Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: R8yCw/U1xq6mbmaPJlDROOVOlUZOE0ddoVFwb/YK2+8=
Subject key identifier: ED:09:E1:1A:86:58:9C:93:CD:FC:76:B1:C5:B0:E8:E8:AC:83:20:5C
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 0196A051A1FC6920B73F0AE0E2136BBF3639
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 12D2
Signing time: Mon 05 May 2025 12:00:26 +0000
Manifest this update: Mon 05 May 2025 12:00:26 +0000
Manifest next update: Tue 06 May 2025 12:00:26 +0000
Files and hashes: 1: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: 06R88zIUoXG/SMTppTU5a2yH4MLbgsyTS1jEA8rK7oo=)
2: jHj1kA03qC8i8hguuEC8ASnj4XQ.roa (hash: 6J5ezyoc/LI46xWXhW/cUUltYyOZg4CBJG0jaVAl1nQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:51:a1:fc:69:20:b7:3f:0a:e0:e2:13:6b:bf:36:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: May 5 12:00:26 2025 GMT
Not After : May 6 12:00:26 2025 GMT
Subject: CN=ed09e11a86589c93cdfc76b1c5b0e8e8ac83205c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:25:ee:ec:b9:2a:d1:bb:e3:d5:c7:d2:d0:
86:f6:ab:49:32:40:20:96:d6:ec:bc:a2:a3:2a:e4:
60:75:bd:70:f8:d3:2d:d1:78:d5:34:d7:55:a5:5d:
69:02:bc:6a:3c:b0:30:b3:2b:12:79:16:44:d4:50:
fb:23:aa:78:af:be:e4:c8:82:ea:94:16:50:1e:e9:
05:5f:c3:69:bb:dc:46:c8:e6:6b:67:0f:ff:ac:8d:
02:c4:58:44:b9:33:9a:31:32:c7:d1:be:2e:42:24:
5b:8a:a4:cf:d4:85:f1:54:81:48:f8:13:0b:ef:f8:
d9:35:6f:30:67:f9:2e:b9:be:cc:fc:c8:bd:93:a1:
60:04:aa:fe:74:19:ec:92:7e:d7:8e:f0:86:7f:46:
51:1d:29:e8:f2:45:fa:3d:e4:36:0a:c3:43:2b:55:
29:71:58:9c:75:46:8e:04:51:f3:23:d0:b7:7e:a5:
53:3f:6f:a3:7d:13:b9:90:9a:dd:95:54:47:48:87:
d6:e5:c2:a8:55:be:16:fb:41:01:d7:9d:7f:bb:30:
4c:d6:ce:f5:fb:af:76:a9:21:57:03:87:07:ee:7e:
2a:ce:d4:24:02:a5:63:60:92:bd:66:50:c5:33:95:
42:8c:80:2b:7a:ba:23:d8:a3:68:6e:2b:c2:48:db:
6f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:09:E1:1A:86:58:9C:93:CD:FC:76:B1:C5:B0:E8:E8:AC:83:20:5C
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:df:aa:e6:79:d7:a8:83:a1:c7:6e:42:75:cd:c4:7e:f9:75:
4d:b4:51:3e:3d:20:8a:9a:2a:de:20:d1:23:b5:a0:dd:17:a4:
08:3d:6c:dc:04:8c:30:d9:1c:db:67:6a:c9:80:cc:c8:17:95:
ed:e5:8a:d7:c5:52:fe:93:35:1d:74:88:26:d7:4d:18:be:a0:
3f:2e:a4:fa:2d:ed:a9:44:6d:a4:cf:99:f1:ae:54:14:0c:20:
7e:f2:48:1b:9f:da:1a:b3:95:fd:5d:f2:e6:dc:13:2f:4e:40:
98:f9:29:35:0a:43:fd:9c:64:ac:a0:5f:86:24:50:28:8d:a6:
0b:d2:81:3d:36:c8:6c:c4:88:e2:45:4b:ab:2f:f4:50:d2:db:
fd:de:da:00:4e:ef:72:fa:10:d6:1e:39:67:de:80:8e:82:a7:
b2:2c:6e:20:ce:4c:25:2f:12:2a:e8:bf:f9:2a:36:96:92:ba:
94:d1:12:60:1a:e8:f3:f2:cd:9b:c8:a4:bc:2a:ed:1b:72:59:
95:ff:ba:e7:5e:80:4a:0d:12:4f:de:92:ce:ce:25:1d:af:65:
9d:97:78:a2:17:6d:9b:c8:36:3d:46:6e:43:7b:83:5d:c8:b9:
1d:b5:64:63:86:d6:f2:c1:9e:62:8d:e6:fc:b6:6b:dc:bb:53:
eb:e3:38:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagUaH8aSC3Pwrg4hNrvzY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjUwNTA1MTIwMDI2WhcNMjUwNTA2MTIwMDI2WjAzMTEwLwYDVQQD
EyhlZDA5ZTExYTg2NTg5YzkzY2RmYzc2YjFjNWIwZThlOGFjODMyMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+Al7uy5KtG749XH0tCG9qtJMkAg
ltbsvKKjKuRgdb1w+NMt0XjVNNdVpV1pArxqPLAwsysSeRZE1FD7I6p4r77kyILq
lBZQHukFX8Npu9xGyOZrZw//rI0CxFhEuTOaMTLH0b4uQiRbiqTP1IXxVIFI+BML
7/jZNW8wZ/kuub7M/Mi9k6FgBKr+dBnskn7XjvCGf0ZRHSno8kX6PeQ2CsNDK1Up
cVicdUaOBFHzI9C3fqVTP2+jfRO5kJrdlVRHSIfW5cKoVb4W+0EB151/uzBM1s71
+692qSFXA4cH7n4qztQkAqVjYJK9ZlDFM5VCjIAreroj2KNobivCSNtv1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0J4RqGWJyTzfx2scWw6OisgyBcMB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARt+q5nnX
qIOhx25Cdc3Efvl1TbRRPj0gipoq3iDRI7Wg3RekCD1s3ASMMNkc22dqyYDMyBeV
7eWK18VS/pM1HXSIJtdNGL6gPy6k+i3tqURtpM+Z8a5UFAwgfvJIG5/aGrOV/V3y
5twTL05AmPkpNQpD/ZxkrKBfhiRQKI2mC9KBPTbIbMSI4kVLqy/0UNLb/d7aAE7v
cvoQ1h45Z96AjoKnsixuIM5MJS8SKui/+So2lpK6lNESYBro8/LNm8ikvCrtG3JZ
lf+6516ASg0ST96Szs4lHa9lnZd4ohdtm8g2PUZuQ3uDXci5HbVkY4bW8sGeYo3m
/LZr3LtT6+M4/g==
-----END CERTIFICATE-----
Generated at Mon May 5 14:39:59 2025 by rpki-client