Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier: 41un3OKBiud1k4Bv7GTL8xemN3cEkZnhRqDIbQdaMp0=
Subject key identifier: AA:95:10:21:5E:1F:27:2B:62:F7:22:11:FD:9C:E6:D4:3C:DF:67:80
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial: 01967C453C24A9B05BC31111E29F655A129F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number: 0DD7
Signing time: Mon 28 Apr 2025 12:00:34 +0000
Manifest this update: Mon 28 Apr 2025 12:00:34 +0000
Manifest next update: Tue 29 Apr 2025 12:00:34 +0000
Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: vLIq1ljvRoQfn9yiAYygxqGXR3CPZf0enj6hoTHEY4E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:45:3c:24:a9:b0:5b:c3:11:11:e2:9f:65:5a:12:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
Validity
Not Before: Apr 28 12:00:34 2025 GMT
Not After : Apr 29 12:00:34 2025 GMT
Subject: CN=aa9510215e1f272b62f72211fd9ce6d43cdf6780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c7:2f:80:d7:c5:e3:04:5c:dc:6c:a5:73:50:
79:38:bf:70:13:4f:95:89:88:7a:72:de:0b:4e:64:
e6:f6:ec:fe:b1:15:ca:63:54:08:95:d9:18:b0:e0:
3e:90:76:85:d9:e1:bc:6e:ff:bd:2f:40:93:d1:c0:
f5:d7:58:eb:e9:ad:27:57:f5:ec:32:63:2d:c5:62:
9e:60:03:92:4e:69:a9:6f:fc:06:6a:a9:b4:ee:30:
5c:80:2b:fd:e2:ae:3b:38:ad:80:bb:dc:4c:d4:1f:
e6:9a:1f:3c:ef:b3:bf:32:e5:64:22:57:ec:e0:dc:
3e:b4:47:e3:32:17:87:1f:4b:52:37:61:df:26:62:
2f:60:2d:f0:78:24:34:f3:eb:b9:41:2e:56:f3:c4:
e3:55:27:7f:59:b7:d7:e6:85:bd:f2:fb:8e:f4:76:
03:78:39:3f:1a:81:bc:d4:7b:9d:02:80:61:e6:1a:
26:08:88:e7:8e:d5:f3:06:14:0b:44:73:21:53:3f:
1e:e6:43:01:29:e2:22:dc:a8:54:06:22:e8:c7:2b:
0b:96:87:44:72:09:1b:5e:e9:cb:49:b4:84:34:3b:
ff:d3:0b:6a:07:3e:e8:de:be:f9:97:e3:9f:27:ef:
bc:00:3c:ac:43:a2:3b:9c:8f:43:91:70:84:c9:ee:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:95:10:21:5E:1F:27:2B:62:F7:22:11:FD:9C:E6:D4:3C:DF:67:80
X509v3 Authority Key Identifier:
keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:09:5e:e3:5b:f9:cb:5d:19:63:24:1a:b0:b5:05:6a:34:1b:
f7:63:aa:09:b5:ec:5a:ba:d4:18:5c:9a:90:67:98:e3:51:56:
c2:0c:7d:87:34:a5:7e:8f:f0:af:a4:c8:aa:07:1c:0a:6b:fb:
52:25:0b:cb:aa:48:35:7b:7d:94:04:8c:6c:de:0b:41:00:6c:
f2:bc:d6:16:28:17:13:69:66:b0:be:fd:28:4b:2c:c2:5f:d0:
a0:d6:88:8c:70:3d:04:87:78:71:c8:57:98:cc:61:01:5d:c2:
9d:05:b9:54:be:97:a6:44:1a:46:4f:75:96:54:2e:01:76:87:
0a:e4:90:9e:5f:2a:e7:fd:2d:2d:5f:f7:45:65:8f:f8:bf:f8:
0f:ab:a8:97:d6:41:99:36:5d:13:f4:23:15:b2:8d:e8:fe:c6:
aa:32:b5:99:e4:72:bf:c1:00:84:16:3d:8f:84:46:27:2c:0e:
91:07:29:4a:a7:57:b5:39:a0:3e:66:cb:c6:2a:d0:7a:15:9f:
b1:33:32:d4:82:ef:9f:8a:c1:fd:d5:cd:46:da:19:83:df:64:
56:43:ea:ea:8f:7e:a5:ea:9d:c5:2f:b1:53:30:26:2d:a4:ed:
56:31:f5:cc:6f:99:0c:ed:a6:f0:76:89:7b:cf:2e:dc:0d:3a:
c1:0d:fe:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8RTwkqbBbwxER4p9lWhKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjUwNDI4MTIwMDM0WhcNMjUwNDI5MTIwMDM0WjAzMTEwLwYDVQQD
EyhhYTk1MTAyMTVlMWYyNzJiNjJmNzIyMTFmZDljZTZkNDNjZGY2NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6McvgNfF4wRc3Gylc1B5OL9wE0+V
iYh6ct4LTmTm9uz+sRXKY1QIldkYsOA+kHaF2eG8bv+9L0CT0cD111jr6a0nV/Xs
MmMtxWKeYAOSTmmpb/wGaqm07jBcgCv94q47OK2Au9xM1B/mmh8877O/MuVkIlfs
4Nw+tEfjMheHH0tSN2HfJmIvYC3weCQ08+u5QS5W88TjVSd/WbfX5oW98vuO9HYD
eDk/GoG81HudAoBh5homCIjnjtXzBhQLRHMhUz8e5kMBKeIi3KhUBiLoxysLlodE
cgkbXunLSbSENDv/0wtqBz7o3r75l+OfJ++8ADysQ6I7nI9DkXCEye7yIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqVECFeHycrYvciEf2c5tQ832eAMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjQle41v5
y10ZYyQasLUFajQb92OqCbXsWrrUGFyakGeY41FWwgx9hzSlfo/wr6TIqgccCmv7
UiULy6pINXt9lASMbN4LQQBs8rzWFigXE2lmsL79KEsswl/QoNaIjHA9BId4cchX
mMxhAV3CnQW5VL6XpkQaRk91llQuAXaHCuSQnl8q5/0tLV/3RWWP+L/4D6uol9ZB
mTZdE/QjFbKN6P7GqjK1meRyv8EAhBY9j4RGJywOkQcpSqdXtTmgPmbLxirQehWf
sTMy1ILvn4rB/dXNRtoZg99kVkPq6o9+peqdxS+xUzAmLaTtVjH1zG+ZDO2m8HaJ
e88u3A06wQ3+Ew==
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:48:24 2025 by rpki-client