Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: VncCXBKNEXxI+cNF1ZFJ1CkQTxx4TS1AmG9fYV/Izjo=
Subject key identifier: 8A:1B:AB:5C:EE:2E:34:FC:67:F6:46:2D:CC:AE:EA:2F:36:B0:A9:CF
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0196846CBB09F57D9D77B0703A37DA544FF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 04E3
Signing time: Wed 30 Apr 2025 02:00:40 +0000
Manifest this update: Wed 30 Apr 2025 02:00:40 +0000
Manifest next update: Thu 01 May 2025 02:00:40 +0000
Files and hashes: 1: DKCys4KRYdnrGXDLl1nVf9nVmRA.roa (hash: IaLK2xfRNIne0nZPaZ2/jfh45tolOprh7fcjo3irVI8=)
2: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: hTrGxlNZyvFTqgDw88aZqKQnyCgvZjlqr9PLW50AWv8=)
3: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:84:6c:bb:09:f5:7d:9d:77:b0:70:3a:37:da:54:4f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Apr 30 02:00:40 2025 GMT
Not After : May 1 02:00:40 2025 GMT
Subject: CN=8a1bab5cee2e34fc67f6462dccaeea2f36b0a9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:54:f8:2d:49:5f:5e:cb:d0:b4:67:1c:ca:bf:
4a:b9:82:dd:b0:25:3d:63:1d:b9:28:66:5e:fd:fa:
d1:84:48:00:fb:75:57:79:e0:f5:3a:5f:ed:c5:e8:
82:36:29:b2:6b:8a:bc:a9:24:17:4d:6e:52:da:92:
07:59:4f:c4:10:dd:ee:68:1d:0f:45:72:72:fe:d6:
f7:7e:2d:e7:63:ef:58:23:62:7d:02:72:87:7c:87:
18:ab:bd:50:82:87:40:ba:88:99:f7:4a:30:62:3f:
05:b6:04:f5:2d:72:be:39:bc:1f:5c:5a:aa:a6:97:
b7:2b:86:bb:8b:9f:6b:eb:d8:f7:2b:1f:e5:14:c6:
b9:7a:91:0c:cf:98:f0:d9:f0:bb:38:cb:15:50:a5:
41:6b:58:d2:b0:fa:a3:1d:58:57:97:ad:dc:5f:7a:
13:57:aa:e0:b3:6d:04:45:13:28:06:9d:0b:df:52:
d3:45:04:25:ff:f8:0d:3d:0a:3d:ba:e1:5e:04:ef:
dc:e1:1f:23:6c:4d:66:06:85:95:cb:d5:ca:13:96:
9d:f5:1e:53:d8:6d:03:7f:be:6a:42:0e:b4:73:9e:
1a:88:a4:b7:42:27:3c:bb:8c:50:94:21:2c:5e:21:
34:30:71:df:d5:50:60:1f:ca:44:19:66:2a:90:2a:
d4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1B:AB:5C:EE:2E:34:FC:67:F6:46:2D:CC:AE:EA:2F:36:B0:A9:CF
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:cd:58:45:24:71:cd:87:f1:ce:80:53:74:6c:6b:0a:81:bb:
fc:e5:9b:3e:76:c5:e3:26:3a:e0:56:6a:48:af:df:f6:f1:c8:
1c:1e:8a:06:d4:07:33:a5:fe:1d:26:f1:d9:58:7a:33:c3:dd:
b4:ac:6c:cd:d5:a7:aa:5a:63:bd:20:3f:5b:2e:98:c2:7c:f7:
af:91:f9:95:d2:bb:ed:38:f1:04:25:37:72:92:9a:bf:30:68:
7d:98:86:f0:f1:3f:c1:1a:be:9c:8f:68:53:4d:db:35:fb:f5:
84:8b:5f:4d:1b:a6:20:24:2d:6c:21:86:45:d2:89:ab:8f:56:
8d:38:7e:5c:84:9e:58:7c:f9:4b:2f:72:f5:b1:de:4d:88:86:
73:a8:26:c5:da:8b:90:a0:07:cf:b4:2b:d0:5c:56:4d:22:0e:
82:42:7e:7a:be:73:ab:2f:8a:44:59:37:d2:68:2e:f1:64:78:
d0:82:81:8c:01:52:9c:07:a7:7c:24:a1:d3:45:44:5d:10:2e:
ca:3a:35:5b:b8:df:e3:b4:ce:eb:37:d0:6c:ed:9a:aa:7d:5b:
3d:a3:b3:43:2a:22:34:7d:34:5f:da:5a:ac:ca:a5:fd:a1:8e:
64:43:af:67:3c:17:3d:6a:b5:a5:3c:56:ec:d3:19:17:48:e0:
0a:f6:50:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaEbLsJ9X2dd7BwOjfaVE/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwNDMwMDIwMDQwWhcNMjUwNTAxMDIwMDQwWjAzMTEwLwYDVQQD
Eyg4YTFiYWI1Y2VlMmUzNGZjNjdmNjQ2MmRjY2FlZWEyZjM2YjBhOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVT4LUlfXsvQtGccyr9KuYLdsCU9
Yx25KGZe/frRhEgA+3VXeeD1Ol/txeiCNimya4q8qSQXTW5S2pIHWU/EEN3uaB0P
RXJy/tb3fi3nY+9YI2J9AnKHfIcYq71QgodAuoiZ90owYj8FtgT1LXK+ObwfXFqq
ppe3K4a7i59r69j3Kx/lFMa5epEMz5jw2fC7OMsVUKVBa1jSsPqjHVhXl63cX3oT
V6rgs20ERRMoBp0L31LTRQQl//gNPQo9uuFeBO/c4R8jbE1mBoWVy9XKE5ad9R5T
2G0Df75qQg60c54aiKS3Qic8u4xQlCEsXiE0MHHf1VBgH8pEGWYqkCrUGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIobq1zuLjT8Z/ZGLcyu6i82sKnPMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWM1YRSRx
zYfxzoBTdGxrCoG7/OWbPnbF4yY64FZqSK/f9vHIHB6KBtQHM6X+HSbx2Vh6M8Pd
tKxszdWnqlpjvSA/Wy6Ywnz3r5H5ldK77TjxBCU3cpKavzBofZiG8PE/wRq+nI9o
U03bNfv1hItfTRumICQtbCGGRdKJq49WjTh+XISeWHz5Sy9y9bHeTYiGc6gmxdqL
kKAHz7Qr0FxWTSIOgkJ+er5zqy+KRFk30mgu8WR40IKBjAFSnAenfCSh00VEXRAu
yjo1W7jf47TO6zfQbO2aqn1bPaOzQyoiNH00X9parMql/aGOZEOvZzwXPWq1pTxW
7NMZF0jgCvZQcA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:41:40 2025 by rpki-client