
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
File: d0HROhWph91gAZwCZdLs7EhAlEo.mft (raw, json)
Hash identifier: nV2LpK/Esq6bepwaW5MfI8SyuLJBH9nYxHuYSNMfPro=
Subject key identifier: 0C:A7:2D:EB:8E:AA:FE:35:E5:AF:F8:F8:2E:32:1B:76:2A:BA:25:E5
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Certificate issuer: /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial: 019682476FDE9BC05F21ABD057F721246799
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
Manifest number: 0628
Signing time: Tue 29 Apr 2025 16:00:41 +0000
Manifest this update: Tue 29 Apr 2025 16:00:41 +0000
Manifest next update: Wed 30 Apr 2025 16:00:41 +0000
Files and hashes: 1: EKdJIayRjGqpNjC_sXcLD4LpFxg.roa (hash: Q7XyDf/+ZYlwIoQHzzpWgBVzZ1z6oDECbrHcCzM9GG4=)
2: _-z4nvaTTyccKXJFwod66iKewX0.roa (hash: B/6vrb0o2kiLAGPMrkOgglOkupcsHoxdqdIe49F5XFQ=)
3: d0HROhWph91gAZwCZdLs7EhAlEo.crl (hash: OhwzovGyjFaHAlB2VRU0dgG+J4u9YXYeJAzz1mVxZXY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:47:6f:de:9b:c0:5f:21:ab:d0:57:f7:21:24:67:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
Validity
Not Before: Apr 29 16:00:41 2025 GMT
Not After : Apr 30 16:00:41 2025 GMT
Subject: CN=0ca72deb8eaafe35e5aff8f82e321b762aba25e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:10:8f:8a:68:fa:77:60:c1:5d:12:c5:56:94:
f1:62:18:10:2d:2e:5a:c5:55:8c:22:61:b7:99:0e:
1d:fd:bf:d3:28:16:57:31:5a:2e:99:0d:8d:d1:0e:
a5:b2:2e:c9:a8:51:9a:78:40:8a:67:f4:09:6f:21:
4a:6c:40:e9:bf:27:07:90:c1:e6:40:6a:cc:14:e1:
99:31:a0:8b:2b:a5:02:9f:51:fd:44:87:cd:9b:1c:
c9:91:e3:ef:e0:95:46:48:3c:bb:fd:96:f6:b2:ef:
2b:f8:72:dd:bd:58:e0:97:d1:a8:5e:82:70:c4:db:
4d:d5:89:23:24:4e:28:e7:d7:9f:a4:f8:b3:f2:62:
52:11:74:15:fb:71:d1:52:41:fd:28:c2:0e:a8:34:
e8:0a:65:93:c8:80:7f:6a:b1:37:f1:c5:54:92:f3:
43:b4:40:8e:19:4f:57:32:12:e6:36:b5:2c:96:7b:
a4:c0:80:86:ba:8b:36:2d:ad:f6:43:88:48:fd:3b:
99:65:56:fd:d6:72:24:4b:a1:c1:91:29:2f:d5:19:
9d:ab:cf:3a:be:5c:ea:af:47:14:ae:a5:15:e8:12:
c6:a5:89:ae:69:99:18:64:d8:a3:ba:46:4b:61:59:
60:e8:8f:23:82:92:1a:3e:ff:c0:c3:09:cc:40:8e:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A7:2D:EB:8E:AA:FE:35:E5:AF:F8:F8:2E:32:1B:76:2A:BA:25:E5
X509v3 Authority Key Identifier:
keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:88:71:33:ce:10:58:6e:68:4a:15:50:8d:7c:95:c6:f5:a5:
bc:a0:22:80:c4:34:bb:c3:0c:c9:f8:d2:0c:7a:e7:87:b0:74:
11:51:1c:08:c4:aa:af:8c:c6:e6:25:7d:1d:53:25:99:71:0e:
aa:77:a6:a2:d1:b7:e2:9b:27:f1:16:cc:0e:b0:62:fa:b6:6f:
6c:78:f9:09:76:cf:60:30:1b:81:9c:06:71:b5:5c:aa:46:46:
d3:36:d2:33:2f:e1:d1:e0:53:b2:27:63:c9:3e:f4:69:2b:f5:
b8:61:40:ec:ec:f4:82:11:e4:02:7f:04:67:db:9c:e5:a3:df:
cf:e9:82:60:df:4f:78:83:cc:49:0a:19:3a:c2:67:8b:6e:7f:
75:18:3e:58:74:53:b4:c4:59:47:9e:2a:20:d5:48:1c:2a:84:
b3:e0:a4:54:a6:f7:4a:e0:d2:e9:a8:20:53:7b:05:e5:4f:09:
3e:ec:64:7b:a9:32:3a:39:26:42:74:a1:ed:17:41:1b:05:16:
27:70:ec:c6:5c:63:47:53:2f:90:8b:02:3e:00:47:f4:2c:8a:
17:f8:b2:95:02:6e:13:6a:9e:9a:76:65:12:53:93:d8:ce:d9:
ee:e0:1f:f1:97:b5:f5:ee:e0:f0:38:ca:b5:a8:32:3e:fc:e5:
4b:35:74:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCR2/em8BfIavQV/chJGeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjUwNDI5MTYwMDQxWhcNMjUwNDMwMTYwMDQxWjAzMTEwLwYDVQQD
EygwY2E3MmRlYjhlYWFmZTM1ZTVhZmY4ZjgyZTMyMWI3NjJhYmEyNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRCPimj6d2DBXRLFVpTxYhgQLS5a
xVWMImG3mQ4d/b/TKBZXMVoumQ2N0Q6lsi7JqFGaeECKZ/QJbyFKbEDpvycHkMHm
QGrMFOGZMaCLK6UCn1H9RIfNmxzJkePv4JVGSDy7/Zb2su8r+HLdvVjgl9GoXoJw
xNtN1YkjJE4o59efpPiz8mJSEXQV+3HRUkH9KMIOqDToCmWTyIB/arE38cVUkvND
tECOGU9XMhLmNrUslnukwICGuos2La32Q4hI/TuZZVb91nIkS6HBkSkv1Rmdq886
vlzqr0cUrqUV6BLGpYmuaZkYZNijukZLYVlg6I8jgpIaPv/AwwnMQI6Z5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAynLeuOqv415a/4+C4yG3YquiXlMB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIhxM84Q
WG5oShVQjXyVxvWlvKAigMQ0u8MMyfjSDHrnh7B0EVEcCMSqr4zG5iV9HVMlmXEO
qnemotG34psn8RbMDrBi+rZvbHj5CXbPYDAbgZwGcbVcqkZG0zbSMy/h0eBTsidj
yT70aSv1uGFA7Oz0ghHkAn8EZ9uc5aPfz+mCYN9PeIPMSQoZOsJni25/dRg+WHRT
tMRZR54qINVIHCqEs+CkVKb3SuDS6aggU3sF5U8JPuxke6kyOjkmQnSh7RdBGwUW
J3DsxlxjR1MvkIsCPgBH9CyKF/iylQJuE2qemnZlElOT2M7Z7uAf8Ze19e7g8DjK
tagyPvzlSzV0fg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:47:54 2025 by rpki-client