Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: +ar8R7o1f+EgmtHVw1caP1WJJKAgmvAE/Nfy5216W/o=
Subject key identifier: 21:9E:9A:48:1E:2F:CC:0B:2C:19:AA:D7:F2:81:F3:20:24:D5:89:64
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 0196B032E58295E8542793D89E65B82784C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 152F
Signing time: Thu 08 May 2025 14:00:47 +0000
Manifest this update: Thu 08 May 2025 14:00:47 +0000
Manifest next update: Fri 09 May 2025 14:00:47 +0000
Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: J4fq41AB9XiBKd0w1utVMf+LZtWHZRWSxY/7C29zEZE=)
2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 14:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b0:32:e5:82:95:e8:54:27:93:d8:9e:65:b8:27:84:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: May 8 14:00:47 2025 GMT
Not After : May 9 14:00:47 2025 GMT
Subject: CN=219e9a481e2fcc0b2c19aad7f281f32024d58964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:94:37:e0:4b:7e:4a:20:84:e9:af:fb:fd:71:
7f:fe:de:a5:bf:04:a7:09:83:c3:ad:e7:e9:62:a9:
05:ad:b2:2b:8a:84:c2:a2:7a:cc:ec:62:b1:1e:04:
62:5d:ad:44:78:b1:72:27:5e:df:49:8b:62:5b:7a:
b4:be:45:29:47:0b:6c:61:b2:6f:c3:48:4c:2b:0a:
80:16:fd:1b:2e:a9:b5:3f:19:76:45:d1:74:1c:d4:
8d:a5:d2:8e:e8:d3:06:97:c6:d0:c5:d1:8d:3d:06:
fc:be:8f:1c:6b:14:f9:27:eb:cd:df:3a:fb:c6:4b:
cf:1f:7b:28:c1:7e:59:6b:76:47:2d:af:a3:c9:22:
43:d9:ba:74:c3:16:92:62:81:7d:c6:9c:d9:1d:4f:
d3:e9:fd:51:66:56:76:77:42:94:8b:17:7c:e4:c1:
0a:0f:f2:68:6b:d0:61:32:9a:6a:56:71:7d:28:a5:
2f:8c:8a:76:0a:4a:f4:67:53:7f:4e:dd:e2:da:4e:
9e:e4:ae:17:ad:fc:48:0a:72:a2:8b:ee:07:9a:45:
78:08:62:30:f8:7c:a5:5c:d0:c4:b5:39:eb:70:5a:
fb:2a:be:7a:66:8e:2c:e4:01:44:7f:7b:28:59:d3:
e0:05:ce:2b:aa:a4:0f:64:ed:1d:bc:42:0e:e3:d4:
af:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9E:9A:48:1E:2F:CC:0B:2C:19:AA:D7:F2:81:F3:20:24:D5:89:64
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:60:a8:61:65:66:16:61:c9:28:ba:ae:88:6c:e7:de:13:42:
a9:58:9a:17:da:9e:3f:be:ad:d4:ac:25:25:35:a2:07:50:b2:
b1:cd:07:af:f5:42:7e:5d:bd:ac:ae:2d:cf:62:42:f9:02:f1:
4b:ba:97:6f:30:f5:d1:ea:d1:aa:70:28:46:4f:46:e5:40:68:
b0:6e:f6:be:ed:e3:e2:8e:99:41:5d:88:9a:e5:91:60:aa:37:
fb:c5:e4:c1:42:ad:52:71:e4:36:2c:05:14:eb:31:2d:a6:79:
69:93:87:51:db:bf:cc:c7:5b:2c:b1:73:3f:48:6e:7b:77:02:
91:54:c9:bd:f4:a3:19:79:f0:3f:52:d9:7d:52:d3:7f:87:e7:
06:fb:b3:50:5f:46:38:97:2a:96:e4:ed:48:4b:ab:d0:ac:02:
24:88:ed:f3:c4:66:22:7d:9e:b1:5e:8c:20:3f:be:33:52:db:
09:4e:d8:f4:67:63:7f:26:01:a9:32:18:5d:7d:88:dc:59:b9:
f1:cd:7c:a3:1c:65:8d:bb:31:78:ee:dc:b1:27:a4:52:ac:59:
c6:aa:5c:c0:52:d9:53:76:69:d7:d0:d9:bd:71:e7:f8:3a:4c:
e4:5c:ab:51:f6:57:5a:b8:75:af:90:ef:d3:7d:3c:f3:50:9a:
ee:38:df:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZawMuWClehUJ5PYnmW4J4TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjUwNTA4MTQwMDQ3WhcNMjUwNTA5MTQwMDQ3WjAzMTEwLwYDVQQD
EygyMTllOWE0ODFlMmZjYzBiMmMxOWFhZDdmMjgxZjMyMDI0ZDU4OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pQ34Et+SiCE6a/7/XF//t6lvwSn
CYPDrefpYqkFrbIrioTConrM7GKxHgRiXa1EeLFyJ17fSYtiW3q0vkUpRwtsYbJv
w0hMKwqAFv0bLqm1Pxl2RdF0HNSNpdKO6NMGl8bQxdGNPQb8vo8caxT5J+vN3zr7
xkvPH3sowX5Za3ZHLa+jySJD2bp0wxaSYoF9xpzZHU/T6f1RZlZ2d0KUixd85MEK
D/Joa9BhMppqVnF9KKUvjIp2Ckr0Z1N/Tt3i2k6e5K4XrfxICnKii+4HmkV4CGIw
+HylXNDEtTnrcFr7Kr56Zo4s5AFEf3soWdPgBc4rqqQPZO0dvEIO49SvwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGemkgeL8wLLBmq1/KB8yAk1YlkMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGCoYWVm
FmHJKLquiGzn3hNCqViaF9qeP76t1KwlJTWiB1Cysc0Hr/VCfl29rK4tz2JC+QLx
S7qXbzD10erRqnAoRk9G5UBosG72vu3j4o6ZQV2ImuWRYKo3+8XkwUKtUnHkNiwF
FOsxLaZ5aZOHUdu/zMdbLLFzP0hue3cCkVTJvfSjGXnwP1LZfVLTf4fnBvuzUF9G
OJcqluTtSEur0KwCJIjt88RmIn2esV6MID++M1LbCU7Y9GdjfyYBqTIYXX2I3Fm5
8c18oxxljbsxeO7csSekUqxZxqpcwFLZU3Zp19DZvXHn+DpM5FyrUfZXWrh1r5Dv
030881Ca7jjfMg==
-----END CERTIFICATE-----
Generated at Thu May 8 19:05:47 2025 by rpki-client