Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: 2SA48XFB0kT2NQ+1tGF2U7NCByqhUCQe+fEu/nT5fkc=
Subject key identifier: 1B:93:79:A0:D9:9A:46:16:D0:D1:F7:CD:F2:FB:C5:DC:C0:7C:65:7D
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0196C8E0165CDD6601698A113411950CFBD1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 153C
Signing time: Tue 13 May 2025 09:00:51 +0000
Manifest this update: Tue 13 May 2025 09:00:51 +0000
Manifest next update: Wed 14 May 2025 09:00:51 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: xhC24ihKqNaXdLNj4PG6ZSmp+DoGTSxDrDMaZX7XrxI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 09:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:e0:16:5c:dd:66:01:69:8a:11:34:11:95:0c:fb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: May 13 09:00:51 2025 GMT
Not After : May 14 09:00:51 2025 GMT
Subject: CN=1b9379a0d99a4616d0d1f7cdf2fbc5dcc07c657d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c8:70:f6:fe:30:41:9c:25:66:31:06:2f:be:
8c:1d:9f:7f:f8:48:f0:a8:b7:f8:6d:cd:31:ac:e1:
57:ca:74:6b:8d:6c:6c:d8:d2:d6:42:62:87:63:61:
2b:59:2b:f0:b5:0d:d9:c8:52:b8:b4:0f:1f:df:c0:
1a:c0:af:69:d2:9e:c7:e1:9b:88:b4:a7:cf:64:f5:
27:80:38:3d:35:86:5c:41:7c:60:e5:44:c7:0b:ea:
11:7c:84:5d:41:59:4c:e9:b3:86:78:e2:bc:4e:e7:
08:81:77:8a:c2:52:a7:f8:e9:a0:d5:d1:79:e9:22:
79:70:4c:61:45:e4:8c:fa:6f:c4:8c:ca:33:a2:02:
f6:ab:5b:3c:21:78:dd:ed:04:53:05:51:2f:cc:48:
40:73:08:75:33:b4:9e:b7:cb:9f:9a:3e:f5:da:c0:
50:87:d3:50:16:a0:5f:30:8b:49:5a:80:96:17:70:
4a:a1:f4:3f:19:41:0d:c2:ec:59:23:83:45:6c:2f:
27:90:8b:65:cb:d7:db:56:12:51:95:dd:cc:8c:07:
f6:ed:9d:fc:c2:db:fa:58:da:de:01:28:35:4c:be:
27:14:9c:d7:38:48:e2:c7:4c:4f:07:2a:5e:fe:29:
46:7f:17:cf:21:2b:7a:75:28:cd:a3:af:72:3a:d9:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:93:79:A0:D9:9A:46:16:D0:D1:F7:CD:F2:FB:C5:DC:C0:7C:65:7D
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:67:86:0e:e2:de:67:77:fc:aa:4a:79:17:e2:ea:b2:7f:b5:
ed:b1:d6:d3:ed:c7:8f:77:bf:c8:40:c4:83:c1:c7:14:97:62:
8a:f1:36:b0:5c:1b:65:fe:c5:1f:d0:3d:97:d7:3f:d1:3f:73:
36:80:8c:bf:2c:cf:c9:31:15:ff:55:f1:db:f3:78:1a:aa:43:
4b:f9:0e:76:6e:a9:25:10:ef:9a:49:fc:91:b0:dd:1f:7e:3d:
5d:4f:d2:86:35:4c:98:0e:f3:d1:4f:28:e5:4a:99:87:1b:97:
85:af:43:db:5f:25:7e:a6:64:27:5b:67:9d:af:32:a2:26:84:
d1:b6:8d:c3:fb:6a:fd:64:11:19:25:5c:55:06:0a:de:fe:c0:
4d:cd:64:71:29:c9:ae:11:6d:c6:a3:33:5f:b7:b9:3c:fb:5d:
85:4d:63:64:dd:7d:90:32:55:08:03:42:4c:39:a3:19:fb:0e:
1c:dd:e8:ae:ba:69:42:1b:87:33:d5:8b:29:7a:17:c1:e6:50:
ac:bc:86:7f:57:0a:87:50:c5:22:1c:e5:da:76:88:0c:3d:b0:
84:14:d8:b0:87:a4:3c:d9:2f:91:5f:45:ef:59:68:1d:64:23:
9c:da:90:7c:47:cf:c9:85:00:55:1b:86:69:bd:5a:c1:de:f1:
5c:b5:e0:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbI4BZc3WYBaYoRNBGVDPvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUwNTEzMDkwMDUxWhcNMjUwNTE0MDkwMDUxWjAzMTEwLwYDVQQD
EygxYjkzNzlhMGQ5OWE0NjE2ZDBkMWY3Y2RmMmZiYzVkY2MwN2M2NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48hw9v4wQZwlZjEGL76MHZ9/+Ejw
qLf4bc0xrOFXynRrjWxs2NLWQmKHY2ErWSvwtQ3ZyFK4tA8f38AawK9p0p7H4ZuI
tKfPZPUngDg9NYZcQXxg5UTHC+oRfIRdQVlM6bOGeOK8TucIgXeKwlKn+Omg1dF5
6SJ5cExhReSM+m/EjMozogL2q1s8IXjd7QRTBVEvzEhAcwh1M7Set8ufmj712sBQ
h9NQFqBfMItJWoCWF3BKofQ/GUENwuxZI4NFbC8nkItly9fbVhJRld3MjAf27Z38
wtv6WNreASg1TL4nFJzXOEjix0xPBype/ilGfxfPISt6dSjNo69yOtm+TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuTeaDZmkYW0NH3zfL7xdzAfGV9MB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWeGDuLe
Z3f8qkp5F+Lqsn+17bHW0+3Hj3e/yEDEg8HHFJdiivE2sFwbZf7FH9A9l9c/0T9z
NoCMvyzPyTEV/1Xx2/N4GqpDS/kOdm6pJRDvmkn8kbDdH349XU/ShjVMmA7z0U8o
5UqZhxuXha9D218lfqZkJ1tnna8yoiaE0baNw/tq/WQRGSVcVQYK3v7ATc1kcSnJ
rhFtxqMzX7e5PPtdhU1jZN19kDJVCANCTDmjGfsOHN3orrppQhuHM9WLKXoXweZQ
rLyGf1cKh1DFIhzl2naIDD2whBTYsIekPNkvkV9F71loHWQjnNqQfEfPyYUAVRuG
ab1awd7xXLXgEA==
-----END CERTIFICATE-----
Generated at Tue May 13 14:50:29 2025 by rpki-client