Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: p1g9Cn9RS0px6kAVUL2pvHyYOzL5EPiBxrbNApIQXmA=
Subject key identifier: 64:60:74:4D:96:1C:3C:5B:5F:2C:64:B1:09:D5:DC:F6:22:41:91:21
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 0196A01AF9A65B2C8679F22B7B7FEEBBD1F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 1529
Signing time: Mon 05 May 2025 11:00:44 +0000
Manifest this update: Mon 05 May 2025 11:00:44 +0000
Manifest next update: Tue 06 May 2025 11:00:44 +0000
Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: UgGPe5w7TtH6udraHyQAbIy/weL3SZJ6ITsec9dIBhk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:1a:f9:a6:5b:2c:86:79:f2:2b:7b:7f:ee:bb:d1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: May 5 11:00:44 2025 GMT
Not After : May 6 11:00:44 2025 GMT
Subject: CN=6460744d961c3c5b5f2c64b109d5dcf622419121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:85:20:21:d0:b2:cb:b6:57:dd:e4:19:fb:
01:90:5e:5f:0c:19:01:c2:f4:52:d3:85:6e:4e:c6:
ab:04:42:82:46:78:1e:01:0f:86:d4:45:8f:26:31:
4a:ca:2a:57:e2:79:c4:a0:6c:fd:b2:62:0f:16:31:
f7:c2:fa:58:cc:a6:2c:b0:a4:b3:b7:93:2e:5e:84:
a7:6f:58:ee:a4:b9:d0:ca:76:4f:a4:f9:41:67:61:
03:c4:e6:10:70:73:2e:ca:5e:df:41:20:82:3a:bc:
c7:a1:e1:d7:f4:4f:a8:10:70:78:c7:48:34:35:55:
33:99:cb:d2:6c:79:d2:74:e3:a9:6b:b8:47:5a:56:
db:2c:a1:a2:86:eb:a6:cf:8a:86:b4:b7:d9:98:4c:
c6:12:3d:d2:0a:d6:b8:da:dc:11:57:95:cb:6b:7d:
36:c7:d2:33:24:1e:13:15:a3:ee:a3:c1:d3:e1:05:
98:24:ba:a0:96:d1:b5:57:52:3e:a5:52:1b:10:36:
66:85:4f:ec:ba:2d:77:20:21:bb:d9:4c:df:29:ac:
e9:4a:92:a7:7f:28:ed:cd:2e:c7:f6:56:b4:e4:62:
8c:29:5e:a2:ee:84:d9:38:a5:b4:13:91:c2:cb:2b:
18:0c:6b:4f:04:d8:4a:86:44:2e:e0:6d:94:9e:26:
f4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:60:74:4D:96:1C:3C:5B:5F:2C:64:B1:09:D5:DC:F6:22:41:91:21
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:2b:22:9b:17:5e:c0:8d:2b:27:41:88:f5:77:f5:ba:1d:7a:
3f:4a:5d:df:67:44:f1:fc:55:a4:21:ba:9a:60:bd:ae:03:73:
e6:fb:a3:02:d9:ff:cc:39:8e:d8:a0:d1:88:13:ba:7c:b3:3d:
ec:d7:0b:e4:9d:b7:92:cc:85:34:a7:62:a6:8d:c9:b5:ec:76:
68:c1:ea:41:01:65:b1:b7:7f:b4:c0:e5:c3:93:0d:ed:1c:5e:
aa:c1:b3:c5:a1:fc:50:e2:c9:ec:8a:65:78:de:0d:ef:8c:2b:
9a:ab:cf:c6:f5:74:ee:1b:2d:6b:e6:91:54:f2:c2:ab:12:12:
ef:8b:73:d7:0f:3f:98:16:35:ef:65:db:df:17:09:6f:04:04:
8c:82:5d:9d:08:ca:cc:76:d8:05:e9:4c:5e:58:bd:fa:d1:10:
f7:35:4b:72:53:60:fb:18:03:11:2b:f9:df:66:a8:60:8f:ae:
3a:8a:f3:dc:14:5a:10:c6:85:0e:0d:67:09:e3:07:32:79:2b:
df:f9:8c:12:8b:63:fe:a6:a1:b2:61:14:be:ee:d9:3b:16:b2:
e2:9f:f6:13:b8:8f:d0:ad:8b:d0:5f:67:40:da:15:6d:63:24:
e6:c7:40:0d:bf:79:ad:61:97:8d:96:0c:9b:6c:e9:ee:9c:96:
58:50:b4:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagGvmmWyyGefIre3/uu9H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwNTA1MTEwMDQ0WhcNMjUwNTA2MTEwMDQ0WjAzMTEwLwYDVQQD
Eyg2NDYwNzQ0ZDk2MWMzYzViNWYyYzY0YjEwOWQ1ZGNmNjIyNDE5MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvCFICHQssu2V93kGfsBkF5fDBkB
wvRS04VuTsarBEKCRngeAQ+G1EWPJjFKyipX4nnEoGz9smIPFjH3wvpYzKYssKSz
t5MuXoSnb1jupLnQynZPpPlBZ2EDxOYQcHMuyl7fQSCCOrzHoeHX9E+oEHB4x0g0
NVUzmcvSbHnSdOOpa7hHWlbbLKGihuumz4qGtLfZmEzGEj3SCta42twRV5XLa302
x9IzJB4TFaPuo8HT4QWYJLqgltG1V1I+pVIbEDZmhU/sui13ICG72UzfKazpSpKn
fyjtzS7H9la05GKMKV6i7oTZOKW0E5HCyysYDGtPBNhKhkQu4G2Unib0WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRgdE2WHDxbXyxksQnV3PYiQZEhMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCsimxde
wI0rJ0GI9Xf1uh16P0pd32dE8fxVpCG6mmC9rgNz5vujAtn/zDmO2KDRiBO6fLM9
7NcL5J23ksyFNKdipo3Jtex2aMHqQQFlsbd/tMDlw5MN7RxeqsGzxaH8UOLJ7Ipl
eN4N74wrmqvPxvV07hsta+aRVPLCqxIS74tz1w8/mBY172Xb3xcJbwQEjIJdnQjK
zHbYBelMXli9+tEQ9zVLclNg+xgDESv532aoYI+uOorz3BRaEMaFDg1nCeMHMnkr
3/mMEotj/qahsmEUvu7ZOxay4p/2E7iP0K2L0F9nQNoVbWMk5sdADb95rWGXjZYM
m2zp7pyWWFC03Q==
-----END CERTIFICATE-----
Generated at Mon May 5 16:29:01 2025 by rpki-client