Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
File: hbYRoLfUM0t6I5XozOew48m4OOg.mft (raw, json)
Hash identifier: fqzhTlRpTbQhXn+GoBKQLcpi9uRxZpcXdAgixJfGcLM=
Subject key identifier: B2:33:87:31:6F:CE:B4:A0:F1:B8:1B:B2:CF:B7:8E:97:42:0B:EE:6C
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 0196C8DFA17072C6F18EB33016A4111BC8D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
Manifest number: 1042
Signing time: Tue 13 May 2025 09:00:21 +0000
Manifest this update: Tue 13 May 2025 09:00:21 +0000
Manifest next update: Wed 14 May 2025 09:00:21 +0000
Files and hashes: 1: GqM4YVlqC8-erWafuFUuhTFle_c.roa (hash: i4cVcC9yh3IAaqw92giD4QCQEZ24C42b9AxtQz5mdqI=)
2: V5ey2q7KwpxyFqlUebHjJUU7ouc.roa (hash: Yxgk3WfNc3AICgrW7BBAgfdy4JGwXPs53GHlVT7wvGA=)
3: hbYRoLfUM0t6I5XozOew48m4OOg.crl (hash: kX/7HA7sZ5nSiR4DjotWmvP67PrU2sb132LIRfgQLcc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 09:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:df:a1:70:72:c6:f1:8e:b3:30:16:a4:11:1b:c8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: May 13 09:00:21 2025 GMT
Not After : May 14 09:00:21 2025 GMT
Subject: CN=b23387316fceb4a0f1b81bb2cfb78e97420bee6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:14:cb:de:23:d0:3f:b3:67:1c:92:0f:fb:35:
98:96:07:dc:d9:d1:6b:cf:6f:f4:c9:bb:e0:8c:d6:
45:43:24:ea:73:dc:1d:51:6f:70:c4:25:e6:87:6b:
41:75:50:28:90:68:63:6e:cf:59:11:4c:59:f7:32:
3a:b3:15:bc:66:c4:3b:10:e2:4f:77:dd:b9:2e:0d:
f5:0a:4d:f4:d0:d9:88:3c:12:96:d0:db:c9:1d:cc:
8f:cd:c6:04:4d:dd:6f:98:9c:fc:a7:01:52:12:07:
74:fc:42:b5:f4:47:9d:d0:e4:22:84:0b:07:70:53:
b1:69:82:a2:b2:bc:f4:42:e1:86:40:4a:8f:98:c1:
d9:9d:69:05:16:d5:e1:19:d0:8c:20:1d:55:76:25:
66:99:c7:0d:4b:a2:06:f3:7c:e4:c1:7a:38:e8:d7:
4b:e4:49:bc:fa:6b:2e:96:cb:53:f1:c5:02:c7:ae:
9a:9f:fe:ec:de:66:74:fa:4c:75:31:12:b9:08:2f:
00:11:d1:fd:68:f0:89:e9:31:ba:1f:4d:2e:9a:c2:
66:fd:5b:40:df:55:63:e7:76:56:e9:ca:d1:b9:3d:
75:ae:a4:ab:00:de:da:6a:75:c2:30:c0:e6:a2:b0:
5c:9a:a1:ca:1f:c9:d6:33:36:13:22:49:66:9e:3a:
07:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:33:87:31:6F:CE:B4:A0:F1:B8:1B:B2:CF:B7:8E:97:42:0B:EE:6C
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:34:00:23:1b:ce:8c:9b:d6:6c:ef:63:de:ad:37:bd:f0:de:
60:4b:de:dd:6f:35:89:f3:ba:62:e7:c0:d5:5e:ad:1e:f1:b0:
ef:63:c3:85:db:4a:3d:54:a9:4f:ea:de:17:fe:0a:58:a2:45:
33:76:e3:bf:e3:f5:d9:12:97:15:83:f6:bb:47:23:f3:08:56:
42:01:f6:04:92:31:08:f8:0f:92:47:d6:d8:f2:5f:d4:33:32:
49:27:a7:d7:99:cc:69:2f:04:4d:41:61:35:4b:63:4a:ef:20:
e8:04:de:f6:80:04:6d:41:c9:aa:6d:ff:55:47:77:77:af:dd:
d1:14:c4:07:e9:23:97:3b:a1:42:96:05:61:0d:05:6f:75:88:
8d:29:31:d8:b2:5b:80:6e:d2:ee:ca:6c:b7:19:25:70:cd:cb:
db:f4:46:1b:c9:0d:84:d3:1a:fa:ab:b2:80:c0:b0:59:c7:76:
35:c7:94:18:6b:0a:f2:6e:82:55:65:79:dd:62:52:47:94:e1:
77:c3:51:07:14:44:40:16:ad:50:91:f1:31:5b:84:99:26:60:
77:be:3f:36:ef:11:13:dc:b1:d9:0b:c8:3f:5c:77:c2:1c:cb:
a4:ae:d2:f1:ac:7a:30:c2:5f:58:8d:ed:49:6c:01:95:f3:04:
8c:f8:1b:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbI36FwcsbxjrMwFqQRG8jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjUwNTEzMDkwMDIxWhcNMjUwNTE0MDkwMDIxWjAzMTEwLwYDVQQD
EyhiMjMzODczMTZmY2ViNGEwZjFiODFiYjJjZmI3OGU5NzQyMGJlZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxTL3iPQP7NnHJIP+zWYlgfc2dFr
z2/0ybvgjNZFQyTqc9wdUW9wxCXmh2tBdVAokGhjbs9ZEUxZ9zI6sxW8ZsQ7EOJP
d925Lg31Ck300NmIPBKW0NvJHcyPzcYETd1vmJz8pwFSEgd0/EK19Eed0OQihAsH
cFOxaYKisrz0QuGGQEqPmMHZnWkFFtXhGdCMIB1VdiVmmccNS6IG83zkwXo46NdL
5Em8+msulstT8cUCx66an/7s3mZ0+kx1MRK5CC8AEdH9aPCJ6TG6H00umsJm/VtA
31Vj53ZW6crRuT11rqSrAN7aanXCMMDmorBcmqHKH8nWMzYTIklmnjoHjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIzhzFvzrSg8bgbss+3jpdCC+5sMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnDQAIxvO
jJvWbO9j3q03vfDeYEve3W81ifO6YufA1V6tHvGw72PDhdtKPVSpT+reF/4KWKJF
M3bjv+P12RKXFYP2u0cj8whWQgH2BJIxCPgPkkfW2PJf1DMySSen15nMaS8ETUFh
NUtjSu8g6ATe9oAEbUHJqm3/VUd3d6/d0RTEB+kjlzuhQpYFYQ0Fb3WIjSkx2LJb
gG7S7spstxklcM3L2/RGG8kNhNMa+quygMCwWcd2NceUGGsK8m6CVWV53WJSR5Th
d8NRBxREQBatUJHxMVuEmSZgd74/Nu8RE9yx2QvIP1x3whzLpK7S8ax6MMJfWI3t
SWwBlfMEjPgbNw==
-----END CERTIFICATE-----
Generated at Tue May 13 18:11:22 2025 by rpki-client