Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
File: NHkVOIV45h2IaEmiHXC6B1FJwaE.mft (raw, json)
Hash identifier: 3/A3tGAK1avDLSBfAVxYk3frRxaXC03mSSpKr34a7ok=
Subject key identifier: 49:7A:36:73:C5:A0:E7:B8:AA:06:08:F5:72:CF:21:32:7B:DF:E7:5C
Authority key identifier: 34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
Certificate issuer: /CN=347915388578e61d886849a21d70ba075149c1a1
Certificate serial: 0196C53A8236149FF520A6A68F85564C79F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
Manifest number: 0AC4
Signing time: Mon 12 May 2025 16:01:07 +0000
Manifest this update: Mon 12 May 2025 16:01:07 +0000
Manifest next update: Tue 13 May 2025 16:01:07 +0000
Files and hashes: 1: NHkVOIV45h2IaEmiHXC6B1FJwaE.crl (hash: sEfb0X9ENFNqZb3v2Ze9dqN277O1waqPMdtL0z+y1cM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:3a:82:36:14:9f:f5:20:a6:a6:8f:85:56:4c:79:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347915388578e61d886849a21d70ba075149c1a1
Validity
Not Before: May 12 16:01:07 2025 GMT
Not After : May 13 16:01:07 2025 GMT
Subject: CN=497a3673c5a0e7b8aa0608f572cf21327bdfe75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:71:32:b5:ab:8f:0f:76:22:93:7a:81:b0:2c:
f8:da:45:f8:2e:7b:91:0d:e5:b6:6c:d2:5e:fe:5b:
1b:a1:df:62:bf:93:6c:a5:a1:c4:97:4b:8b:87:1f:
7e:ae:d0:6c:e2:4c:b6:4b:71:69:11:ff:67:8e:c2:
7f:5d:08:ba:46:ed:8b:98:e1:f2:d2:64:f6:1a:d0:
82:92:14:6e:a6:61:b6:71:0d:9c:57:76:eb:8e:83:
66:bc:01:54:40:8a:1b:d2:78:aa:fa:57:c4:b8:dd:
d2:00:63:44:60:d9:c9:1c:a9:ae:0b:93:90:04:ce:
d0:7e:9b:e6:83:d0:46:6a:6c:ab:c8:db:a9:6d:8b:
6a:11:4f:cf:05:bc:aa:a0:7c:78:42:8e:7f:94:27:
fa:53:6a:3c:1c:ea:b9:10:d4:46:52:d5:21:a3:c5:
b8:7c:7d:db:72:01:4a:88:cf:a5:ca:35:7b:27:d9:
f1:d8:a6:40:6a:c0:21:14:ff:24:9e:ef:12:20:20:
73:35:10:e7:58:75:14:f6:81:57:3a:c4:21:e6:d1:
89:ef:ba:ed:d1:89:2a:96:2e:b0:08:b6:89:d8:13:
8c:d9:7b:5e:94:06:d4:fc:3d:ec:a5:82:16:f8:a6:
f5:c0:38:10:5d:bf:57:bf:62:be:b8:82:fc:af:8e:
ec:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7A:36:73:C5:A0:E7:B8:AA:06:08:F5:72:CF:21:32:7B:DF:E7:5C
X509v3 Authority Key Identifier:
keyid:34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:1d:9c:c4:b6:97:b5:82:1e:61:b7:42:fc:0a:78:22:58:a8:
d8:3e:02:58:61:df:d0:35:94:56:8c:bb:94:44:2e:70:cb:d5:
a5:34:06:f6:8c:ab:8a:73:18:f4:4f:44:b8:3d:36:6f:41:9b:
f7:e0:88:8f:6b:43:81:e8:23:52:c0:6d:01:eb:cb:e1:b2:3e:
87:81:ff:f8:f9:d8:d4:ff:7c:4f:27:95:ec:67:b1:35:44:f3:
43:fc:4f:b5:1c:93:41:67:2e:4b:59:b9:c3:44:dc:5c:41:5c:
2b:fa:d3:73:f4:72:17:2a:e0:6e:6b:05:2f:7a:64:87:7a:4f:
a3:7f:22:fe:a3:3d:dd:f3:b7:7e:cb:a7:79:c6:7a:1e:c1:0f:
eb:3e:4d:61:a0:36:97:53:59:87:a6:26:db:0b:7e:f4:4f:be:
b9:37:fa:d0:22:23:f8:5e:9f:fb:ad:dd:f1:76:38:d1:d9:3e:
50:75:fb:f6:76:3f:2e:b4:7a:56:21:9e:c2:bd:73:3b:94:00:
26:dc:25:21:de:b8:fe:82:6e:ad:6a:80:ad:57:ad:11:9d:89:
db:4c:76:b2:c9:cf:ef:83:ba:e4:f5:2b:04:f8:f1:d7:49:15:
64:ab:48:39:23:c9:c0:09:b2:75:25:ff:f2:55:13:f2:d4:ac:
a2:77:b2:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOoI2FJ/1IKamj4VWTHn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzkxNTM4ODU3OGU2MWQ4ODY4NDlhMjFkNzBiYTA3NTE0
OWMxYTEwHhcNMjUwNTEyMTYwMTA3WhcNMjUwNTEzMTYwMTA3WjAzMTEwLwYDVQQD
Eyg0OTdhMzY3M2M1YTBlN2I4YWEwNjA4ZjU3MmNmMjEzMjdiZGZlNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XEytauPD3Yik3qBsCz42kX4LnuR
DeW2bNJe/lsbod9iv5NspaHEl0uLhx9+rtBs4ky2S3FpEf9njsJ/XQi6Ru2LmOHy
0mT2GtCCkhRupmG2cQ2cV3brjoNmvAFUQIob0niq+lfEuN3SAGNEYNnJHKmuC5OQ
BM7Qfpvmg9BGamyryNupbYtqEU/PBbyqoHx4Qo5/lCf6U2o8HOq5ENRGUtUho8W4
fH3bcgFKiM+lyjV7J9nx2KZAasAhFP8knu8SICBzNRDnWHUU9oFXOsQh5tGJ77rt
0Ykqli6wCLaJ2BOM2XtelAbU/D3spYIW+Kb1wDgQXb9Xv2K+uIL8r47sTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEl6NnPFoOe4qgYI9XLPITJ73+dcMB8GA1UdIwQY
MBaAFDR5FTiFeOYdiGhJoh1wugdRScGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzkt
ODJkOTdjMDY5NTY2LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzktODJkOTdjMDY5NTY2
LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArB2cxLaX
tYIeYbdC/Ap4Ilio2D4CWGHf0DWUVoy7lEQucMvVpTQG9oyrinMY9E9EuD02b0Gb
9+CIj2tDgegjUsBtAevL4bI+h4H/+PnY1P98TyeV7GexNUTzQ/xPtRyTQWcuS1m5
w0TcXEFcK/rTc/RyFyrgbmsFL3pkh3pPo38i/qM93fO3fsunecZ6HsEP6z5NYaA2
l1NZh6Ym2wt+9E++uTf60CIj+F6f+63d8XY40dk+UHX79nY/LrR6ViGewr1zO5QA
JtwlId64/oJurWqArVetEZ2J20x2ssnP74O65PUrBPjx10kVZKtIOSPJwAmydSX/
8lUT8tSsoney+Q==
-----END CERTIFICATE-----
Generated at Mon May 12 21:37:21 2025 by rpki-client