Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: pGHyAA06UZojFtWczZ6F+pe1hGZtLLGhz6D5/pX+Vlw=
Subject key identifier: 67:CF:35:FD:7E:22:89:86:C1:33:24:77:6C:62:83:06:EB:7B:95:02
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 0196BA7F7C405BE2DFEC1DCF9B90AE469A0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 09D7
Signing time: Sat 10 May 2025 14:00:39 +0000
Manifest this update: Sat 10 May 2025 14:00:39 +0000
Manifest next update: Sun 11 May 2025 14:00:39 +0000
Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=)
2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: 6VYrjexal8rnchCtS4HIiF80WBa5BlBCZ9GdydyXwRU=)
3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:7f:7c:40:5b:e2:df:ec:1d:cf:9b:90:ae:46:9a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: May 10 14:00:39 2025 GMT
Not After : May 11 14:00:39 2025 GMT
Subject: CN=67cf35fd7e228986c13324776c628306eb7b9502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:47:7b:67:8b:d7:fc:af:46:89:0c:8c:59:
b5:66:02:1c:56:ad:23:2d:99:63:12:38:a4:6e:32:
ce:7e:31:0e:20:ea:3b:a9:f3:7d:09:2d:e7:7b:46:
60:fc:e9:89:4c:8f:38:a3:07:c7:00:6b:ae:50:06:
63:2b:e9:35:3c:85:c8:53:8a:06:db:bb:17:25:db:
72:cc:b7:33:22:5f:21:4c:f7:f6:94:bb:b7:d2:e3:
8c:2f:5f:80:db:4f:94:d4:41:03:71:dc:a5:98:9f:
40:3d:f9:6c:51:4e:aa:7a:97:11:4f:cc:31:e7:68:
14:26:e9:de:7b:98:2e:54:6d:35:9a:67:ca:3b:81:
e6:34:85:d8:9b:f3:8e:04:4b:8d:b5:aa:01:28:8a:
27:24:3f:3d:c5:bb:12:e7:08:8c:ef:f1:1d:90:57:
83:c0:4d:1c:dd:eb:c0:2c:65:58:be:6f:b4:a1:55:
ae:63:54:b4:ef:0c:cd:41:8c:dd:e9:c7:e1:14:70:
9a:f7:3e:41:35:ca:36:4e:8f:d1:5b:33:2e:a4:e2:
32:1a:b3:bd:a7:06:45:74:4b:9d:8f:df:3c:46:0e:
3d:47:d6:56:b7:d4:e1:5b:f4:40:9d:ed:b7:24:cb:
38:34:f5:0e:d8:a7:57:f4:b2:e9:30:33:42:d0:67:
81:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CF:35:FD:7E:22:89:86:C1:33:24:77:6C:62:83:06:EB:7B:95:02
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:3f:a7:22:da:4f:e3:eb:47:eb:59:f1:7d:a0:59:70:ec:62:
fd:8e:b7:73:7d:7b:40:d0:5a:01:47:a6:5a:51:d5:19:c5:9f:
a9:03:dc:7c:5f:96:f7:80:4c:09:40:f6:f8:aa:c0:2b:a2:b5:
cc:99:97:66:73:e4:e8:55:4b:e1:88:de:49:07:0b:0e:d3:46:
4b:01:35:af:01:fa:99:40:41:35:75:ff:df:4a:88:65:02:a1:
cf:aa:c1:87:25:d8:59:8b:8a:9f:ea:34:1c:08:00:f1:f3:bc:
ef:06:a2:db:a3:b2:fb:5b:30:bf:ca:5b:ea:a1:01:b8:ff:e7:
b9:d9:e1:68:e8:58:b1:78:36:17:47:22:49:cb:0b:8e:62:06:
d1:ba:17:df:01:8b:9a:9b:84:70:ed:20:30:c2:ed:41:56:e3:
c9:c3:ed:4b:3b:7c:5e:52:6a:23:f2:f1:7d:71:20:c2:f0:fe:
17:d2:a4:bc:63:16:95:55:a0:40:c6:8a:af:d9:40:3e:ca:68:
af:73:37:11:aa:ac:4a:67:72:73:f2:7a:fb:a9:7a:bb:80:85:
88:6d:14:4f:83:ae:ac:76:17:80:9d:10:e2:54:c2:9d:8f:18:
b6:47:52:5d:97:99:13:5f:22:18:2d:e5:a6:8b:08:fe:49:a8:
57:ec:9d:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6f3xAW+Lf7B3Pm5CuRpoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjUwNTEwMTQwMDM5WhcNMjUwNTExMTQwMDM5WjAzMTEwLwYDVQQD
Eyg2N2NmMzVmZDdlMjI4OTg2YzEzMzI0Nzc2YzYyODMwNmViN2I5NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoRHe2eL1/yvRokMjFm1ZgIcVq0j
LZljEjikbjLOfjEOIOo7qfN9CS3ne0Zg/OmJTI84owfHAGuuUAZjK+k1PIXIU4oG
27sXJdtyzLczIl8hTPf2lLu30uOML1+A20+U1EEDcdylmJ9APflsUU6qepcRT8wx
52gUJunee5guVG01mmfKO4HmNIXYm/OOBEuNtaoBKIonJD89xbsS5wiM7/EdkFeD
wE0c3evALGVYvm+0oVWuY1S07wzNQYzd6cfhFHCa9z5BNco2To/RWzMupOIyGrO9
pwZFdEudj988Rg49R9ZWt9ThW/RAne23JMs4NPUO2KdX9LLpMDNC0GeBpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfPNf1+IomGwTMkd2xigwbre5UCMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaj+nItpP
4+tH61nxfaBZcOxi/Y63c317QNBaAUemWlHVGcWfqQPcfF+W94BMCUD2+KrAK6K1
zJmXZnPk6FVL4YjeSQcLDtNGSwE1rwH6mUBBNXX/30qIZQKhz6rBhyXYWYuKn+o0
HAgA8fO87wai26Oy+1swv8pb6qEBuP/nudnhaOhYsXg2F0ciScsLjmIG0boX3wGL
mpuEcO0gMMLtQVbjycPtSzt8XlJqI/LxfXEgwvD+F9KkvGMWlVWgQMaKr9lAPspo
r3M3EaqsSmdyc/J6+6l6u4CFiG0UT4OurHYXgJ0Q4lTCnY8YtkdSXZeZE18iGC3l
posI/kmoV+ydoQ==
-----END CERTIFICATE-----
Generated at Sat May 10 18:21:37 2025 by rpki-client