Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: vbaB4sJPddxRRvT+7XcSyEEycLWjb41oEJ1GNCph1V4=
Subject key identifier: 8C:57:57:35:E2:45:23:D2:49:68:0F:20:07:51:EF:77:F3:B8:B5:F3
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 0196A051A9D7695BF40A468631C8A48FF0F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 032A
Signing time: Mon 05 May 2025 12:00:28 +0000
Manifest this update: Mon 05 May 2025 12:00:28 +0000
Manifest next update: Tue 06 May 2025 12:00:28 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: bm3kZVrX1k0fnpNsx0urDhd0PyMRNFDKmCrT23WZ2sM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:51:a9:d7:69:5b:f4:0a:46:86:31:c8:a4:8f:f0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: May 5 12:00:28 2025 GMT
Not After : May 6 12:00:28 2025 GMT
Subject: CN=8c575735e24523d249680f200751ef77f3b8b5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5b:a0:ec:5c:49:c3:f7:0f:97:9a:d8:e0:b8:
12:82:ac:22:4e:52:13:3b:0d:3c:c5:69:44:5f:59:
90:a1:ce:04:03:e3:99:eb:6b:c7:7c:2d:fe:a1:9d:
1b:79:e4:fe:da:cc:99:ca:5f:ce:85:2a:ab:26:dd:
df:3e:56:e0:1a:19:f5:fb:38:50:ba:92:a6:8d:fe:
fc:bc:6e:85:90:49:6f:9c:c1:36:d5:b9:fa:52:73:
96:b5:09:d8:c0:48:11:a6:f1:1c:fd:2f:1b:90:c9:
64:70:d7:4f:a1:6f:03:af:de:36:40:9e:90:dc:09:
5f:53:e2:03:9d:f7:a9:c1:f7:9a:98:9f:78:6b:76:
d2:fb:83:e7:ab:d4:60:f8:22:8b:f5:9d:dd:07:1e:
7f:38:2a:32:06:24:84:a2:8a:05:60:70:0b:2a:2f:
32:ef:6a:5f:b1:85:c6:6d:93:1f:93:73:36:ce:06:
f9:71:6a:31:16:e3:0f:02:ec:dc:3e:71:f2:d4:5b:
d8:b1:6b:39:20:d5:d9:eb:a1:c6:05:8d:20:75:86:
09:09:c8:48:bf:a6:ac:7c:e7:e8:24:c9:e6:03:9c:
5e:f8:c9:d9:ec:49:87:35:d4:73:4a:33:d8:a7:fa:
fd:61:4d:9e:a0:80:78:5c:db:ea:e2:e8:19:11:e6:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:57:57:35:E2:45:23:D2:49:68:0F:20:07:51:EF:77:F3:B8:B5:F3
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:d5:cf:89:c7:74:6a:dc:27:3e:89:9b:25:53:22:57:78:35:
4b:90:85:7f:17:a1:76:28:a8:af:ab:62:f5:8a:cd:94:0b:8f:
34:58:00:74:6b:6c:85:bb:11:66:73:db:e9:de:60:27:10:09:
9a:2d:00:56:7e:f5:a7:0b:bc:34:3b:e3:2f:a7:09:a2:7b:87:
88:56:8a:2e:58:0a:a3:a4:2b:6c:8d:01:1e:c1:03:35:a3:de:
c3:bc:17:fe:73:f3:2b:95:fd:7b:e7:67:b7:6a:01:ad:c5:3b:
15:07:a3:9d:44:36:59:8f:8f:23:9b:a3:5e:fc:31:19:e5:70:
7a:c5:18:9a:16:f9:72:84:67:d2:5d:e2:1b:20:1b:4f:6b:7e:
52:21:63:81:0a:64:32:41:05:95:98:d6:fb:11:7d:f0:9a:47:
1f:98:d4:e3:01:72:5a:b7:ca:b0:b6:aa:3c:5b:17:e4:6b:3a:
8f:ae:46:4b:c2:c7:66:bd:24:47:8f:93:eb:a4:83:39:b7:53:
7a:3a:99:06:5a:62:44:f0:f4:07:e6:e1:09:bb:c8:6f:74:23:
cb:6c:f1:06:33:14:58:31:67:c8:c1:69:a2:00:4f:df:5b:8b:
f3:12:80:8a:22:a0:ae:59:99:c6:2a:ce:9e:87:3c:46:18:55:
9d:44:24:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagUanXaVv0CkaGMcikj/D4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwNTA1MTIwMDI4WhcNMjUwNTA2MTIwMDI4WjAzMTEwLwYDVQQD
Eyg4YzU3NTczNWUyNDUyM2QyNDk2ODBmMjAwNzUxZWY3N2YzYjhiNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31ug7FxJw/cPl5rY4LgSgqwiTlIT
Ow08xWlEX1mQoc4EA+OZ62vHfC3+oZ0beeT+2syZyl/OhSqrJt3fPlbgGhn1+zhQ
upKmjf78vG6FkElvnME21bn6UnOWtQnYwEgRpvEc/S8bkMlkcNdPoW8Dr942QJ6Q
3AlfU+IDnfepwfeamJ94a3bS+4Pnq9Rg+CKL9Z3dBx5/OCoyBiSEoooFYHALKi8y
72pfsYXGbZMfk3M2zgb5cWoxFuMPAuzcPnHy1FvYsWs5INXZ66HGBY0gdYYJCchI
v6asfOfoJMnmA5xe+MnZ7EmHNdRzSjPYp/r9YU2eoIB4XNvq4ugZEeY35QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxXVzXiRSPSSWgPIAdR73fzuLXzMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitXPicd0
atwnPombJVMiV3g1S5CFfxehdiior6ti9YrNlAuPNFgAdGtshbsRZnPb6d5gJxAJ
mi0AVn71pwu8NDvjL6cJonuHiFaKLlgKo6QrbI0BHsEDNaPew7wX/nPzK5X9e+dn
t2oBrcU7FQejnUQ2WY+PI5ujXvwxGeVwesUYmhb5coRn0l3iGyAbT2t+UiFjgQpk
MkEFlZjW+xF98JpHH5jU4wFyWrfKsLaqPFsX5Gs6j65GS8LHZr0kR4+T66SDObdT
ejqZBlpiRPD0B+bhCbvIb3Qjy2zxBjMUWDFnyMFpogBP31uL8xKAiiKgrlmZxirO
noc8RhhVnUQkZw==
-----END CERTIFICATE-----
Generated at Mon May 5 21:32:09 2025 by rpki-client