Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: ky6CAZ/tv8TPsIOZKSGj+VjuSuIe5/LknJTP7kJ8wpM=
Subject key identifier: 8B:79:41:BD:EF:72:0D:86:51:AB:5B:0F:F9:49:CA:CE:14:6F:1C:EA
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019682EC2830887E387C68E81C3405E3A01F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 14A6
Signing time: Tue 29 Apr 2025 19:00:36 +0000
Manifest this update: Tue 29 Apr 2025 19:00:36 +0000
Manifest next update: Wed 30 Apr 2025 19:00:36 +0000
Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=)
2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=)
3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: 5P3uOjBnxO3T9QVaDuAxnEwMylzenxXuSW0KtegecfQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:ec:28:30:88:7e:38:7c:68:e8:1c:34:05:e3:a0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Apr 29 19:00:36 2025 GMT
Not After : Apr 30 19:00:36 2025 GMT
Subject: CN=8b7941bdef720d8651ab5b0ff949cace146f1cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e6:e6:6d:35:0e:f3:98:f1:17:73:66:ed:d1:
54:d7:48:5c:09:55:28:a2:6e:b1:74:bf:c2:a0:df:
cf:a7:ad:d2:42:ab:02:17:8e:b4:f4:3f:88:4f:a0:
ac:54:dd:b1:85:88:d0:9c:d0:57:a5:b7:e1:8f:b3:
1b:bd:66:2e:1b:7a:ae:79:d3:85:ae:8f:26:9e:dc:
3d:06:95:15:6e:6f:ed:12:d7:67:e5:71:53:14:87:
48:04:f0:00:8d:8d:d1:00:1a:a0:90:80:68:42:5d:
0c:7e:48:23:ad:6e:a0:19:87:89:81:3f:5d:2e:af:
94:1b:6b:ab:70:f1:23:51:9c:84:0b:75:17:ef:35:
2a:86:24:72:40:c2:42:a9:b5:f7:7c:ad:bc:db:11:
0d:03:43:06:85:db:8f:37:10:77:f9:25:2b:25:81:
9a:8b:dc:db:40:7d:cf:22:6c:b8:f9:61:e5:0b:1b:
d5:af:af:2f:0b:37:61:85:05:03:cb:22:fc:51:15:
6a:df:be:de:27:2c:c2:07:55:38:ef:b8:5f:0e:13:
81:c1:0d:be:a1:84:de:b0:e4:48:9c:f1:ab:1d:47:
ca:ee:9c:c6:9e:21:90:19:fd:db:c2:b4:87:53:f2:
34:39:60:0b:58:5a:69:49:26:c3:9f:9b:25:a9:a2:
9c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:79:41:BD:EF:72:0D:86:51:AB:5B:0F:F9:49:CA:CE:14:6F:1C:EA
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:e9:00:33:23:f2:6b:a4:98:59:48:bf:ff:a6:c9:2b:00:d8:
fd:50:9a:be:94:0a:58:d8:73:7b:34:3c:44:94:87:ee:b5:64:
df:6b:0b:e7:4a:8f:45:85:8d:87:a2:93:ff:94:b1:0d:fc:2d:
a0:1e:88:bf:ed:fa:d3:fa:aa:2b:3c:42:dc:52:48:bb:01:c6:
71:a9:bd:64:74:53:20:e1:7d:48:48:16:76:11:49:b8:6b:54:
09:69:f8:f6:c3:ef:81:0d:5b:ef:29:42:3d:de:ce:13:21:46:
bb:d3:61:4b:dd:2f:62:ee:a7:a6:ec:6b:ee:59:49:3c:83:f1:
13:fe:a3:0e:36:9b:8a:63:7a:e8:f4:5a:99:ea:5b:c3:63:7d:
1a:10:27:28:96:ec:58:a1:63:0a:35:b4:1e:1d:e0:dd:5f:02:
45:bc:05:5f:36:8b:eb:72:df:a2:b8:0e:aa:93:7a:a7:5b:1d:
1e:6a:9e:29:fd:68:f2:15:a0:92:37:bb:98:b8:3a:34:99:63:
4c:88:5c:a2:24:c5:f9:63:50:83:85:a8:25:3b:50:02:59:51:
0d:e0:cd:82:24:60:ed:72:ac:48:ca:50:8e:42:9d:c8:82:03:
c2:a7:21:d8:6e:f3:4d:f5:50:d8:d7:f3:d8:a5:e7:9f:e1:fb:
79:b1:0d:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaC7CgwiH44fGjoHDQF46AfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjUwNDI5MTkwMDM2WhcNMjUwNDMwMTkwMDM2WjAzMTEwLwYDVQQD
Eyg4Yjc5NDFiZGVmNzIwZDg2NTFhYjViMGZmOTQ5Y2FjZTE0NmYxY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+bmbTUO85jxF3Nm7dFU10hcCVUo
om6xdL/CoN/Pp63SQqsCF4609D+IT6CsVN2xhYjQnNBXpbfhj7MbvWYuG3quedOF
ro8mntw9BpUVbm/tEtdn5XFTFIdIBPAAjY3RABqgkIBoQl0MfkgjrW6gGYeJgT9d
Lq+UG2urcPEjUZyEC3UX7zUqhiRyQMJCqbX3fK282xENA0MGhduPNxB3+SUrJYGa
i9zbQH3PImy4+WHlCxvVr68vCzdhhQUDyyL8URVq377eJyzCB1U477hfDhOBwQ2+
oYTesORInPGrHUfK7pzGniGQGf3bwrSHU/I0OWALWFppSSbDn5slqaKc2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIt5Qb3vcg2GUatbD/lJys4UbxzqMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPukAMyPy
a6SYWUi//6bJKwDY/VCavpQKWNhzezQ8RJSH7rVk32sL50qPRYWNh6KT/5SxDfwt
oB6Iv+360/qqKzxC3FJIuwHGcam9ZHRTIOF9SEgWdhFJuGtUCWn49sPvgQ1b7ylC
Pd7OEyFGu9NhS90vYu6npuxr7llJPIPxE/6jDjabimN66PRamepbw2N9GhAnKJbs
WKFjCjW0Hh3g3V8CRbwFXzaL63LforgOqpN6p1sdHmqeKf1o8hWgkje7mLg6NJlj
TIhcoiTF+WNQg4WoJTtQAllRDeDNgiRg7XKsSMpQjkKdyIIDwqch2G7zTfVQ2Nfz
2KXnn+H7ebENuA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:21:11 2025 by rpki-client