Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
File: sho_SvlKWA6557WFQqAISyHCsJs.mft (raw, json)
Hash identifier: ty+8fIsUwC1sskMqzgibKaH+5oop2Irh7wSiQ1ELlNk=
Subject key identifier: 40:EF:18:91:A0:B9:C8:A4:49:E7:4D:38:77:8E:04:04:30:1E:40:A3
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 0196BDEE3E807276AFE7DF4C9A4DDBAB64FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
Manifest number: 0612
Signing time: Sun 11 May 2025 06:00:29 +0000
Manifest this update: Sun 11 May 2025 06:00:29 +0000
Manifest next update: Mon 12 May 2025 06:00:29 +0000
Files and hashes: 1: UXRIjhO3UUO4YoZo2r0jseniB20.roa (hash: KSt+2WBEDCtsKI4qArbIQ4v7Y4cNWZ7oIb8Mm9wlcS0=)
2: sho_SvlKWA6557WFQqAISyHCsJs.crl (hash: +m/BLKMW81bAi/4OzUcFkyl3+5s903qmIEj8N6KgVvo=)
3: ygg1jPU11rM4AgPA_fHJm1HIbDA.roa (hash: bQEdp6E9utyQGzeJGQwHEXnTvCFMaSrhkRZ3o6gqExk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 06:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:ee:3e:80:72:76:af:e7:df:4c:9a:4d:db:ab:64:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: May 11 06:00:29 2025 GMT
Not After : May 12 06:00:29 2025 GMT
Subject: CN=40ef1891a0b9c8a449e74d38778e0404301e40a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:59:99:48:6b:6b:31:b0:34:3e:3e:e8:3c:ae:
95:22:c9:77:b9:35:df:a2:a2:a4:a0:36:93:3f:59:
ee:e9:0d:b7:ae:5e:d1:5d:50:01:24:d5:e3:82:23:
30:23:f6:95:59:49:d7:95:16:41:04:63:55:87:c3:
af:1c:46:16:df:60:da:81:3d:c6:0f:09:58:26:a2:
22:35:ef:5e:84:46:fa:47:d2:14:a3:bc:48:c7:85:
6e:73:81:f9:60:53:19:94:8d:50:7d:d8:38:57:e5:
b1:5a:3a:8e:01:1c:df:cc:7f:62:4c:e5:39:05:c9:
a4:4c:8d:90:db:89:e3:3b:cc:95:82:09:65:cb:8a:
37:87:28:c1:cc:db:b4:13:5b:0a:9a:43:22:e7:f8:
04:7a:83:4c:9b:1f:57:35:60:0d:ee:33:3a:ad:91:
d8:b7:0f:c6:9b:b0:7f:ea:28:a1:af:b6:23:c0:18:
6d:2e:15:36:09:60:ec:ec:7f:5f:ec:cd:29:ba:1a:
41:34:ef:fa:1e:75:1b:fd:58:09:c7:af:f0:ec:fb:
39:64:d3:c6:e9:78:ae:30:25:c0:3f:53:8f:58:a4:
31:96:39:7a:b6:16:bd:b8:e9:5a:1f:f2:41:e4:59:
60:13:6b:1b:14:6d:79:bc:a8:0f:16:1a:3d:4a:78:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EF:18:91:A0:B9:C8:A4:49:E7:4D:38:77:8E:04:04:30:1E:40:A3
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
dd:e4:a7:0d:ce:c0:96:1a:9d:05:c4:8c:bb:a6:38:ef:b8:00:
34:de:17:dd:8d:3a:2e:6b:b7:67:9b:96:3b:7b:db:b5:cd:cb:
c5:d1:1e:e2:e3:2f:f1:9d:8c:6a:48:bf:13:0f:f7:41:d2:14:
c6:a6:ae:6d:50:6a:0d:5d:98:cc:14:4c:3b:b7:00:2a:1d:cf:
8d:22:6d:7e:c1:70:44:d3:d6:e5:c4:80:ff:f8:b8:a4:c9:51:
0a:36:cf:f9:db:74:0a:67:e7:69:18:b8:8b:b9:c2:28:d1:ca:
bc:55:27:c9:76:53:80:b6:9e:fb:6b:10:cd:e4:55:02:72:d7:
78:62:d7:35:0e:89:ff:47:86:b8:59:5f:09:29:47:6b:c0:9a:
02:4e:6c:8b:20:48:38:d3:82:43:8d:26:19:be:61:37:0e:23:
c1:d0:9c:74:5a:a9:a3:57:0b:7e:a8:b5:53:c0:64:05:e8:b5:
4f:d2:c8:e7:2f:2d:1c:38:7c:2b:72:3b:bb:5d:1d:9d:36:38:
88:22:96:42:5d:4c:fa:b8:a9:d6:77:6d:db:70:1b:b7:68:47:
0b:6c:72:c1:20:98:f3:1e:dd:bc:90:5c:b5:13:75:0c:3c:dd:
93:bd:d9:92:1f:2a:0d:bc:9a:43:80:9a:c8:56:fd:6b:09:78:
22:67:ac:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97j6Acnav599Mmk3bq2T7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjUwNTExMDYwMDI5WhcNMjUwNTEyMDYwMDI5WjAzMTEwLwYDVQQD
Eyg0MGVmMTg5MWEwYjljOGE0NDllNzRkMzg3NzhlMDQwNDMwMWU0MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01mZSGtrMbA0Pj7oPK6VIsl3uTXf
oqKkoDaTP1nu6Q23rl7RXVABJNXjgiMwI/aVWUnXlRZBBGNVh8OvHEYW32DagT3G
DwlYJqIiNe9ehEb6R9IUo7xIx4Vuc4H5YFMZlI1Qfdg4V+WxWjqOARzfzH9iTOU5
BcmkTI2Q24njO8yVgglly4o3hyjBzNu0E1sKmkMi5/gEeoNMmx9XNWAN7jM6rZHY
tw/Gm7B/6iihr7YjwBhtLhU2CWDs7H9f7M0puhpBNO/6HnUb/VgJx6/w7Ps5ZNPG
6XiuMCXAP1OPWKQxljl6tha9uOlaH/JB5FlgE2sbFG15vKgPFho9SniTDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDvGJGgucikSedNOHeOBAQwHkCjMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3eSnDc7A
lhqdBcSMu6Y477gANN4X3Y06Lmu3Z5uWO3vbtc3LxdEe4uMv8Z2Maki/Ew/3QdIU
xqaubVBqDV2YzBRMO7cAKh3PjSJtfsFwRNPW5cSA//i4pMlRCjbP+dt0CmfnaRi4
i7nCKNHKvFUnyXZTgLae+2sQzeRVAnLXeGLXNQ6J/0eGuFlfCSlHa8CaAk5siyBI
ONOCQ40mGb5hNw4jwdCcdFqpo1cLfqi1U8BkBei1T9LI5y8tHDh8K3I7u10dnTY4
iCKWQl1M+rip1ndt23Abt2hHC2xywSCY8x7dvJBctRN1DDzdk73Zkh8qDbyaQ4Ca
yFb9awl4ImesIg==
-----END CERTIFICATE-----
Generated at Sun May 11 16:45:56 2025 by rpki-client