Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File: H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier: zRltP1+9W5oyAPrtErTmHxQFSNqjCfDwWhz/e4YodVg=
Subject key identifier: A3:49:A2:E9:15:22:86:9B:05:21:E6:3F:2A:0D:4F:9D:8B:D0:58:5E
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0196BA7F404A43C5D47384B7847CC0AF5E70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number: 04FF
Signing time: Sat 10 May 2025 14:00:23 +0000
Manifest this update: Sat 10 May 2025 14:00:23 +0000
Manifest next update: Sun 11 May 2025 14:00:23 +0000
Files and hashes: 1: DKCys4KRYdnrGXDLl1nVf9nVmRA.roa (hash: IaLK2xfRNIne0nZPaZ2/jfh45tolOprh7fcjo3irVI8=)
2: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: NyUH7tooh6DMicI7jQr7umX4/VqoOMo05P+ZsxXhTFY=)
3: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:7f:40:4a:43:c5:d4:73:84:b7:84:7c:c0:af:5e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: May 10 14:00:23 2025 GMT
Not After : May 11 14:00:23 2025 GMT
Subject: CN=a349a2e91522869b0521e63f2a0d4f9d8bd0585e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d8:a1:6f:86:5e:84:e6:c8:b1:b1:5b:47:74:
b2:62:b0:c6:5a:92:80:69:c9:c7:0d:cb:30:a4:4d:
b3:e0:aa:0d:f7:d5:de:44:3b:32:b4:14:08:7f:8c:
d9:ba:a1:f9:68:49:fb:7e:b0:c6:26:f2:de:cc:31:
eb:92:bb:a1:79:cc:27:29:de:44:98:3e:99:6b:ee:
80:45:73:62:d0:ec:36:2b:be:8a:9d:c5:51:0b:f3:
c2:9e:83:0f:e0:3b:fe:69:80:26:a9:06:ca:8f:fc:
9c:6c:66:a7:14:64:af:d4:f0:6e:00:f1:21:a9:1b:
eb:2c:e2:22:c0:29:7f:b8:75:90:4e:a8:10:9b:e5:
d7:8a:24:0b:72:cc:91:00:1c:42:3f:0f:7e:76:aa:
c6:82:c9:4a:b8:8f:06:73:92:e8:5b:20:2c:0c:1f:
32:df:d1:97:00:c0:2a:7c:ca:94:14:5a:c0:a4:76:
c1:6f:c4:61:54:2a:3f:92:83:56:d6:e7:e4:70:6d:
86:d0:ed:6d:81:49:a4:be:56:55:3b:51:d0:29:ab:
27:0a:35:d4:57:f8:51:30:ae:27:d4:36:83:68:0d:
ff:01:98:fa:28:95:e8:fc:ef:ea:42:99:27:69:aa:
03:ef:d6:a8:16:da:5e:f8:8a:6e:16:b2:36:04:a0:
07:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:49:A2:E9:15:22:86:9B:05:21:E6:3F:2A:0D:4F:9D:8B:D0:58:5E
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:9a:73:ec:0e:3c:1a:f9:71:4d:74:82:69:75:05:09:56:39:
f3:eb:d5:73:af:95:be:28:57:f3:3e:1b:22:cc:d8:ae:99:f5:
ee:0c:de:9e:a4:b5:8e:69:76:c1:d9:5d:2d:6f:a8:9c:d5:00:
ed:f7:2f:7d:ed:16:a8:8c:ef:75:b5:86:23:c9:38:d4:8f:15:
10:d0:47:77:65:36:eb:59:24:5a:43:0a:07:ed:d8:9e:5c:a2:
6f:64:23:59:4e:9d:17:b0:35:26:2b:c1:28:09:89:a9:f2:2e:
b6:9b:0e:0c:67:24:8d:e4:3f:df:86:8f:8d:ba:c2:36:f5:1f:
ad:10:93:4b:72:f9:b9:76:50:3d:13:c4:f2:15:ab:80:3f:3d:
3f:55:4e:64:48:85:44:e6:11:4b:19:80:d9:24:ce:d3:3d:5c:
07:9a:b2:a3:36:48:51:73:e8:88:56:91:4a:e4:d3:64:fd:06:
78:fb:67:d2:6e:c2:39:02:92:de:ff:1a:71:11:ae:f4:1a:c3:
5f:e7:80:ef:03:59:61:2e:0d:11:b1:d4:23:ee:64:f3:75:ef:
c1:f2:ec:ee:f1:59:d5:48:16:63:58:b8:73:e9:88:46:e4:e7:
52:0b:fb:51:33:28:87:9a:eb:47:bc:55:77:f4:7b:33:74:c8:
31:22:90:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa6f0BKQ8XUc4S3hHzAr15wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUwNTEwMTQwMDIzWhcNMjUwNTExMTQwMDIzWjAzMTEwLwYDVQQD
EyhhMzQ5YTJlOTE1MjI4NjliMDUyMWU2M2YyYTBkNGY5ZDhiZDA1ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNihb4ZehObIsbFbR3SyYrDGWpKA
acnHDcswpE2z4KoN99XeRDsytBQIf4zZuqH5aEn7frDGJvLezDHrkruhecwnKd5E
mD6Za+6ARXNi0Ow2K76KncVRC/PCnoMP4Dv+aYAmqQbKj/ycbGanFGSv1PBuAPEh
qRvrLOIiwCl/uHWQTqgQm+XXiiQLcsyRABxCPw9+dqrGgslKuI8Gc5LoWyAsDB8y
39GXAMAqfMqUFFrApHbBb8RhVCo/koNW1ufkcG2G0O1tgUmkvlZVO1HQKasnCjXU
V/hRMK4n1DaDaA3/AZj6KJXo/O/qQpknaaoD79aoFtpe+IpuFrI2BKAH8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNJoukVIoabBSHmPyoNT52L0FheMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATJpz7A48
GvlxTXSCaXUFCVY58+vVc6+VvihX8z4bIszYrpn17gzenqS1jml2wdldLW+onNUA
7fcvfe0WqIzvdbWGI8k41I8VENBHd2U261kkWkMKB+3Ynlyib2QjWU6dF7A1JivB
KAmJqfIutpsODGckjeQ/34aPjbrCNvUfrRCTS3L5uXZQPRPE8hWrgD89P1VOZEiF
ROYRSxmA2STO0z1cB5qyozZIUXPoiFaRSuTTZP0GePtn0m7COQKS3v8acRGu9BrD
X+eA7wNZYS4NEbHUI+5k83XvwfLs7vFZ1UgWY1i4c+mIRuTnUgv7UTMoh5rrR7xV
d/R7M3TIMSKQww==
-----END CERTIFICATE-----
Generated at Sat May 10 22:02:34 2025 by rpki-client