFfvJgbrQ3jz2qWFfjDiHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzkxNTM4ODU3OGU2MWQ4ODY4NDlhMjFkNzBiYTA3NTE0
OWMxYTEwHhcNMjUwNDMwMDcwMDExWhcNMjUwNTAxMDcwMDExWjAzMTEwLwYDVQQD
EyhhMzdlZmFkMGY0ZDg2MjI5YjhlNmFhNWQ3MDdkNjQ1MjczNjdiZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9W+weclybNrSgtDIO/6WvM4PLdF9
/DSekictLqWL/BHVEgQ/RXAspSlxUvbtI8Loikwj8fL+e81i6RuYp2e8Dv0Nc8mW
Pef7vzaXqxWE0Pe35AVaQTSWp5kve1/WdM4s2KaozV6LoKWx624a2MDD2sjF3t2C
mPpGUS6tZGX96634dc5MUFWzM+hxtKhw0crSRnh7y3tXI0WBgpjndgdR3YoeG2VQ
3Oio55TT4n61YbRQEiT072xI9AKZ9fnLoO9sgTzFcgEOhB3cUhE4ianqGcJ3dDfW
3Hsd6c84sRCf6RYgHnkhe6qrNG0lVtftuxOwrBBop+U3cQDewqNr1FWaqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKN++tD02GIpuOaqXXB9ZFJzZ7+UMB8GA1UdIwQY
MBaAFDR5FTiFeOYdiGhJoh1wugdRScGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzkt
ODJkOTdjMDY5NTY2LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzktODJkOTdjMDY5NTY2
LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqiTpWPQ0
xEco0Btx8vXRrdHtVpGjmvOLePdPhcbST/S8CRJvkO1WAxdyRJpZHQ1vwKEbBQ4U
07goOG1A5JTWqXSzkNal+/6uo/3u4Z4EngU5peTAjBfZgKMi+i5ixgI2hwjvDSz2
/LDPM23FdXaJxXkEvqd+5cL9UzIBaMv8kvOQQUPrd/qeS9Y/wKl6Sb3BhV4TLOP2
YdG03l05zIwaQgz20iGxd9GamKnNF3vxZlJ3q/bdBHzamo4JsiwB9j/FB5SpjyQT
0rsmX1wESmEFLZH15pKdiynShv/RRt/my0PIcS582Qh+IbR5V4i2YF70wH8nhSnH
0yrrKPIizInX2A==
-----END CERTIFICATE-----
Generated at Wed Apr 30 12:25:46 2025 by rpki-client