Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
File: DUHQpubfLhjCVnMjaNbnaCiTExA.mft (raw, json)
Hash identifier: rEOuCCUF9P0a24IaL6TaFjrmNeUDLNR3X/vqwgDm/B0=
Subject key identifier: A2:07:48:35:06:0E:4C:CE:1E:DB:18:6B:8B:FF:A5:4E:45:4F:81:4F
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 0196B5C702BEF0CBC2EFB7BF304EB40CFAB8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
Manifest number: 0E77
Signing time: Fri 09 May 2025 16:00:40 +0000
Manifest this update: Fri 09 May 2025 16:00:40 +0000
Manifest next update: Sat 10 May 2025 16:00:40 +0000
Files and hashes: 1: 5yn4zHauZM75VAijpeMoQrgxCO4.roa (hash: XNQWDr0wgLOmyX40wHgFFl4XUTUYTIzKWa/lVOSFR8o=)
2: DUHQpubfLhjCVnMjaNbnaCiTExA.crl (hash: A0EOjNmvWNpXfr5fcIxHVOmkhxzkQ2NKHpnfndE7RdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b5:c7:02:be:f0:cb:c2:ef:b7:bf:30:4e:b4:0c:fa:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: May 9 16:00:40 2025 GMT
Not After : May 10 16:00:40 2025 GMT
Subject: CN=a2074835060e4cce1edb186b8bffa54e454f814f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:28:fa:6c:55:43:6f:97:8f:1c:a3:46:23:dd:
9c:05:97:0c:f2:ec:88:33:c7:1d:e5:b6:6b:e6:55:
cf:a1:98:48:63:b3:e0:0b:69:23:cd:d2:de:1e:55:
47:fc:bd:d5:a9:2d:0b:0d:cc:6f:0d:b3:9f:96:0f:
87:df:82:bd:7d:ab:ef:85:65:04:a7:0f:5c:7a:02:
a3:00:8b:e3:e0:9f:95:d9:2e:89:fc:6e:90:8d:fc:
df:58:b9:07:4d:52:22:d7:ea:dc:86:f0:bb:8d:e9:
31:34:1f:2e:b6:2e:bb:7c:10:e4:c4:6b:0d:ac:ad:
74:4e:1c:ca:6a:7c:6d:fb:05:7e:13:56:e0:72:f1:
e4:4e:fe:fc:c2:ef:a7:ed:79:41:7e:ca:17:94:d7:
af:29:36:71:b5:0c:7e:c7:50:7b:67:e6:ba:c7:7c:
fc:5f:8e:0d:db:13:a6:a1:ae:27:e2:8e:ed:21:29:
d6:1d:3b:6f:45:ca:53:2f:74:70:dd:cc:f9:04:b8:
8a:1b:30:08:e6:7b:eb:63:d6:67:59:39:d6:96:4e:
9c:69:64:a8:00:45:a7:8a:3e:7e:8d:94:ad:9a:fb:
99:a0:49:8c:f8:cb:02:7f:ef:d7:aa:c3:be:59:c3:
aa:0a:b1:32:a1:c3:7a:81:41:c4:7d:ec:a9:b0:0f:
53:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:07:48:35:06:0E:4C:CE:1E:DB:18:6B:8B:FF:A5:4E:45:4F:81:4F
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:f0:b3:cc:ea:9c:80:01:9c:0e:ea:91:15:30:f1:4e:9f:dd:
61:6b:35:d0:db:cb:b3:12:de:05:e2:8b:42:7e:07:6e:9c:e2:
2d:c6:0d:03:a2:55:16:0f:5e:26:b3:1e:3f:0a:f3:b2:f9:37:
91:90:a5:b0:cd:32:1b:29:45:5f:3a:c2:a9:c3:53:d0:19:c6:
d0:94:c9:28:e7:b8:21:9b:b7:17:8d:33:b8:f3:78:83:a2:77:
95:1a:f5:87:c4:90:4a:c2:62:7a:e4:8b:77:28:2d:06:f7:77:
b6:29:ca:3c:88:f4:e3:73:09:44:0d:79:16:02:95:20:84:ff:
43:a3:08:72:8d:d5:b8:d6:25:42:e2:f3:9a:88:1c:1c:df:7f:
cb:c2:da:bb:5e:ac:24:81:85:d6:6d:4a:b2:e9:f4:c3:16:1b:
c1:e6:72:4a:48:52:62:36:ae:05:6a:cd:3d:65:3e:4f:82:65:
51:07:7c:92:43:02:d7:3c:05:45:ca:d1:fc:51:3e:5d:b6:b4:
77:28:57:f2:69:b7:c9:e1:ec:e1:a5:96:10:95:9a:f7:d2:8f:
1c:a3:ff:32:92:06:68:c4:b6:7f:dd:dd:7c:e1:d7:13:23:0c:
de:04:a3:ac:23:b6:0b:f3:e5:a0:4e:48:d9:ec:68:40:6d:53:
fe:63:e2:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1xwK+8MvC77e/ME60DPq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjUwNTA5MTYwMDQwWhcNMjUwNTEwMTYwMDQwWjAzMTEwLwYDVQQD
EyhhMjA3NDgzNTA2MGU0Y2NlMWVkYjE4NmI4YmZmYTU0ZTQ1NGY4MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSj6bFVDb5ePHKNGI92cBZcM8uyI
M8cd5bZr5lXPoZhIY7PgC2kjzdLeHlVH/L3VqS0LDcxvDbOflg+H34K9favvhWUE
pw9cegKjAIvj4J+V2S6J/G6QjfzfWLkHTVIi1+rchvC7jekxNB8uti67fBDkxGsN
rK10ThzKanxt+wV+E1bgcvHkTv78wu+n7XlBfsoXlNevKTZxtQx+x1B7Z+a6x3z8
X44N2xOmoa4n4o7tISnWHTtvRcpTL3Rw3cz5BLiKGzAI5nvrY9ZnWTnWlk6caWSo
AEWnij5+jZStmvuZoEmM+MsCf+/XqsO+WcOqCrEyocN6gUHEfeypsA9TJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIHSDUGDkzOHtsYa4v/pU5FT4FPMB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPCzzOqc
gAGcDuqRFTDxTp/dYWs10NvLsxLeBeKLQn4HbpziLcYNA6JVFg9eJrMePwrzsvk3
kZClsM0yGylFXzrCqcNT0BnG0JTJKOe4IZu3F40zuPN4g6J3lRr1h8SQSsJieuSL
dygtBvd3tinKPIj043MJRA15FgKVIIT/Q6MIco3VuNYlQuLzmogcHN9/y8Lau16s
JIGF1m1Ksun0wxYbweZySkhSYjauBWrNPWU+T4JlUQd8kkMC1zwFRcrR/FE+Xba0
dyhX8mm3yeHs4aWWEJWa99KPHKP/MpIGaMS2f93dfOHXEyMM3gSjrCO2C/PloE5I
2exoQG1T/mPi+Q==
-----END CERTIFICATE-----
Generated at Fri May 9 18:07:16 2025 by rpki-client