Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: gc25guTC2CX74bI3YbrC8wUBmNGhTV4llkZQh35ZcqU=
Subject key identifier: 31:02:7E:D1:E1:1F:3D:C1:E7:C1:85:E8:22:25:CD:1E:45:8D:2F:4B
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 01968E4B9FD7AF24CDEAD973667622849BD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 151F
Signing time: Fri 02 May 2025 00:00:42 +0000
Manifest this update: Fri 02 May 2025 00:00:42 +0000
Manifest next update: Sat 03 May 2025 00:00:42 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: uSrgExBSPAE/fA8Uq9T/aKYxn2XlkfDEwuhen3cTbbY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8e:4b:9f:d7:af:24:cd:ea:d9:73:66:76:22:84:9b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: May 2 00:00:42 2025 GMT
Not After : May 3 00:00:42 2025 GMT
Subject: CN=31027ed1e11f3dc1e7c185e82225cd1e458d2f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:9e:54:f8:b0:41:8f:0d:8d:23:d5:f4:f2:
fb:bc:65:81:1a:d9:b2:61:80:1e:f9:14:ce:83:6f:
01:d4:ce:6b:83:8b:f8:25:11:cd:15:eb:be:51:96:
45:cc:a6:d3:fe:a6:e3:96:6e:4d:52:0b:ee:c4:81:
11:13:d4:bf:91:04:72:0f:90:37:fe:da:38:2f:25:
85:01:ee:9a:0f:99:ee:a9:db:e1:06:30:22:78:dd:
38:3e:fa:7a:07:93:8a:1b:f7:13:6f:da:3e:de:37:
53:85:bf:23:7b:99:6f:bf:c2:2d:bb:42:8e:f8:43:
bf:52:24:02:84:2d:65:5d:16:21:6b:40:be:54:27:
15:95:bc:69:11:24:bb:22:53:e8:fd:e3:43:b6:6a:
4e:74:43:02:b3:91:97:c5:de:bf:5e:e5:06:6c:93:
b9:25:1a:20:82:80:f6:67:f8:1b:6e:82:1b:93:d8:
b8:97:af:a5:8f:f3:51:8b:95:93:42:41:44:d9:23:
ac:e5:53:81:49:b0:89:8c:6c:e1:33:74:92:6d:cf:
59:0d:86:e7:72:ad:98:66:31:61:83:a6:58:24:9a:
15:c6:b2:c0:00:e7:87:79:1a:97:5e:3c:ba:58:74:
26:28:50:9e:dd:bd:96:07:ca:4b:b1:77:8c:e9:51:
a2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:7E:D1:E1:1F:3D:C1:E7:C1:85:E8:22:25:CD:1E:45:8D:2F:4B
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:e1:12:64:07:31:b7:d6:94:2e:5e:d7:9b:9c:a0:2c:2d:d3:
3e:84:16:5c:b0:5b:82:f4:58:79:6a:1c:c9:4b:88:e6:c7:6c:
da:6a:2c:24:4d:fb:cf:35:94:0a:b5:f4:c5:e7:02:db:10:d9:
d6:35:5e:37:67:af:db:a6:97:f2:60:8e:f4:c7:8f:ca:87:eb:
bd:fb:88:f8:2d:11:98:16:e2:88:37:dc:56:49:2f:cf:4e:23:
bb:61:6c:1d:d4:89:cc:2a:48:6e:47:0a:b9:da:4b:af:e5:66:
5f:3f:1c:3a:12:0f:e4:25:1c:92:f0:2e:b6:14:37:ae:9b:24:
13:50:f1:24:bc:96:b2:71:01:27:74:1a:7f:c2:91:89:df:60:
ba:f5:fb:a5:cf:87:36:82:53:14:b1:c3:e7:eb:18:10:6d:0b:
52:74:82:84:20:9d:bb:90:75:8d:e1:03:1c:c1:95:f0:b7:4b:
2f:e4:85:34:e6:fc:32:20:26:f4:ed:b5:52:f5:40:42:44:29:
9e:10:8a:da:1e:9f:47:de:ff:37:7b:be:3d:03:ed:a1:7b:be:
16:79:81:74:4b:7a:b7:c3:b7:b5:4b:6c:bb:a2:d6:ec:4c:f4:
7b:f6:09:d1:b4:1f:00:fb:49:3d:be:dd:2f:c9:44:8e:28:13:
69:a2:55:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaOS5/XryTN6tlzZnYihJvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNTAyMDAwMDQyWhcNMjUwNTAzMDAwMDQyWjAzMTEwLwYDVQQD
EygzMTAyN2VkMWUxMWYzZGMxZTdjMTg1ZTgyMjI1Y2QxZTQ1OGQyZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlGeVPiwQY8NjSPV9PL7vGWBGtmy
YYAe+RTOg28B1M5rg4v4JRHNFeu+UZZFzKbT/qbjlm5NUgvuxIERE9S/kQRyD5A3
/to4LyWFAe6aD5nuqdvhBjAieN04Pvp6B5OKG/cTb9o+3jdThb8je5lvv8Itu0KO
+EO/UiQChC1lXRYha0C+VCcVlbxpESS7IlPo/eNDtmpOdEMCs5GXxd6/XuUGbJO5
JRoggoD2Z/gbboIbk9i4l6+lj/NRi5WTQkFE2SOs5VOBSbCJjGzhM3SSbc9ZDYbn
cq2YZjFhg6ZYJJoVxrLAAOeHeRqXXjy6WHQmKFCe3b2WB8pLsXeM6VGicQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDECftHhHz3B58GF6CIlzR5FjS9LMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+ESZAcx
t9aULl7Xm5ygLC3TPoQWXLBbgvRYeWocyUuI5sds2mosJE37zzWUCrX0xecC2xDZ
1jVeN2ev26aX8mCO9MePyofrvfuI+C0RmBbiiDfcVkkvz04ju2FsHdSJzCpIbkcK
udpLr+VmXz8cOhIP5CUckvAuthQ3rpskE1DxJLyWsnEBJ3Qaf8KRid9guvX7pc+H
NoJTFLHD5+sYEG0LUnSChCCdu5B1jeEDHMGV8LdLL+SFNOb8MiAm9O21UvVAQkQp
nhCK2h6fR97/N3u+PQPtoXu+FnmBdEt6t8O3tUtsu6LW7Ez0e/YJ0bQfAPtJPb7d
L8lEjigTaaJVVw==
-----END CERTIFICATE-----
Generated at Fri May 2 09:54:19 2025 by rpki-client