Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.mft
File: hPIXCGwc0XI9dXsvlZcA4GntHYY.mft (raw, json)
Hash identifier: y95HsZOt1UiDnEoyoGnWRyK1IeFOTL3Dv65WJxHzxPU=
Subject key identifier: 18:FB:8E:F3:3F:4F:00:2E:2E:E1:D7:32:2C:15:00:C4:24:36:05:F9
Authority key identifier: 84:F2:17:08:6C:1C:D1:72:3D:75:7B:2F:95:97:00:E0:69:ED:1D:86
Certificate issuer: /CN=84f217086c1cd1723d757b2f959700e069ed1d86
Certificate serial: 01967BD821FD523327D10EAB57FD136E23C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPIXCGwc0XI9dXsvlZcA4GntHYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.mft
Manifest number: 080A
Signing time: Mon 28 Apr 2025 10:01:24 +0000
Manifest this update: Mon 28 Apr 2025 10:01:24 +0000
Manifest next update: Tue 29 Apr 2025 10:01:24 +0000
Files and hashes: 1: hPIXCGwc0XI9dXsvlZcA4GntHYY.crl (hash: ksdnrgFxxLWukeA0xRavnlzjmdGqLXYCxCVQS3i5DPY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPIXCGwc0XI9dXsvlZcA4GntHYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 10:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:d8:21:fd:52:33:27:d1:0e:ab:57:fd:13:6e:23:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f217086c1cd1723d757b2f959700e069ed1d86
Validity
Not Before: Apr 28 10:01:24 2025 GMT
Not After : Apr 29 10:01:24 2025 GMT
Subject: CN=18fb8ef33f4f002e2ee1d7322c1500c4243605f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:2c:ba:aa:c0:70:33:96:e9:09:7d:52:2e:
d8:90:f7:30:a4:a2:90:ed:ae:2a:80:9c:19:90:36:
f7:64:da:ef:b0:ad:2d:31:c6:40:82:43:ae:22:82:
ba:35:1f:72:19:32:97:d5:80:ae:23:f9:5f:d1:5b:
55:d9:44:a2:30:6a:ff:e4:76:a5:47:1e:1d:db:fe:
69:dd:0e:dd:2e:e5:d9:11:50:4f:cc:e5:39:f4:26:
2f:c4:75:10:3e:b0:0d:ff:d2:af:2a:51:a9:18:2b:
8b:7b:f0:ee:cf:62:5c:a4:d3:94:6e:d9:7d:6c:44:
b8:be:c2:a1:8d:9d:8a:e0:1a:23:1e:ba:82:58:bf:
8a:5d:9b:e1:a9:c7:b6:5d:8e:99:74:4d:0b:3f:ee:
93:d3:3b:58:f2:18:5e:09:a0:9c:b4:3a:de:46:73:
02:38:f0:b1:ff:c9:3f:89:df:eb:7c:3a:58:1e:c7:
69:30:97:68:72:90:3a:99:ee:9d:27:97:23:6c:3f:
72:14:b7:d9:c6:49:60:1a:fa:4b:1f:db:6f:b0:a9:
08:35:d7:17:f0:b9:38:8f:8e:eb:a0:0d:40:d1:7b:
9b:fd:12:9e:86:e4:7a:18:08:41:3a:e1:9b:2b:31:
c2:74:f3:30:a3:f1:c6:a8:08:ef:d0:0d:4a:52:c4:
8f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FB:8E:F3:3F:4F:00:2E:2E:E1:D7:32:2C:15:00:C4:24:36:05:F9
X509v3 Authority Key Identifier:
keyid:84:F2:17:08:6C:1C:D1:72:3D:75:7B:2F:95:97:00:E0:69:ED:1D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPIXCGwc0XI9dXsvlZcA4GntHYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ca958-b303-4c02-9d9b-69bd5224fec0/1/hPIXCGwc0XI9dXsvlZcA4GntHYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:a5:54:33:00:ee:da:35:fa:dc:0e:01:ea:31:d9:e7:c6:02:
9e:08:e5:38:c1:87:e1:0d:72:fe:79:45:02:40:b7:1b:65:3b:
d8:5c:84:ae:1c:8c:08:3f:4c:00:44:2b:36:fa:f2:b0:d8:a3:
c3:95:33:50:64:2c:ae:e8:02:21:6f:5e:ea:e1:b9:a4:03:ac:
b4:26:d7:c2:a8:95:9b:99:79:2a:d9:c3:6f:f2:fe:05:57:6b:
48:c8:a2:64:3d:11:fa:55:a6:8e:52:39:f6:c0:0a:4d:3c:45:
80:d8:ef:63:4b:5c:d4:76:a2:8a:51:ff:39:41:0a:37:b6:3f:
dc:b2:7b:92:e9:ea:84:d2:32:97:0e:d8:d7:97:7e:c0:70:85:
6d:6a:82:7b:81:48:21:d5:4e:13:85:5d:41:0d:3e:3a:4e:38:
f7:9e:7b:c0:d5:9a:93:4c:11:3d:9a:e1:24:61:80:d3:df:9c:
66:24:56:fc:06:d3:29:97:09:52:04:9e:1c:ae:64:7c:a3:1e:
ec:cb:41:94:aa:96:2e:4f:a0:45:1d:b8:ff:2c:2b:b5:21:bb:
1a:10:d3:fa:60:60:b5:0b:ca:66:57:61:6e:7c:4c:f1:35:54:
42:d6:0e:af:a4:93:10:32:a3:e6:39:c5:f8:2c:67:0b:8f:f8:
f8:e6:c9:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ72CH9UjMn0Q6rV/0TbiPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjIxNzA4NmMxY2QxNzIzZDc1N2IyZjk1OTcwMGUwNjll
ZDFkODYwHhcNMjUwNDI4MTAwMTI0WhcNMjUwNDI5MTAwMTI0WjAzMTEwLwYDVQQD
EygxOGZiOGVmMzNmNGYwMDJlMmVlMWQ3MzIyYzE1MDBjNDI0MzYwNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtissuqrAcDOW6Ql9Ui7YkPcwpKKQ
7a4qgJwZkDb3ZNrvsK0tMcZAgkOuIoK6NR9yGTKX1YCuI/lf0VtV2USiMGr/5Hal
Rx4d2/5p3Q7dLuXZEVBPzOU59CYvxHUQPrAN/9KvKlGpGCuLe/Duz2JcpNOUbtl9
bES4vsKhjZ2K4BojHrqCWL+KXZvhqce2XY6ZdE0LP+6T0ztY8hheCaCctDreRnMC
OPCx/8k/id/rfDpYHsdpMJdocpA6me6dJ5cjbD9yFLfZxklgGvpLH9tvsKkINdcX
8Lk4j47roA1A0Xub/RKehuR6GAhBOuGbKzHCdPMwo/HGqAjv0A1KUsSPkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBj7jvM/TwAuLuHXMiwVAMQkNgX5MB8GA1UdIwQY
MBaAFITyFwhsHNFyPXV7L5WXAOBp7R2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBJWENHd2MwWEk5ZFhzdmxaY0E0R250SFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83Y2E5NTgtYjMwMy00YzAyLTlkOWIt
NjliZDUyMjRmZWMwLzEvaFBJWENHd2MwWEk5ZFhzdmxaY0E0R250SFlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83Y2E5NTgtYjMwMy00YzAyLTlkOWItNjliZDUyMjRmZWMw
LzEvaFBJWENHd2MwWEk5ZFhzdmxaY0E0R250SFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKKVUMwDu
2jX63A4B6jHZ58YCngjlOMGH4Q1y/nlFAkC3G2U72FyErhyMCD9MAEQrNvrysNij
w5UzUGQsrugCIW9e6uG5pAOstCbXwqiVm5l5KtnDb/L+BVdrSMiiZD0R+lWmjlI5
9sAKTTxFgNjvY0tc1HaiilH/OUEKN7Y/3LJ7kunqhNIylw7Y15d+wHCFbWqCe4FI
IdVOE4VdQQ0+Ok449557wNWak0wRPZrhJGGA09+cZiRW/AbTKZcJUgSeHK5kfKMe
7MtBlKqWLk+gRR24/ywrtSG7GhDT+mBgtQvKZldhbnxM8TVUQtYOr6STEDKj5jnF
+CxnC4/4+ObJ7w==
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:42:00 2025 by rpki-client